Anti-piracy Vigilantes Tracking P2P Users 864
brevard writes "From SecurityFocus comes news that a pair of coders with a deep hatred of software pirates have gone public with a months-old experiment to trick file sharers into running custom spyware they wrote that scolds users and phones home to a server. They circulated the program disguised as sought-after downloads like Unreal Tournament 2004 and Microsoft source code, and they have a website that updates in real time whever someone executes it. They've logged IP addresses for over 12,000 'pirates' since January. The EFF says the vigilantes may be committing a crime."
Trojans (Score:5, Insightful)
Re:Trojans (Score:5, Interesting)
Actually, I think this is pretty clever.
Re:Trojans (Score:3, Insightful)
This is soooo stupid on their part.
Re:Trojans (Score:5, Insightful)
Re:Trojans (Score:5, Funny)
Its still illegal (Score:4, Informative)
Just like the drug dealer, he's still commiting a crime by selling, regardless of the crime you committed by purchasing..
The Feds could also demand their logs..
Re:Trojans (Score:5, Insightful)
This also goes for all those viruses and trojans that delete everything on your HDD. Just think of all the space they're saving you!
Sure they lied about what they were, which means they are effectively committing theft of serivces, but they are using less than 1800MB so it's suddenly legal!
You obviously have no concept of computer crime laws. I don't understand how your comment made it to +5.
All the arguments you make are silly.
1. time to begin with, they chose to make the download
So!!?? If you say "this box is full of money" so I take it, and it turns out to be a bomb, you're somehow not responsible since I willingly took it after you lied to me about what it is? That's stupid (and not how the law works).
2. Who really trusts downloaded illegal content anyway? Sue them for false advertising
Ok. A) This isn't even a complete thought.
B) Cracks aren't necessarily illegal.
3. The disk space was already planned out for using the illegal download, this "Trojan" probably saved them tons of space (since UT2004 is 6 CDs)
Stupid reasoning. Covered above.
4. The bandwidth was already wasted in trying to get retail products for "free", it's the downloader's waste to begin with
The theft of services occurs when the program is run. Any system resouces used by the program as essentailly "stolen."
5. time the downloader could of spent working for a paycheck to purchase the desired product...again, nothing wasted but the resources someone was using to distribute and use illegal products.
So it's ok to commit computer crime if you don't agree with the way someone is utilizing their time?
You: "Yes, your honor, I stole his car, but only after I found out he had a stolen bag of Cheetos in the trunk.."
Judge: "Case dismissed!"
Re:Trojans (Score:5, Insightful)
People WILL pay retail for the stuff they like and respect. They shouldn't have to prove they're not crooks.
So if I download a cracked version of a game I legally own that purports to let me play without the CD, I'm being treated like a crook, and someone's logging my activity. Screw them!
It's still illegal (misleading, and spyware to boot).
Re:Trojans (Score:4, Insightful)
Of course it is always assumed that EVERYBODY knows that getting certain software from P2P is illegal. What is not reasonable to expect someone to know is that the program that they are downloading is not a freeware demo or some code that was released by the company. Just because the name of a file is "Unreal Tournament 2004 Full.exe" does not imply "Totally Illegal for you to download from me - Unreal Tournament 2004 Full.exe".
Is the burden of legitimacy placed on me, the downloader, or on the person who is uploading and distributing the copyrighted work? If the burden is on me, then I am at risk every single time I visit any website because anybody may be serving copyrighted images that they don't own the rights to. I don't think there is much legal recourse for those that downloaded, unless they were told in advance that the said file was being illegally distributed and they knowlingly contributed to the act of copyright infringment. But the fact is it is much much harder to prove willing intent to break the law than an ignorance of the facts about the copyright status of the file in question.
Felonies vs. civil offenses (Score:4, Informative)
If they start using this information for blackmail...that is illegal!
No, unauthorized modification of a computer is a crime, in both the UK and the US (and probably most other developed nations' jurisdictions).
What we have here are felons (system crackers planting trojans on people's PCs) who are compromising the privacy of individuals who have committed civil offenses (copyright violations). The seriousness of the former crime is much greater than the seriousness of the crimes of their victims.
That having been said, the FBI has protected murderers who were on their payroll (including sending an innocent man to jail for the murder committed by one of their informants), who turned evidence against people guilty of far less. So the alluded to by others remains: given the current political climate the feds are likely to overlook the felonies being committed in the interest of persuing the civil offenses being committed against their primary constituency, namely the copyright cartels.
