RIAA/MPAA Contractor Deploys Malicious Adware Trojans

RichardX writes "Overpeer, the organization responsible for seeding many peer to peer networks with damaged, corrupt and fake files has now found a way of hiding spyware and adware inside Windows Media files by using a DRM loophole and is using this technique to further pollute p2p networks." Several readers sent in a PCworld article on the same subject.

So how..

[kmak (692406)]

exactly are they getting away with this?

Re:So how..

[JPriest (547211)]

With tactics like this I hope they don't wonder why people don't feel sorry for them.

Porch stereo

[by Anonymous Coward]

Actually i think it's a great idea. We've had problems with break-ins in our neighborhood. Been hit twice the past two years, and nearly every neighbor has been hit too. Police dept says they can't do much about it.

So how about we set a stereo system out on the front porch and shoot the thief when he sets foot on our property? Like hell they're gonna steal my music!

When recording industries become vigilantes and the justice dept looks the other way, it certainly makes it acceptable for the rest of us. Road rage justice (I just DARE you to cut me off), merchants hanging shoplifters, etc. all is acceptable now. Even more interesting is that the punished party may not necessarily be the owner of the affected PC. Imagine Best Buy rent-a-cops torching your apartment building because they're getting even with you for shoplifting some CDs. So what if the building is owned by someone else? If the RIAA can torch anyone's PC if it has an infected file, it legitimizes any business coming after any property associated with any crime.

Quite a monster you've created, Justice.

Re:So how..

[Kierthos (225954)]

No kidding. I mean, for one thing, by the time the movie is in the theater, the painters and the stuntmen had best already have been paid. For another thing, with all the piracy that's been going on, if it was hurting the business so much that they couldn't pay the painters and the stuntmen, then there wouldn't be movies opening every week.

And yet, checking the local theater listings....

Yeah, piracy is bad. Not BAD, in all caps. Not Bad, with a capital B. But bad. But what the RIAA and MPAA are doing here is worse. It's sleazy, underhanded crap, and if a private citizen did shit like this, the hammer of the judicial system would get dropped on them in a heartbeat.

Kierthos

Re:So how..

[iminplaya (723125)]

This whole piracy thing is so silly. It's wierder than "terrorist". Both terms depend on who they are working for. If they're working for the "competition"(so to speak), they're pirates and terrorists. If they're on "our" side, they're distributors and freedom fighters. Do you know who will be the first to go out of business when P2P really takes off? The pirates. The guys out there selling millions of bootlegs. Most pirates usually sell the top 40, RIAA stuff, so they also "controlled" who was distributed, but they are the most expendable. Hell, they're off the books, so who's gonna care? Most people understand that P2P will increase record sales and concert attendance manyfold. This isn't just about money. Control plays a bigger role here. Just like both sides use terrorists in a war, both sides use pirates to distribute their wares. It seems to be mutually parasitic. What I'm trying to say here is that piracy is a diversion, a smokescreen used by those who want to control distribution of information(text, audio, video). It's little different from those who use terrorism to create unjust laws.

(kind of offtopic)
I sure wish the ptroleum industry was as concerned about the leaks in their distribution system as the content industry is about theirs.

Re:So how..

[Detritus (11846)]

An ad paid for by the same movie companies that put the painter and stuntman out of work by producing as many movies as possible outside the United States. They don't shoot movies in Toronto because of its wonderful year-round climate.

Re:So how..

[Fallen_Knight (635373)]

The poeple who should be getting pissed about this is MS, i dont' think they will like it when WMA becomes like IE, known for giving you adware and viruses when used.

Re:So how..

[AnalogDiehard (199128)]

Especially since M$ has been wooing Hollywood into their DRM WMA/V format for years now. Hollywood was reluctant about M$ owning the gateway to entertainment, and now they just pissed off the supplier. That's a bad business move, both parties lose. Now that M$ has "tighyly intergrated" WMP into the OS, they suddenly have a file format that is vulnerable to malware. WMA/V may join the corporate banned attachment list whose extensions end with exe, bat, pif, and so on.

Re:So how..

[Maestro4k (707634)]

Better yet, not only tell them how you feel, report their actions to your state attorney's general office, and tell them you're doing so. Feel free to copy and paste from the letter I sent them below:

I recently came across this (http://www.pcworld.com/news/article/0,aid,119016, 00.asp) PC World Article about your company's actions in creating trojaned windows media files to "seed" onto P2P networks. You should be aware that in several states, your actions will likely qualify as willfull computer hacking, being in the same category of offenses as computer virus, trojan and worm creation & release.

