Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security United Kingdom Your Rights Online

Are UK Police Hacking File-Sharers' Computers? 177

Posted by samzenpus
from the cop-in-the-machine dept.
superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"
This discussion has been archived. No new comments can be posted.

Are UK Police Hacking File-Sharers' Computers?

Comments Filter:
  • by Anonymous Coward on Friday February 17, 2012 @03:07AM (#39071653)

    Cool when you're watching nefarious plotting on Taggert or Law and Order: UK but not so funny when it's you. And the accusation is that you're depriving a Hollywood mogul .00000001 per cent of a payment on this third Mercedes.

  • huh? (Score:4, Interesting)

    by Anonymous Coward on Friday February 17, 2012 @03:08AM (#39071655)
    "a number of site users have deleted their download histories" What does that even mean? Cleared their IE Browsing History? Deleted their Chome cache? Removed things from FireFox's "Recent Downloads" folder?
  • Re:huh? (Score:5, Interesting)

    by dgatwood (11270) on Friday February 17, 2012 @03:30AM (#39071745) Journal

    It probably means that the JavaScript/CSS trick for determining what sites you've visited no longer shows that the IP number of believed downloaders have visited those sites. Which probably just means the government authorities in question don't know what "dynamic IP" means, but I digress....

  • Re:Browser exploits? (Score:4, Interesting)

    by Captain Hook (923766) on Friday February 17, 2012 @03:49AM (#39071803)
    My guess would be the former... They just don't understand the technology.

    Don't get me wrong, they probably do have staff who do understand, it's just that those staff aren't the ones communicating with people outside SOCA. For that matter, I don't think those people even understand criminal investigation either. Look at that industry sponsored message they had on the domain seizure notice.
  • What Judge? (Score:5, Interesting)

    by dutchwhizzman (817898) on Friday February 17, 2012 @03:59AM (#39071861)
    What judge granted the 15 million claim? You can't take down people's businesses just because someone claims they are costing them money in illegal damages. If that's the truly a fact, they could sue in court for the losses. Once the losses were validated by a Judge, they could first ask the losses to be paid. If those weren't paid, they could have the assets of the business confiscated. Maybe *then* you would have a case for taking down the website, but not before.
  • Re:Browser exploits? (Score:5, Interesting)

    by wvmarle (1070040) on Friday February 17, 2012 @04:06AM (#39071891)

    This JS history snooping sounds plausible, technically, but maybe not so practically. Besides the question of whether running such a script is legal: how did they manage to run those scrips?

    To run such a history snooping script, a user has to visit a web site that runs said script. It's not likely the torrent site will do this for the authorities. It is also not likely that users will regularly visit anti-piracy web sites. They may visit it once, to get some information or out of curiousity, but well not much to repeat visits for.

    Or is it done by the ISP? Who then would basically inject a js part into web pages the user downloads? Doesn't sound like a nice thing to do, to say the least.

    Besides, such scripts afaik can only do something like "did you visit slashdot.org?": asking for specific URLs. I have not heard of a way to ask a browser "please tell me all sites this user has visited, and all urls which include slashdot.org". The first example shows whether or not the user visited the home page, the second example would give a list of all stories the user has opened, comments they opened, etc. You'd need the second method to be able to query a user's history for specific downloads.

    Information from the browser cache determines whether to redownload a file, but the cache should be site-specific. Even if one site asks to download parts from another site, the browser should just reply "done" when the request is processed, regardless of whether that bit is locally available already or that it had to be downloaded.

    The only legal way to obtain download histories would be if the user has a public profile on a web site that lists that user's download history (not likely) or that they would indeed come with a search warrant, confiscate the user's computer, and analyse its contents (even less likely).

    So all in all this sounds like an illegal hacking action by the UK police.

  • Re:Serious? (Score:5, Interesting)

    by whyloginwhysubscribe (993688) on Friday February 17, 2012 @04:45AM (#39072041)
    It is funny that their take-down notice is copyrighted itself too. They should take-down the zdnet article for re-printing a screenshot of it, and then replace it with the actual page that the screen shot is of.

    It is worth following JackOfKent on twitter for his insight into this. He noted that the take-down notice could actually be a contempt of court [twitter.com].
  • Re:Browser exploits? (Score:5, Interesting)

    by RagingMaxx (793220) on Friday February 17, 2012 @04:50AM (#39072063) Homepage

    My guess would be that the authorities may have included such a Javascript in the 'scare page' that is currently replacing the regular site. Regular visitors return to the site by following a bookmark, etc, and while the scare page is open in their browser the Javascript runs.