Re:Trojans (Score:5, Insightful)
I don't know where you live, but in most places I know this is definitely NOT a crime.
I can write a text game that's 100 lines of code and charge $10,000 for a license if I want. If you don't think it's worth it, code it yourself or buy it from someone else. Just because it cost me $10 to make it and I'm selling it for $10,000 does not give anyone the right to steal it from me.
Re:Trojans (Score:5, Insightful)
First off, the sheer arrogance of this comment is mind-boggling. So, because you don't think game X is worth $100, but someone else does, means that they're "ignorant?" Wow, I must have missed the email where you were appointed arbiter of the value of all things.
Secondly, the company that creates the game, owns the game. They don't HAVE to sell it to you, they don't HAVE to sell it at all. They're free to stick it in a vault somewhere and let it rot (which might explain Duke Nukem...). By the same token, you don't HAVE to buy the game. They offer the game for $X. You're COMPLETELY free to walk away, buy another game, turn on the TV, go outside, read a book, whatever. The transaction is completely voluntary for both parties. It sounds like you're saying that the authors of the game should be FORCED to sell it for less (after all, they're "criminals," and we force people to stop engaging in criminal behavior). By the same token, shouldn't we then FORCE you to buy the game? It'd be only fair. So, it seems like we have a deal - game publishers can only charge $30 per game (rather than $100), but you MUST buy everything they publish. Somehow, I don't see you signing up.
Re:Trojans (Score:5, Interesting)
So if the US don't want to prosecute them there are extradition treaties to fall back on...
Just wait. (Score:4, Interesting)
Re:Just wait. (Score:4, Insightful)
Re:Trojans (Score:3, Insightful)
I have been contacted many times by customers of mine complaining their website has been hacked, when in fact it's just their own computer that was hacked by supposedly legitimate US companies to alter the behaviour of IE!
Re:Trojans (Score:4, Funny)
I'd like to get it, and examine it. Wouldn't it be hilarious if their own trojan DDOS'd thier own site?
[I'd look on thier site, but it's already smoking.]
Re:Trojans (Score:3, Funny)
Last night on Slashdot IRC (Score:5, Funny)
<Hemos> cool lets get an article up
<Hemos> we'll call it "File-Sharing Increases CD Sales"
<CmdrTaco> lol
<Hemos> seriously. file-sharing is good. distributing someone's intellectual property is good
<CmdrTaco> hey, did we ever get dailyslash shut down?
<Hemos> not yet. you know some people actually think we have a double-standard for declaring them illegal?
<CmdrTaco> rofl
<CowboyNeal> hey guys
<CmdrTaco> hey
<Hemos> hi
<CowboyNeal> some guys ar posting information on pirates
<CmdrTaco> fuckers
<Hemos> yeah, nobody should post information on people breaking the law
<CmdrTaco> dude nobody's breaking the law
<CmdrTaco> they're INCREASING CD SALES
<Hemos> oh yeah
<CowboyNeal> i'll get an article up and call them "vigilantes"
<CmdrTaco> lol
<Hemos> that'll get the discussions going...more page hits
<CowboyNeal> ya
<CmdrTaco> it sucks that people can't participate in the mp3 culture movement by illegally distributing other people's product
<Hemos> i know
<Hemos> hmm
<CowboyNeal> ?
<Hemos> isn't that a contradiction, since we expect everybody to follow the licensing restrictions of a GPL.TXT file and raise a piss if they don't?
<CmdrTaco> rofl
<CowboyNeal> haha
<CmdrTaco> yeah expect everyone to follow the GPL...
<Hemos> ya, i know..oh well, nobody said we were perfect
<CmdrTaco> whatever gets page hits
<michael> i'm perfect
<CmdrTaco> you scare me
Illegally distributed software (Score:5, Insightful)
Sorry, that's not my personal view (I don't believe in locking people up for small-scale copyright infringment) but it is the view of some, such as the content creators whose property is being infringed on.
I just find it ironic that just changing the subject line of your message from "Trojans" to "Illegally distributed software" gives us a whole new look at this issue: after all, most of the people engaging in P2P distribution of copyrighted material live in countries where it's illegal and probably punishable by a jail sentence.
The majority of people here seem to be engaging in double think: messaging people who engage in P2P copyright infringement that what they're doing is wrong and publishing their IP addresses is a Bad Thing, yet tracking down the online behaviour of spammers and then publishing their real world addresses (without any consideration for what might happen as a consequence) is a Good Thing.