While your actions have not directly affected me (I have no use for P2P software), I am sure they have caused damage to other citizens in my state (Your stste here). I felt you should be aware that I am sending along the information in the PC World article to my state attorney's general office with a request that they look into the legality of your actions under XX state law.

Copyright infringment on P2P networks is both illegal and immoral, but that does not allow those fighting it to break laws as well. I am not sure if your actions are illegal under XX state law or not, but I am sure our attorney general will be able to make that determination.

I urge you to think through the potential ramifications of your actions, and to rethink your current course of action.

Sincerely,

Joe Cool (Or your name here :)

I must admit I was tempted to install Kazaa and search for and download the file mentioned in PC World's article, just so I could tell my state attorney general they tried to hack my computer. I finally decided it wasn't worth the hassle and potential media attention though. :)

I should note that given their current actions I don't trust them so I used a disposable address from Spam Gourmet to send from and only signed my first name. Maybe I'm paranoid, but I figure any company who thinks it's OK to basically attack other people's computers in the name of stopping P2P just can't be trusted to know both my full name and state.

I Wonder...

[jpatters (883)]

Isn't that blatently illegal?

Illegal? When large unsuable corps are involved?

[Chordonblue (585047)]

When is spyware a virus? Don't ask your average anti-virus vendor. When I tried to nail down Sophos on this issue they were evasive - to say the least.

If this trojan is killed by an anti-virus program, is it securing your machine or committing an illegal act? I had this very discussion w/Sophos' techs. I had just cleaned the VX/2 trojan out of a computer - and it took HOURS of work to get it fully out of there. I sent a sample to Sophos and they told me that it was legal adware.

My question was obvious: What methods are allowable for adware, and how is that any different than a virus/trojan.

VX/2 was installed on one of my workstations here through a fault of the OS (unpatched at the time). It installed itself without permission. It left no way to uninstall it. It attempted to shut down Adaware and resisted any attempts to kill it.

So.... THIS ISN'T A VIRUS? Then what the hell is?

And so, overpeer's actions come as no big surprise to me. And I have no doubt that the anti-virus people will continue to turn a blind eye because of their FEAR of a lawsuit.

Damnit, don't we PAY THEM to protect us against this sort of thing?

Re:Illegal? When large unsuable corps are involved

[ivan256 (17499)]

The problem is that the difference between a trojan and legit adware is that legit adware is backed by a company that can sue an anti-virus company. The two can be identical in every other way.

Re:I Wonder...

[by Anonymous Coward]

In the UK what they are doing is illegal under the Computer Misuse Act. Basically if you happen to get attacked by this by them, report them to the police and press charges. This is a criminal offence and would net them a 5k fine and 5 years in jail when convicted...

Re:I Wonder...

[Daniel Dvorkin (106857)]

You know, I've often thought that since "corporations are people" seems to be an established principle (under US law) we should start applying the same punishments to corporations we do to people, and I'll bet we'd see a lot less corporate crime. If a corporation commits an act that would net an individual five years in prison, then that corporation has to shut down for five years.

Obvious objections, with answers:

1. "But that would be a death sentence for the company!" Yeah, and a prison sentence, of any length, is a death sentence for a lot of people -- getting stabbed in a fight, getting raped and infected with AIDS, etc. Doesn't stop us from sending people to prison, even those we know are likely to suffer such consequences.

2. "But what about all the workers who depend on the company for their paychecks? We shouldn't make them suffer!" We send people to prison who are the sole source of support for their families, and those families often suffer terribly. "Corporate imprisonment" would be harsh, deliberately so, and in the long run, the improvements in corporate behavior it would force would benefit everyone -- including workers, whose employers would be more likely to behave ethically if there were real consequences for not doing so.

Re:I Wonder...

[BrynM (217883)]

Except to file complaint you have to admit you were trying to download a "pirated audio file".

Normally that would be entrapment, but they aren't a law enforcement agency (yet). Thus it doesn't count.

Re:I Wonder...