    It would have likely been a part of the initial investigation to either set up a crawler to index the site before it was taken down, or simply pull down the RSS feed of new posts and scrape them for hrefs pointing to mp3s or otherwise. They could thus compile a list of "downloadable" files which had appeared on the blog.

    Once the scare page has been put up, they could use the Javascript on the page to fetch lists of these download URLs, insert them into a hidden div on the page, and check each URL's "visited" status in unpatched browsers, sending the results back to the server asynchronously and logging them along with the IP and any other browser stats of the user in question. In this way they could glean data about which files from the site the current user had downloaded.

    Now, assuming the above is even close to what happened in reality, I would guess that the site in question has had a large number of hits from curious bystanders (ie the slashdot / HN crowd) since the scare page went up, most of whom would have "clean" download histories as they had never visited the site during its operation. Maybe the people gathering stats have misinterpreted this as "lots of users who cleared their download history" before returning to the site.

    Hooray for speculation!

  • by Whibla (210729) on Friday February 17, 2012 @07:39AM (#39072787)

    * It's actually illegal to so much as rip your purchased CD onto a portable player for convenience in the UK

    Not for long, hopefully! Proposed Changes [bbc.co.uk]

    As one of the talking heads is quoted as saying in the above linked article:

    "The review pointed out that if you have a situation where 90% of your population is doing something, then it's not really a very good law,"

    A 'rare' and sensible insight! Now let's hope the government can get a move on actually passing it, as a bill, through Parliment.

  • My letter to SOCA (Score:5, Interesting)

    by ODBOL (197239) on Friday February 17, 2012 @10:40AM (#39074823) Homepage

    Here's what I sent them. If I had been wider awake, I would have skipped the last paragraph. I enjoyed writing it, but sarcasm is almost always counterproductive.

    Dear SOCA,

    When I saw the takedown notice at RnBXclusive, I was sure that it was a spoof. The bald statements about the guilt of "the individuals behind this website," apparently unproved in court, the threats of prosecution to myself, and the speculative claims about the "future of the music industry," seemed too absurd to be written by a serious law enforcement agency. Then, the advertisement for pro-music.org at the end made it clear that this was either a spoof by pro-music, or more likely by an opponent trying to embarrass pro-music.

    I was astonished to find acknowledgment on your own web site that this absurd text was indeed your own.

    I never heard of RnBXclusive before, and have no opinion whatsoever regarding the legality of the behavior of "the individuals behind" that website, nor your takedown of the site and reported arrest of the "individuals." But I hope that you will be more careful in the future to post only relevant and sensible notices that stay well within the scope of your legal mission.

    I recommend to you the Electronic Frontier Foundation (www.eff.org) as a source of careful analysis of online behavior by individuals, corporations, governments, and law enforcement agencies. They do not appear to have posted any specific comments about RnBXclusive, SOCA, or your recent arrest and DNS takeover, but they can provide some of the best advice available when consulted.

    If you must advertise legal sources of music downloads, let me recommend my favorite, magnatune.com, which is not represented by those "behind" the pro-music.org website, and which will perhaps suffer competitively from your public endorsement of pro-music.org.

    Sincerely Yours,

    Michael J. O'Donnell
    The University of Chicago

  • by Moryath (553296) on Friday February 17, 2012 @10:58AM (#39075045)

    Proving that megacorps have more rights than people... I'll believe corporations are people when texas successfully executes one.

    Till then:
    - You commit a felony, you go to jail and lose your voting rights.
    - Corporation commits a felony: no jail time, a pittance of a settlement/fine, and they still have the right to buy off elected representatives with unlimited campaign contributions.

    Anyone else disgusted?

  • by dryeo (100693) on Friday February 17, 2012 @11:20AM (#39075339)

    Actually the whole feudal idea of felons and the segregation that goes with it is pretty disgusting. Basic rights should only be able to be taken away by the judiciary using due process. Even the American Constitution writers reconized that, which is why they have the ban on letters of attainment.
    America and Nigeria I believe are the only countries still with the idea that whole classes of citizens should lose rights permanently for doing something stupid when young, even after they've payed the price.

The use of anthropomorphic terminology when dealing with computing systems is a symptom of professional immaturity. -- Edsger Dijkstra

Working...