Can someone please explain to me how one is so wrong yet the other is so right? (Preferably without resorting to the kind of language that you wouldn't use in front of your mother?)
Re:Illegally distributed software (Score:5, Insightful)
It's quite simple, with P2P sharing networks person A is passively letting their computer open so that any person B that comes and asks can grab a file if they like what they see.
A spammer, on the other hand, will make everything possible to get past the locks I put in my computer to try and give me a file I didn't ask for in the first place.
Re:Illegally distributed software (Score:5, Insightful)
Whether or not the end-user is doing something legally / morally wrong by downloading what they believe to be material under copyright to which they have no permission to use is a completely independent discussion.
Re:Illegally distributed software (Score:4, Insightful)
Interesting question. If you clearly label it as something no one should touch (even if the label is false), but leave it where it can be taken, are you distributing it.
Imagine someone who packaged up some illegal-to-distribute physical substance in boxes labeled `private, personal and mine, do not touch', then left them around. Can they be done for distributing the substance if someone comes along and steals it?
Rule of law (Score:4, Insightful)
Vigilantilism is wrong. Period. Rule of law is characterized by a state monopoly on justice. If you don't like rule of law, there are plenty of countries where it doesn't apply.
Or, in a language your mother would use: Two wrongs don't make one right.
Re:Trojans (Score:3, Insightful)
Unless these guys have created fake files that match the size of the real thing (UT2004 is ~4Gb) and present it in the form of a CD image, surely the only people who would be fooled by this would be people who think a little 100k program could be a full
Re:Trojans (Score:3, Insightful)
They already have the 4gb downloaded already...
Re:Trojans (Score:5, Interesting)
Well, their server *did* update in realtime... (Score:5, Funny)
I guess what they say about examining the hex code for any file you download to look for suspicious strings seems really valid now.
And if you don't see any, run an unpacker and see if there is anything embeded.
Of course, you could just avoid running software someone else gives you....
Re:Well, their server *did* update in realtime... (Score:5, Informative)
Their results page simply lists the following info--
Average time wasted: 12.888078236572 Seconds
Total time: 1383.75 Minutes
Hours: 23.0625 Hours
Operating for: 928.40555555556 Hours
Then there's a big table full of entries like this (reformatted to make it easier to view here)--
ID: 6442 ;)
PID: 3578
FPID: 1
Date: Mar 19 2004 07:42:53AM
IP: xxx.xxx.xxx.xxx (Well really, let's not pick on one person
Location: Germany
Run time: 17
Filename: Unreal Tournament 2004 ALL VERSIONS KeyGen Crack (1).exe
The site continues in that vein for some time... fascinating stuff.
My thoughts: Software piracy is bad, m'kay, but two wrongs don't make a right!
Re:Well, their server *did* update in realtime... (Score:5, Funny)
Mar 18 2004 10:01:42PM
192.168.1.1
DustBunny.exe
All that 192.168.x.x are a bunch of pirates! All to jail!!
This one is better:
Mar 18 2004 02:17:01PM
xxx.xxx.xxx.xxx
United States
malware.exe
Only in the US can someone run a file called malware.exe downloaded from a p2p network *sigh*
Obligatory /. effect comment (Score:5, Funny)
Yeah, not for long...
Re:Obligatory /. effect comment (Score:5, Funny)
Re:Obligatory /. effect comment (Score:3, Funny)
which crime? (Score:5, Interesting)
Re:which crime? (Score:5, Funny)
The same crime we commit every night, Pinky...
TRYING TO TAKE OVER THE WORLD!
Re:which crime? (Score:3, Insightful)
Re:which crime? (Score:5, Informative)
Electronic trespassing. Making use of system resources that are not theirs. Stealing electricity, hard drive, memory space and performing unauthorised network communications. Crackers have been put in jail for much, much less than the above.
If they were disguised as codes for games like Unreal Tournament 2004 - I also imagine Epic games would have something to say about them:
(1) Distributing what is effectively a virus using the Unreal name.
(2) Taking the law into their own hands without the permission of the copyright holders.
Only the copyright holder can determine 100% if distributing such codes are illegal. There are circumstances where wanting a new code is legitimate (loss of the manual, living in a country where the game is not available at retail). However, I'm fairly sure that Epic has the ability to remotely de-activate codes that were being illegally distributed (with the game validating your code with a central server before you're allowed to play online) - they already have a system in place for dealing with people spreading codes.