[Richard_at_work (517087)]

No, entrapment is enticing you into doing something you wouldnt have done without being asked. This is a sting, which the police use frequently to catch drug pushers. Basically the difference is how you received the goods, you have to make the concious decision to download that specific file, rahter than them pushing it at you. Since this file will be in amongst normal files, its a sting. If this was the only file, then it would still be a sting. If they approached you and offered you the file, its entrapment. Since you are requesting the file, its not entrapment. This is why police officers have to wait to be approached to either be sold drugs or to sell drugs (depending on if they are after the pusher or user), they cannot approach the suspect and request it. Same with prostitution, they have to play word games with the prostitute to get her to offer him services without him asking for it.

Re:I Wonder...

[Breakfast Pants (323698)]

This isn't entrapment or a sting. If a copyright holder or an agent acting on their behalf gets on to a peer to peer network and offers up copyrighted content and you download it, it's yours. Legally they can do nothing, they owned the rights to it and they offered it up and you took it. Thats why ALL the RIAA suits against traders were against uploaders. If you disable uploading you'll kill the networks (you won't kill emule/bittorrent but you won't get much benefit from them either) but you'll be protected from suits. IANAL.

Anyway, I was saying, this isn't entrapment or a sting. What this is is a malicious attack on a user's machine. A rights holder is offering up a file that it owns the rights to and the user is taking them up on it; the fact that they don't know it's a rights holder is irrelevant. Then, included in this they are using exploits and loopholes to install unwanted software on a user's machine designed to hurt the user's experience with their computer. Spyware that doesn't tell the user it's being installed and give them a license agreement and the option to disagree and not install is illegal just like computer viruses are illegal, infact there is no differentiating factor between this and a virus.

Pirated?

[Kickasso (210195)]

A copyright holder's agent (RIAA) offered it for download. Perfectly legit I would say.

Re:I Wonder...

[zakezuke (229119)]

Yes, it is. Except to file complaint you have to admit you were trying to download a "pirated audio file".

Neither the RIAA nor MPAA would release any file unless they had permission to do so. It wouldn't be "copyright infringement" if they are granted the right to give you a copy.

Aahhhhhhh

[DisasterDoctor (775095)]

High that explains why that Jessica Simpson song I downloaded suddenly made my head explode. :-)

Re:Aahhhhhhh

[avalys (221114)]

No, those songs tend to do that on their own.

We need to take advantage of this

[by Anonymous Coward]

Hack it so that it sends out complaint emails to RIAA and DOSes the RIAA website. Also make it crawl and fill out any RIAA forms on the website. Use random algorithms so they can only statistically cut down on the traffic.

If they can do it...

[hoggoth (414195)]

If they can do it, so can any hacker/cracker/virus writer. That's a good enough reason to never touch DRM inflicted Microsoft media files.

Re:If they can do it...

[aminorex (141494)]

Law of unintended consequences: .wma/.wmv are dead
as a format. Windows Media Player? Stick a fork
in it, it's done.

Re:If they can do it...

[BrynM (217883)]

Law of unintended consequences

I think it's ironic that MS originally put these capabilities in so the media companies could provide "richer" and more "interactive" content. The media companies pretty much ignored the capabilities until they found a way to use it as a cludgel. That's like showing someone a car and before realizing they can use it for transportation, they think of it as a battering ram.

Re:If they can do it...

[antiMStroll (664213)]

"I think it's ironic that MS originally put these capabilities in so the media companies ...

Bing! You nailed it right there. Microsoft made an obvious policy decision long ago to shift developnment focus from end users to corporations, hence the ease with which 'bad' corporate users abuse the OS at the end user's expense.

Re:If they can do it...

[xigxag (167441)]

Actually, WMP10 is fairly easy to configure to prevent this from happening. Turn off all the automatic crap in Privacy and Security and you're done.

I wonder..

[slashkitty (21637)]

why people trust wmv files when this can happen. Combine it with some ie security holes and you got a real problem. It'd be pretty easy to create a p2p wmv worm that infects the entire network.. no?

wmf? Probably misguided on their part

[93,000 (150453)]

It seems anyone the least bit concerned about DRM/sharing/etc wouldn't be using windows media anyway.

Proof

[BrynM (217883)]

This proves once again that you can't out-evil the major recording industry. Do something bad to them and they will do something worse to you. Only now it's the customers at the shit end of the stick and not just artists. Hell, Satan probably attends seminars on reprisal given by these folks.

Too bad it won't work...

