Are UK Police Hacking File-Sharers' Computers? 177
superglaze writes "Following its takedown earlier this week of the music blog RnBXclusive, the UK's Serious Organised Crime Agency (SOCA) has claimed that "a number of site users have deleted their download histories" in response. Given that the site didn't host copyright-infringing files itself, how do they know? We've asked, but SOCA refuses to discuss its methods. A security expert has pointed out that, if they were hacking using Trojans, the police would themselves have been breaking the law. Added fun fact: SOCA readily admits that the scare message it showed visitors to the taken-down site was written 'with input from industry.'"
Remember: The police are allowed to lie to you (Score:3, Interesting)
Cool when you're watching nefarious plotting on Taggert or Law and Order: UK but not so funny when it's you. And the accusation is that you're depriving a Hollywood mogul .00000001 per cent of a payment on this third Mercedes.
huh? (Score:4, Interesting)
Re:huh? (Score:5, Interesting)
It probably means that the JavaScript/CSS trick for determining what sites you've visited no longer shows that the IP number of believed downloaders have visited those sites. Which probably just means the government authorities in question don't know what "dynamic IP" means, but I digress....
Re:Browser exploits? (Score:4, Interesting)
Don't get me wrong, they probably do have staff who do understand, it's just that those staff aren't the ones communicating with people outside SOCA. For that matter, I don't think those people even understand criminal investigation either. Look at that industry sponsored message they had on the domain seizure notice.
What Judge? (Score:5, Interesting)
Re:Browser exploits? (Score:5, Interesting)
This JS history snooping sounds plausible, technically, but maybe not so practically. Besides the question of whether running such a script is legal: how did they manage to run those scrips?
To run such a history snooping script, a user has to visit a web site that runs said script. It's not likely the torrent site will do this for the authorities. It is also not likely that users will regularly visit anti-piracy web sites. They may visit it once, to get some information or out of curiousity, but well not much to repeat visits for.
Or is it done by the ISP? Who then would basically inject a js part into web pages the user downloads? Doesn't sound like a nice thing to do, to say the least.
Besides, such scripts afaik can only do something like "did you visit slashdot.org?": asking for specific URLs. I have not heard of a way to ask a browser "please tell me all sites this user has visited, and all urls which include slashdot.org". The first example shows whether or not the user visited the home page, the second example would give a list of all stories the user has opened, comments they opened, etc. You'd need the second method to be able to query a user's history for specific downloads.
Information from the browser cache determines whether to redownload a file, but the cache should be site-specific. Even if one site asks to download parts from another site, the browser should just reply "done" when the request is processed, regardless of whether that bit is locally available already or that it had to be downloaded.
The only legal way to obtain download histories would be if the user has a public profile on a web site that lists that user's download history (not likely) or that they would indeed come with a search warrant, confiscate the user's computer, and analyse its contents (even less likely).
So all in all this sounds like an illegal hacking action by the UK police.
Re:Serious? (Score:5, Interesting)
It is worth following JackOfKent on twitter for his insight into this. He noted that the take-down notice could actually be a contempt of court [twitter.com].
Re:Browser exploits? (Score:5, Interesting)
My guess would be that the authorities may have included such a Javascript in the 'scare page' that is currently replacing the regular site. Regular visitors return to the site by following a bookmark, etc, and while the scare page is open in their browser the Javascript runs.
It would have likely been a part of the initial investigation to either set up a crawler to index the site before it was taken down, or simply pull down the RSS feed of new posts and scrape them for hrefs pointing to mp3s or otherwise. They could thus compile a list of "downloadable" files which had appeared on the blog.
Once the scare page has been put up, they could use the Javascript on the page to fetch lists of these download URLs, insert them into a hidden div on the page, and check each URL's "visited" status in unpatched browsers, sending the results back to the server asynchronously and logging them along with the IP and any other browser stats of the user in question. In this way they could glean data about which files from the site the current user had downloaded.
Now, assuming the above is even close to what happened in reality, I would guess that the site in question has had a large number of hits from curious bystanders (ie the slashdot / HN crowd) since the scare page went up, most of whom would have "clean" download histories as they had never visited the site during its operation. Maybe the people gathering stats have misinterpreted this as "lots of users who cleared their download history" before returning to the site.
Hooray for speculation!
Re:Prejudiced the prosecution (Score:3, Interesting)
* It's actually illegal to so much as rip your purchased CD onto a portable player for convenience in the UK
Not for long, hopefully! Proposed Changes [bbc.co.uk]
As one of the talking heads is quoted as saying in the above linked article:
"The review pointed out that if you have a situation where 90% of your population is doing something, then it's not really a very good law,"
A 'rare' and sensible insight! Now let's hope the government can get a move on actually passing it, as a bill, through Parliment.
My letter to SOCA (Score:5, Interesting)
Here's what I sent them. If I had been wider awake, I would have skipped the last paragraph. I enjoyed writing it, but sarcasm is almost always counterproductive.
Dear SOCA,
When I saw the takedown notice at RnBXclusive, I was sure that it was a spoof. The bald statements about the guilt of "the individuals behind this website," apparently unproved in court, the threats of prosecution to myself, and the speculative claims about the "future of the music industry," seemed too absurd to be written by a serious law enforcement agency. Then, the advertisement for pro-music.org at the end made it clear that this was either a spoof by pro-music, or more likely by an opponent trying to embarrass pro-music.
I was astonished to find acknowledgment on your own web site that this absurd text was indeed your own.
I never heard of RnBXclusive before, and have no opinion whatsoever regarding the legality of the behavior of "the individuals behind" that website, nor your takedown of the site and reported arrest of the "individuals." But I hope that you will be more careful in the future to post only relevant and sensible notices that stay well within the scope of your legal mission.
I recommend to you the Electronic Frontier Foundation (www.eff.org) as a source of careful analysis of online behavior by individuals, corporations, governments, and law enforcement agencies. They do not appear to have posted any specific comments about RnBXclusive, SOCA, or your recent arrest and DNS takeover, but they can provide some of the best advice available when consulted.
If you must advertise legal sources of music downloads, let me recommend my favorite, magnatune.com, which is not represented by those "behind" the pro-music.org website, and which will perhaps suffer competitively from your public endorsement of pro-music.org.
Sincerely Yours,
Michael J. O'Donnell
The University of Chicago
Re:When the cops hack your computer ... (Score:4, Interesting)
Proving that megacorps have more rights than people... I'll believe corporations are people when texas successfully executes one.
Till then:
- You commit a felony, you go to jail and lose your voting rights.
- Corporation commits a felony: no jail time, a pittance of a settlement/fine, and they still have the right to buy off elected representatives with unlimited campaign contributions.
Anyone else disgusted?
Re:When the cops hack your computer ... (Score:5, Interesting)
Actually the whole feudal idea of felons and the segregation that goes with it is pretty disgusting. Basic rights should only be able to be taken away by the judiciary using due process. Even the American Constitution writers reconized that, which is why they have the ban on letters of attainment.
America and Nigeria I believe are the only countries still with the idea that whole classes of citizens should lose rights permanently for doing something stupid when young, even after they've payed the price.