Doubtless Epic wouldn't want to piss off potential customers by having a virus associated with them. And you bet your bottom dollar that the cracking groups are going to attempt to fight back and double their efforts to produce working codes now (if they've not done so already).
Re:which crime? (Score:4, Interesting)
Interesting.
Combine that with the recent report of a trojan that harvests codes from infected machines and you have a recipe for creating a new sort of havoc. If the trojan harvested codes are published in such a way that they get disabled, you'd have a sort of DDOS against a game company. It could overhelm their ability to sort out which users were legit, and piss off a lot of legit users at the same time. If you get enough personal info, you might even attack specific people to get them banned from the game for "sharing" their code if they do something you don't like.
Re:which crime? (Score:5, Insightful)
"Mislabeled" is not the same as "intentionally falsely labeled".
Re:which crime? Probably Entrapment (Score:3, Insightful)
Re:which crime? Probably Entrapment (Score:5, Interesting)
only means that the police officer cannot pressure you to commit a crime
-----
Hypothetical situation: A police officer stops you in the street and demands that you stop to answer some questions. You are in a hurry and ask if he's conducting an investigation. His response is negative, he's just lonely and wants to chat. You ignore his pleas and continue on your way.
The police officer arrests you for obstruction of justice. Additionally he uses the obstruction of justice as reason to search your person and finds a pack of cigarettes without the wrapper in your coat. He writes up an additional ticket for possession of contraband goods (cigarettes without the appropriate tax stamp).
Note: This isn't a hypothetical situation but REALLY DID HAPPEN.
So please, quit talking about legality. We live in a subjective police state and no lawyer really cares unless there's a potential to get rich quick.
Heresay and Slander (Score:5, Interesting)
Where's the Mac version??? (Score:5, Funny)
Dang it!
Re:Where's the Mac version??? (Score:3, Funny)
To me this seems basic... (Score:5, Insightful)
But realy pirates don't use p2p apps for warez.
That's kiddie crap.
More like they are tracking 14 year old's with a cable modem.
try IRC, now if they could track that, it'd probably blow their minds.
Re:To me this seems basic... (Score:3, Interesting)
Evil crackers like these criminals are no less clever than the rest of us, they just put their cleverness into more questionable things
Oh, and a question about IRC to anyone: The '/me' command, aka special CTCP action thingy... why does it use CTCP!?!?!?
Re:To me this seems basic... (Score:4, Interesting)
like this : independent
The '/me' command, aka special CTCP action thingy... why does it use CTCP!?!?!?
because CTCP uses in band signalling that something special is happening
CTCP uses ^A or chr(1)
You'll see from this table [cs.tut.fi] that ^A is defined in ASCII as
A transmission control character used as the first character of a heading of an information message.
Curiously the authors chose to end the text with another ^A rather than ^C. In their defence there is no End of Heading marker defined.
You can see the other CTCP messages here [invlogic.com]
Yes, but watch out for hypocrisy... (Score:5, Insightful)
Yes, I'm aware that there's a difference between pirates and spammers. But keep in mind that the RIAA probably sees P2P users the same way that we see spammers. Annoying, a growing threat, and obsessed with large penises.
Re:Yes, but watch out for hypocrisy... (Score:5, Interesting)
Speak for yourself. Maybe you're a hypocrite, but I'd be just as pissed if the program was targeted at spammers by calling it "1millionemails.exe".
Computer crime is computer crime, and this is definately it. We need reasonable, legal, long-lasting solutions to the problems of the net, not some jackass breaking into system in a vain attempt to combat what he sees as a big problem.
Sharing Trojans (Score:3, Interesting)
Surely any sane person would delete corrupted/malicous downloads from their shared directory?
They taught us in Health Education- (Score:3, Funny)
Re:Sharing Trojans (Score:4, Insightful)
Re:Sharing Trojans (Score:3, Insightful)
you would also think a 2mb file size would tip people off that its not UT2k4 or Win2k Source Code
Re:Sharing Trojans (Score:4, Interesting)
When P2P file-sharing programs are in use, the users are usually downloading bucket-fulls of stuff. So between the time the download of the file has been completed, and the time that the file is unzipped and run, there is a window of opportunity for re-distribution to take place. Given the small size of the file, it would probably be ignored until the download of larger files such as movies and warez has been completed, if not forgotten entirely.
(Like your looters or panic-buyers during a power cut - they're grabbing everything they can get their hands on, because it's there for the taking, not because it's of any practical use to them).