[justkarl (775856)]

One more reason not to use Windows Media. How many do you need?

Ah Microsoft

[riceboy50 (631755)]

Now your DRM can be used a weapon against you, how do you feel about that?

Doesn't surpise me one little bit.

[Naikrovek (667)]

People and companies that see their lucrative source of income starting to dwindle get desperate. Desperate companies (SCO) and organizations (RIAA, MPAA) make drastic moves, and those drastic moves are always overhanded.

record companies employ illegal tactics to enforce their view of the world, expecially when they think they see recognizeable dips in their revenue. Nevermind that they're not actually losing money - the perception of loss is all it takes.

right now they're saying to themselves (as justification for illegal activities) "desperate times call for desperate measures".

These are not desperate times, and those are overly-desperate measures. They're weak, and owned by the music, not the other way 'round.

The problem

[Dachannien (617929)]

The problem is that the only people with standing to make a legal complaint about this practice (i.e., sue them) are people who have downloaded the files and had damages caused to them from the spyware being installed.

However, at the same time, said people are admitting in court that they downloaded (or attempted to download) media for which they didn't hold the copyright.

One possible way around this is if someone already has purchased the CD/DVD and wanted to download a copy so they could archive the original (because they have CD/DVD hardware that couldn't rip the original to disk). Of course, this idea has not been tested in court, and would probably be a protracted and expensive battle to fight.

Re:The problem

[wolf- (54587)]

Except, that I can create a webpage with the media player embedded in it. An IE user visits, downloads the media automagically and is infected.

You may not have "intended" to infringe on CMAIAA's work, but I forced you to, or rather the browser did.

Re:The problem

[Nicholas Evans (731773)]

However, at the same time, said people are admitting in court that they downloaded (or attempted to download) media for which they didn't hold the copyright.

Ah yes, but the RIAA is so nicely offering the music for download. They do hold the copyright, don't they? Perfectly legal. =)

So if a hacker sets a virus loose, it's bad...

[Peterus7 (607982)]

But if the MPAA does, it's okay.

However, they do have all right to do this in some respects. They are putting up crap on a P2P network, just like any other idiot. Still, what gets to me is the system in general. When a lone hacker writes a virus, he gets jail time. When a corporation writes a virus...

But then, what should P2P users do? If they're so serious about P2P, they'll either take the risk or find a new way of sharing files that finds the trojans and whatnot.

Although really, I'm suprised the government isn't stepping in right abou... Wait, nevermind.

This is great!

[AtariDatacenter (31657)]

No, really. It's like peeing in your own pool. You need DRM in order to sell music to people and to "control the rights". But at the same time, they're using DRM to attack people who are outside the system. So it kind of makes you feel unsafe about using DRM in the first place. Life is better outside of the DRM system.

BTW, I remembered the option for something like "automatically download rights management software" when installating Windows Media Player, what, 10 is it now? I hesitantly clicked yes. Now that I've done so, I can't find an option inside of the program to say no. Odd.

So Scary!

[jonathonjones (844293)]

What many of you seem to fail to realize is that the purpose of this has nothing to do with actually damaging computers. Rather, what the recording industry is trying to do is stop people from using P2P. And they do this through fear. That's why they do the suing (your chances of getting sued are minimal, but plenty of people get scared and stop downloading). Now, plenty of morons (for who else would this tactic work on?) will hear that downloading music can give you viruses and adware - rumors will fly wildly.

At least, that's their hope. We'll see whether it works.

Not what you probably think

[t_allardyce (48447)]

This is pretty old and not a 'binary-payload' issue with WMA files, more of a good old IE flaw. Windows media format has the ability to launch a web-page from a media file (i think it actually forces IE, not your default browser which is a violation of the anti-trust crap). Obviously this is just an instruction in the file and a patch could pretty easily turn it off, once the page is opened (in our favourite browser) the skys the limit. You could also disable this by filtering all windows media files through some program that took out the call, if anyone knows of the program or file format that would be cool?

Obviously no one with any know-how actually uses this format, but sometimes the file you want is in it, just be sure to play WMV/A files offline until you find a patch for Windows media player.