Vigilante (Score:4, Interesting)
Re:Vigilante (Score:5, Insightful)
Re:Vigilante (Score:5, Informative)
Re:Vigilante (Score:5, Insightful)
We had the IP when they downloaded the software.
It's one thing to have someone's IP address. It's another thing altogether to post it as public information. Just because someone else may be in violation of copyright doesn't give you the right to violate their privacy.
And you're making the assumption, which isn't necessarily valid, that your victims intend to violate copyright in the first place. If I lose my CD-Key to a game but still own the media, why should I not be allowed to use an alternate key? Surely ownership of the physical media is proof that I have license to operate the software in question.
Re:Vigilante (Score:4, Insightful)
Re:Vigilante (Score:3, Informative)
Re:Vigilante (Score:5, Insightful)
And some of us consider phoning home fairly malicious.
Re:Vigilante (Score:5, Interesting)
Just like Robert Morris [wikipedia.org] did in 1988?
Re:Vigilante (Score:3, Insightful)
Not too long ago, Soviet Russia embarked on a long hard social experiment, called communism...:)
See, the problem with social experiments is, you have to get the buy-in from society. Can I go to the local girl's school and start looking under people's skirts and claim I'm just doing a social experiment...I'd be arrested in an instant.
Here's what you are really doing -
Malone: You said you wanted to get Capone. Do you really wanna get him? You see what I'm saying i
Re:Vigilante (Score:5, Insightful)
Oh really? Your statements on website [blogzine.net] would seem to disagree with that
"At the start of this year, we (Justin and Clif, Clif and Justin) decided to start a new project. We declared war on illegal file sharing and pirates. The goal was to waste their time and bandwidth while tracking them and how the file moves around.
Other 'interesting statements:
3. We dissagree with the notion that this is a "Trojan".
Our program is aboslutely dormant unless specifically and purposefully executed by the downloader.
Exactly the same as the Beagle and other email trojan variants.
We aren't reporting these people to anyone in the law enforment field, even though we should be.
Yes you are. By posting it online, in real time.
We could go on...
Re:Vigilante (Score:5, Informative)
You are tricking users in sending their personal information to you. This is a serious offense in Italy (where I live) and most of Europe. We take our privacy most seriously.
Furthermore, cracks are legal in Italy (if you own a registered copy), because it is considered wrong for companies who sell you the software to try and restrict your access to it. For example, Playstation mod-chips are perfectly legal (tested in a court of law).
So, you are actually defamating and violating the privacy people who are in fact not pirates or doing anything illegal.
Thank you.
Re:Vigilante (Score:3, Interesting)
but yeah, I also catch these lame attempts at trojans on the p2p networks... their file sizes are always way wrong, and if you notice, the same group of fools sharing it and the other incorrect files...
Vigilante: Good or Bad? (Score:5, Insightful)
Vigilantes are, by definition, committing crimes.
A vigilante [ncwc.edu] is a private citizen who acts outside the law, taking the law into their own hands.
Some people (e.g. the vigilantes themselves) see this as a Good Thing -- enforcing Justice, where Justice would otherwise go unenforced.
Others (such as myself) see vigilantism as the roots of rebellion and chaos -- acting as a private government, in defiance of duly constituted authority.
Not that I have a hell of a lot of respect for duly constituted authority. Most of the cops I've met have been decent people, however, there's a long, sad history of cops acting as vigilantes, outside the law. Not to mention police states, governments run by mobsters, etc. etc.
-kgj
The real problem is... (Score:5, Insightful)
From the looks of their page (Score:5, Interesting)
Or hell, even take the Baldur's gate series. I bought every single game in the series, and I still crack all of those games since I don't want to have to put the cd in when I play. What about somone who has their GUID banned by punkbuster? I don't believe they have any right to stop me permanently from playing a game I bought online...what if I just use a keygen and get another key?
Anyways, there's really not much of a case for what these people are doing. Besides, if they like vigilantes so much, what do you say we show them what a DDOS looks like?
Re:From the looks of their page (Score:5, Insightful)
I own a 100% legal copy of Cakewalk home studio 2002
my install CD is broken so I have a choice of buying another copy or making my LEGAL copy work.
so I download off Kazaa the iso file of the CD burn a new one and voila...
now the frothing at the mouth Software people here would want me hanged for stealing money out of their mouths by not buying a new copy of their software every 30 seconds but who cares... I am doing NOTHING illegal and simply circumventing a disdain for customer service fr omthe company that makes the software.. I'm still using MY legal serial number and codes... I STILL have the legal license (AKA the box and other paper drivel that says so.)
Immunity from these... (Score:3, Insightful)
Care to define how it's illegal? (Score:5, Insightful)
Let me take the following example (Score:5, Interesting)
You got it. Just the costs of verifying that it DIDN'T do anything else, didn't alter or delete any of the data on the computer, didn't transmit any of the potentially sensitive data and (if paranoid enough) rebuild the system is going to rack up to quite a bit.
If they give them one count of hacking for each machine on their incredibly self-incriminating list, I imagine even the minimum penalties would add up to life. So I would be very worried if I was them...
Kjella
Here's another question... (Score:5, Insightful)
What if my software, downloaded with no warranty from Gnutella, displayed the weather conditions in Kenya?
I'd have their IP, and I could even safely retrieve the ID with legitimate pretenses.
However, since my software rebukes the downloader for downloading a file that appeared to be a crack, it is a Trojan and a danger to the peoples of the free world.
Just a thought.
Re:Here's another question... (Score:5, Interesting)
Let me ask you something, if you went to install something, say what you thought was the google search bar for your browser, and instead found out it was giving out information, wouldn't you be a bit pissed? It's doing something other than what was intended. Sure, the software you're replacing might be illegal, but nonetheless, my point still stands.
Legal precedent ? (Score:5, Interesting)
IANAL, but this is certainly illegal. It is akin to a sting operation, like when you open your car door for the hooker on the street and it turns out she's really a cop and you are arrested for soliciting & prostitution.
You can't drop dollar bills on the road & then arrest citizens for stealing when they pick them up.
Using temptation to get at potential thieves does not constitute law enforcement, unless I guess you are the FBI or somesuch.
Re:Legal precedent ? (Score:3, Informative)
To get caught in a sting, the "stingee" needs to solicit something illegal from the "stinger." Just opening your car door for a prostitue doesn't necessarily constitute an illegal act, unless you solicited sex for money beforehand.
- You can't drop dollar bills on the road & then arrest citizens for stealing when they pick them up.
True, but you also can't sell baking soda to people in dime baggies telling them it's cocaine. Although, technically, p2p isn't really se
Yes, its probably illegal... (Score:4, Interesting)
Props to these guys for sticking up for whats right.
Good for them (Score:5, Insightful)
My favorite comeback line: "Maybe we should outlaw knives because someone might do something illegal with them!" -- completely off-target. Right now, the situation with P2P isn't that a minority of people are using P2P networks to trade copyrighted materials, but that a minority of people are using P2P networks for trading non-copyrighted materials. Until P2P fans actively pursue and discourage the use of P2P for illegitimate uses, P2P will continue to have a bad rap and be pursued by copyright holders.
And the third important point... (Score:3, Informative)
If they use any other means of exiting the program (ie, Alt+F4) it simply exits.
Yet again, it all depends on what they do....we don't collect anything without them making defined, deliberate actions.
It is not my belief that we are required to tell them that we logged the fact that they clicked "I'm Sorry. I Promise Never to Do it Again."
I would also stress that this information is harmless to them as we proved only that they downloaded a file with the same name as a crack...nothing that poses any kind of threat at all to them.
Bah. (Score:4, Insightful)
Was that an intentional part of the design? Or did you guys just overlook the ALT-F4 shortcut when you designed the program?
Re:And the third important point... (Score:5, Insightful)
Do you tell them of that fact before they click?
It appears you don't. There is no other escape button on the popup window. No other mechanism, other than alt-F4, to dismiss your box.
You give the user little opportunity to not have it phone home.
Trying to orchestrate a DDoS on themselves? (Score:3, Interesting)
Server hosed (Score:5, Informative)
Note: Due to responses by certain detractors, we've updated our legal section (again) to further clarify our stance.
Apparently, this is becoming more and more newsworthy. Security Focus called today and interviewed me. Here is the resulting article: http://securityfocus.com/news/8279
At the start of this year, we (Justin and Clif, Clif and Justin) decided to start a new project. We declared war on illegal file sharing and pirates. The goal was to waste their time and bandwidth while tracking them and how the file moves around.
Results Pages for the Impatient: Walk the Plank Status Page | Dust Bunny Status Page
Walk the Plank, You Pirates!
The first version of this was more-or-less a test to see if it would work. We created a program in C# that would pop-up a message scolding the user. When the program closes, it would "phone home" to our servers, giving us the filename, how long the program ran (run time), and their IP address. We entered the information we collected into a database.