DRM & WM commands

[ermon (845186)]

WindowsMedia files have a command stream as well as audio and video streams. This command stream can do all sorts of bad things (such as open web pages) at specific points in the timeline. You can easily remove it using various windows media editing tools (and by creating a directx graph that doesn't use the connect stream). However, there are two points to remember here: 1) You can't edit a DRM-protected WM file, and therefore can't delete the stream (I think it is still possible to play it w/o the command stream, tho) 2) What seems to be going on here (according to the article) is that the DRM mechanism itself is used for the pop-ups, rather than the command stream. The way the DRM in WM acquires a license is by connecting to a licensing site and basically executing a URL - This is where the pop-ups/Xware come from, not the command stream. It is interesting to note that while WMP has an option to turn off 'automatic acquisition of licenses', in my experience that option does not prevent WMP from accessing license acquisition URLs. The only ways I found to stop WMP from doing that was to put IE in 'offline mode' and/or block the DRM URLs on a proxy server.

Terrorism

[mikiN (75494)]

n. [reference.com]

The unlawful use or threatened use of force or violence by a person or an organized group against people or property with the intention of intimidating or coercing societies or governments, often for ideological or political reasons.

How is what the **AA are doing (hacking into music downloaders' computers and installing malware to further their cause against piracy) any different?
If this is the way they think they must do business, lets give 'em h*ll!

Er, anyone have proof/confirmation?

[moyix (412254)]

The one thing that I find strange about this story is that try as I may, I can't seem to find any information from the "usual" security sources about exactly how this works--as far as I can recall, bugtraq and full-disclosure haven't touched these. Moreover, the only articles about this are the p2pnet one and the PC World one--and the former appears to be derived from the latter.

Both articles are also oddly vague--"security experts" are mentioned, but no specific names dropped, and there are no technical details given at all.

Can anyone provide independent confirmation of this? In particular, if you have details of how one can embed executable code in a wma or provide a sample of such code, please send them my way via brendandg [at] colby.tjs.org

How to disable

[Hoch (603322)]

If this is scripting, which it sounds like, it can easily be disabled. Disable Windows media scripting [winguides.com]. This will disable videos from opening webpages and such. Nice. The article is vague, but this is what it sounds like. The webpages, would then load spyware through normal ie holes.

The law doesn't apply to them

[HangingChad (677530)]

Why on earth would the MPAA care about sabotaging some little scrunts computer? Look who they're trying to hire as a lobbyist:

"Tauzin, when he was chairman of the House Energy and Commerce Committee earlier this year, negotiated to take jobs with two major lobbying groups, the Motion Picture Association of America and the Pharmaceutical Research and Manufacturers of America; he just took the PhRMA job."
Source: www.msnbc.msn.com/id/6771489/

They're hiring former Congressmen and Committee chairman. lol. They can buy their way to the kind of clout it will take to get their sweetheart legislation through our Congress, which is more than happy to sell the America public if the donations are high enough. Lobbyists are expecting to spend 2 billion dollars this year.

Don't complain, you elected them. And the first thing they do is loosen up the ethics rules so they can bone the taxpayer even more blatantly than they already are.

This is what the red state mentality considers good government. Chumps.

UK Computer Misuse Act.

[Martin Spamer (244245)]

This like all Malware is a very clearly against the law in the UK and most of Europe. The UK Computer Misuse Act makes it a criminal offense for a person to

"causes a computer to perform any function with intent to secure access to any program or data held in any computer"
Computer Misuse Act 1990 [hmso.gov.uk]

Depending on what the Company does with the data obtained they are likely also be in breach of the Data Protection Act 1998 [hmso.gov.uk] which allows a £5,000 fine for each person offended against.

Similar legislation exists throughout Europe [eu.int] as part of the Information Society Policy Framework [eu.int] agreement.

Dear MPAA:

[kiddailey (165202)]

<sarcasm mode>

Dear MPAA:

Please let me take a moment and thank you for the immensely enjoyable evening my girlfriend and I had last night while going to see "Lemony Snicket's A Series of Unfortunate Events." Amusingly enough, our night out was far from unfortunate! In fact, it was so wonderful that I thought I'd write to you about our experience.

The theater parking lot was packed full and we drove around for a good 5 minutes looking for a spot so we had time to enjoy playing a game of "find license plates from every state in the U.S."

I had brought $30, but the movie tickets were only $18.00 for the two of us, and only $8.00 for the slightly stale, oversized small popcorn and bottled water for us to share. I saved a whole $4.00, which was more than enough to pay the expressway tolls on the way home!