We copied the binary then renamed it to a bunch of warez-like filenames that we found via Jigle.com and searching different P2P networks. We put it up on the Gnutella file sharing network and waited. Within minutes, we had downloads. However, we didn't have entries in the database. The next day we came to the conclusion that people didn't have
So we rewrote it in C++. Once finished, we replaced all of the C# binaries with the C++ binary. Again within moments, we had downloads and this time we have entries in the database. Goes to show the penetration of
After about two weeks, we noticed something: The file was spreading without our help. We stopped sharing after we realized this and the file kept propagating, and propagating, and propagating. In no time flat, we wasted over 16 hours of pirate time.
Screenshot: (Top: WTP, Bottom, ODB)
The Next Step: Operation Dust Bunny
The original idea we had went beyond simply logging filename and run time. We wanted to track who got what file from who. So a month after WTP, we wrote Dust Bunny. It was a two-binary system that would read the Pirate ID (PID) encoded in itself, send it to a server, then grab a unique PID returned from the server, and rewrite the ID that is encoded in the binary. Using this information, we could see who got what binary from who.
Written with one person using Visual Studio 2003, another using Dev-C++; one binary in C++, the other in C; and only one person knowing how to code in either language. It was a challenge since the "rabbit" (the GUI program) had to include the "eye" (the program that contacted the server and rewrote the rabbit) for execution. Plus the eye needed an offset that could only be gathered once the rabbit was compiled with eye included. Thanks to TightVNC and a lot of trading of information, we got through it.
Just to be safe, we added a "kill switch" to the eye. If the server returned a special ID number, the eye would delete the rabbit. This way, in case it got out of control as WTP did, we could stop it. Also, if someone renamed it to a filename we didn't like, we could add that filename to the "evil filename list" on the server.
After it was completed, we replaced all the binaries with the new version. Once again, they started to be downloaded instantly. The next day, we already had redistributions -- someone downloaded a copy from someone other then us. We could tell since we were logging the PIDs. It didn't take long until we had multi-branch trees of pirates.
We decided after one month time of sharing Dust Bunny, we'd stop and let it propagate on it's own. That marker was around March 9th, 2004.
Current Status
By now, WTP has racked up over 62 hours in wasted pirate time. Dust Bunny is well on its way with 20 hours. Dust Bunny has around 3,500 unique pirates and over 6,200 ex
Vigilantes (Score:4, Interesting)
In the case of the software vigilantes. They're in for a world of legal hurt I think even though their basic intentions are good.
Social Experiment? (Score:5, Insightful)
If this was in fact a "social experiment," I have a few questions:
If this was a genuine social experiment, these questions have already been answered, somewhere. Otherwise, I think we can chalk this up as a prank designed to embarass people.
From their webpage (Score:4, Interesting)
<head>
<title>Operation Dust Bunny: Deployment Status Page</title>
</head>
<body style="margin:0">
[1]
Offhand, I'd say today we're not tracking *anybody*...
Whoa, we just Slashdotted a cablemodem!! (Score:5, Funny)
Ouch, I almost feel sorry for them
Trojans of trojans (Score:4, Insightful)
Spyware and malware and P2P programs and instant messaging programs may not be malicious in and of themselves but they're all coded by half-hacks who aren't very interested in security. Do they properly check their buffer overflows, input validation, or ensure perfect alignment with a proper handshake protocol?
I think not...
Let's say that the law would tolerate the vigilante retrieval of stolen property. At what point is the vigilante liable for leaving the backdoor open?
Let's say that malware and spyware and spammers really are nothing more than advertising methods used to boost the economy (which can be argued as "good"). At what point are the authors of those progams liable for the malicious attacker or stalker who relies on them to identify easy targets?
Let's say that posting signs for your candidate on someone else's front lawn would be legal. Are you liable if a serial killer decides to pick his targets based upon lawn signs?
Implications are more than just one step removed from the source.
UT2k4 crack (Score:5, Interesting)
I pre-ordered the special DVD edition of UT 2k4 about 2 weeks ago. $42 and change. I get it home, pop it in a DVD drive on a different machine in the network, mount the drive on mine, and install. Try to run it? *BZZT* "Wrong disc inserted." Many people on the official forums had the same error with the game in a drive on their local machines. Crack -> piracy? No. It's been rather long established that at least a few paying customers will have problems with the cd check. I can't say about UT2k3, but in the original UT, they removed the cd check in an official patch since so many had problems.
Although I was smart enough to get it from somewhere reputable. They could have gotten something a LOT worse than an IP tracker.
I could have been holding the legally purchased, pressed media, wearing the free headset and finding a place for my free Atari shameless-self-promotion stickers while these people posted my IP address (or even more information, I didn't actually go to the list to see) with a pirate label. (note: On their site, the images of the popup say "don't worry your secret is safe with me", and now the list has even been
Yarr indeed.
Re:UT2k4 crack (Score:4, Interesting)
-
How ironic... (Score:4, Insightful)
What they have is a list of people that downloaded something that most likely isn't a copyrighted work written by them (and admittedly made available freely online by themselves).
Not only that, they're infringing on the trademarks of the software they purport to be in order to run this little experiment, and a case could also be made that they're doing damage to the name of that software by associating it with their invasive software without consent from the actual publisher of the original work.
I'm all for protecting a product with the laws that are in place, but the laws shouldn't be taken into people's own hands with invasive and untested software.
Thank G0D... (Score:4, Funny)
-
Hah, this is funny. (Score:5, Insightful)
1. No data is collected by our software that isn't already collected when our software is downloaded. The only personally identifiable information that we have would be the executer's IP address. However this information is freely available at time of download and is completly public information.
Uhm, wait, but collecting IP addys is data. And you also collect what file they were trying to download, and where/who they got it from? I'd say building a track list of a 'social' network of where a file goes and by how/whom is plenty of data.
I'm sorry,but thats a load. Get a better legal advisor, next!
3. We dissagree with the notion that this is a "Trojan".
A trojan horse gains access to a system through deviant methods. Not through user initiated downloads on a P2P network. Secondly, a trojan horse by definition has a payload or attempts to give the author access by working from the inside. Our program is aboslutely dormant unless specifically and purposefully executed by the downloader. And the program is riddled with cues to what the contents might be. For instance, the company name is "C.R.A.P. Citizens Raging Against Pirates". Not what you'd expect from a "legitimate" crack or keygen.
Okay, lets see, its not a trojan, yet its a trojan. It's not a trojan because it comes from a p2p network, and not
Okay, great idea, really, very funny! But WTF are these guys going to do with all this when, say, MS steps in with a great big legal order of doom saying 'we want to know everybody who thought they were downloading the windows source code'? Are these people even thinking that far ahead?
And I love the broad thinking that anybody downloading a keygen is a pirate, What, these guys never lost a Cd key before? Yesh. Get a grip kids.
Points for some very crative programing, but they lost points for not finding something better to do and not thinking ahead a few more feet of them.
Re:Software is just INFORMATION (Score:4, Insightful)
Re:Of course it's a crime! (Score:3, Insightful)
yeah, it's intent to supply, no controlled susbtances required.
Re:Of course it's a crime! (Score:3, Insightful)
While you may be legally correct, that's pretty stupid. If I know it's not pot, I'm not intending to sell pot. I'm intending to fuck this guy over. If some kid asked me for alcohol & I gave him orange juice, telling him it's a screwdriver, can I be arrested for "Contributing to the Delinquency of a Minor?" Of course not, but since MJ is "evil," it is given completely different rules. Stupid.
Re:Of course it's a crime! (Score:3, Interesting)
Note that EFF may want to "phone home" too (Score:3, Informative)
That doesn't appeal to me either (the "getting paid" part is, of course, reasonable, but the "tracking what I do" part isn't)
Re:Get what you deserve (Score:5, Insightful)
Woah, way to go Mr. Assumptions. Why exactly can't I just rip out the CD protection code off the program I paid for? It's far more convenient for me to just install the whole thing in my 120 Gb hard drive, stash the box with the CDs safely and be on my merry way. I don't have to throw a tantrum, call the software company 100 times and make a revolution to change the system so that programs come without CD protection. I can simply spend 5 minutes downloading a tool and getting rid of it. Or I can put the keygen with the game in the hard drive so that I don't even have to worry where the manual or the box will end up.
What you're presenting here is a fallacy known as the False Dichotomy. The world is not "either you get the crack to pirate the program or you return it if you don't like the CD protection". After I paid for that software I'll modify it as I see fit to make it more convenient for me to use it, be it cracking the CD protection, installing 100 zillion mods or even cheating the crap out of it so that I can headshot the bots every time I want to. And I'll be damned if I let anyone tell me what I can or cannot do in my computer with the software I paid for.