We got to the theater early enough to enjoy 10 minutes of pre-show slides that told us all about our local businesses and special offers they were having just for us. And after that, we got to see another 10 minutes of commercials that we had never seen before. Imagine our surprise when our luck hadn't ran out and we got to see 10 more minutes of new movies that we'll get to see in the coming months!

The excitement and anticipation for the movie to start was almost unbearable when it finally did! The movie was definitely had some unique aspects and we really loved the credits at the end of the film -- which was very fortunate indeed as it gave us a moment to stretch our backs which were a little sore.

Oh, I almost forgot to mention that people were much better behaved than usual too. There were only a few people that constantly coughed during the movie and only a few more that talked on their cellphones or just talked about the movie to their neighbors almost quietly enough so as not to hear. One individual was actually entertaining during the pre-show as he walked down the isle staring back at people and sternly yelling "What?!" to everyone that made eye contact.

Thank you again for providing such quality entertainment that rounded out a wonderful evening.

Sincerely,
A happy movie-goer

</sarcasm mode>

As sad as it is, all that really happened...

You don't have to be even mildly coherent to understand why people are downloading/trading movies.

Re:Virus??

[eln (21727)]

I don't know, the MPAA and RIAA have done a pretty good job of convincing the public that pirating music and movies is basically the same as grand theft, and therefore perpetrators deserve everything they get. They have been remarkably devious in their propaganda.

For example: My son watches a lot of Disney Channel, and on that channel there is an animated show called the Proud Family. On this show, about a year or so ago, there was an episode that involved the daughter of the family downloading music. It was 100% blatant propaganda, complete with the corner record store going out of business, and people there losing their jobs, because she downloaded music. It truly made me sick to my stomach that such ridiculous propaganda was being so shamelessly peddled directly to children.

The "average user," and especially the media, is already convinced that p2p is synonymous with illegal activity, so this is unlikely to raise much of an uproar outside of the geek and college student communities.

Re:Virus??

[madmancarman (100642)]

The "average user," and especially the media, is already convinced that p2p is synonymous with illegal activity, so this is unlikely to raise much of an uproar outside of the geek and college student communities.

The media may be convinced that p2p is synonmous with illegal activity, but they love scaring viewers by "exposing" crimes that may be happening in your neighborhood! Right next door!

However, the "average user" is much more concerned with their pocketbook than with nebulous notions such as "intellectual property" and "digital rights management". When I bring up the subject to family members, friends and students, their eyes just sort of glaze over. I honestly don't think the average person gives a shit about copyright. The only people who care are those who make money by creating copyrighted works, and those who market/produce/protect those works.

At the high school where I teach and do tech support, the first RIAA lawsuits a few years ago sent a number of students and teachers scurrying to me to see if they might be in trouble for downloading music. My two favorites were the stoner kid who didn't realize he was sharing 4000+ songs on Kazaa, and the evangelical principal who subscribed to Roadrunner for the sole purpose of downloading Christian music (illegally).

The RIAA/MPAA fight is not one that they can ultimately win, because the rules have changed with the ease of copying. They should really look to the model that Scott Kurtz of PVP [pvponline.com] and Epitonic [epitonic.com] - give the content away as a means of promotion, then make your money selling related items such as t-shirts, books, concerts, etc. Sure, books and videos can also be pirated, but until they're as easily accessible as music is via an iPod or something similar, there's still money to be made. Hell, most bands make their money on tour from t-shirt sales.

Anyway, don't think for a second that the "average user" thinks p2p is "wrong" - most users I've encountered are just annoyed that it isn't easier to find things.

Re:Virus??

[eln (21727)]

A failed business model is one that fails to generate a profit. If no one paid for CDs at their current price, but everyone downloaded them, that would not mean people are "too cheap," it just means that the demand for CDs only exists at a lower price point than the supplier is trying to sell them at. If the prices are lowered, sales would increase.

Of course, if there is an easy way to get a product free, people are unlikely to demand it at any price other than free, and so the business will fail unless it can either stop the free distribution of its products, or start selling products that are more difficult to distribute for free.

Under these criteria, the model of selling content that is easily obtainable for free IS destined to fail, whether demand exists or not, since the demand exists at a price point (free) that is by definition unable to generate profits. This is why these organizations are so afraid of filesharing. They can't figure out a way to maintain their current business model, and they haven't figured out a viable alternative business model, in the presence of filesharing.