How To Frame a Printer For Copyright Infringement 325
An anonymous reader writes "Have you ever wondered what it takes to get 'caught' for copyright infringement on the Internet? Surprisingly, actual infringement is not required. The New York Times reports that researchers from the computer science department at the University of Washington have just released a study that examines how enforcement agencies monitor P2P networks and what it takes to receive a complaint today. Without downloading or sharing a single file, their study attracted more than 400 copyright infringement complaints. Even more disturbing is their discovery that illegal P2P participation can be easily spoofed; the researchers managed to frame innocent desktop machines and even several university printers, all of which received bogus complaints."
Glad it's in a reputable media source (Score:5, Insightful)
Too flimsy (Score:5, Insightful)
1. IP addresses can be spoofed.
2. IP addresses assigned by DHCP will not always be assigned to the same MAC address.
Then there's a lot of hand-waving and implications that there's also all kind of other likely flaws in the methods used to find out who's participating in file-sharing.
The worst part of it though is how they throw in the whole thing of "we weren't actually downloading or sharing anything". No, they were just connecting to the tracker. And of course, everyone knows "pirates" commonly connect to torrent trackers to do nothing.
This bothers because if anyone were to point out how weak this case is in main-stream media, it could end up doing more harm than good.
We need some heavy ammo to shut them down, and I'm afraid this is not it.
Re:PC LOAD MUSIC (Score:5, Insightful)
Re:Glad it's in a reputable media source (Score:5, Insightful)
I think there is another reason to be glad that is more important than being in the media, IMHO. An NSF grant-backed publication from a large research institution will carry some weight in court.
IP address spoofing has been invoked by the defense in previous lawsuits to attack the prosecution's investigation methods, however, this assertion has always had to be provided by an expert witness. A scholarly publication backed by the U of W and the NSF will bolster this point. It might even stick with a jury (who knows). Anyway, this will come in handy in the courtroom, I think.
Re:Too flimsy (Score:5, Insightful)
Well, it does two things.
First, it shows that you can get a subpoena for not actually doing anything illegal. Presumably, connecting to a tracker isn't illegal.
Second, it begins to dispel the myths that the content holders have perpetuated about how they actually gather their evidence and if the collection methodology is valid.
I think actual University research which is covered by the NYT might be an awful good start. It's by no means everything that needs to happen, but starting to establish that their data collection is faulty is better than nothing.
Cheers
Re:Too flimsy (Score:5, Insightful)
Remember, innocent until proven guilty. They aren't even trying to actually determine this.
Re:Too flimsy (Score:5, Insightful)
Re:Too flimsy (Score:5, Insightful)
Re:Big surprise! (Score:2, Insightful)
Re:Big surprise! (Score:5, Insightful)
You would be investigated, but if the only evidence presented at the case was the odd behavior you would be found not-guilty. The MPAA/RIAA use the odd behavior as not only the probable cause to investigate but also as the evidence to prosecute.
Re:has the mafiaa ever fought an IT guy?YES (Score:3, Insightful)
'home users' (even clueful ones) often don't keep 'logs' of AP activity. or, they simply roll-over and over-write log data, like a circular buffered log would do.
I keep intrusion logs from my firewall but that doesn't log ALL activity, just break-in attempts. and if you run an open AP that is outside your firewall (as is prudent to do) then there is no NEED to keep a log on that - its 'open' afterall. and if they want to get into your private LAN they need to jump thru your firewall just like any other traffic from the WAN would.
I have no logs other than simple unix syslogs (on my unix boxes) and some firewall logs intermixed (remote syslog). I would hope that simply NOT having 'logged all data' would not be held against me (?). home network users should not be held to ISP level logging and accounting standards.
my defense would be to compel THEM to show definitive data and not just that torrent was running (I could be grabbing the latest linux
if its mandatory that home users keep detailed logs, then this is a huge jump over what expectations we have right now about 'home computer users'. I wonder if expecting home computer users to be experts (keeping detailed logs to SHOW their innocence) is reasonable in the eyes of the court?
finally, if you run a home NAT then simply saying IP of a.b.c.d is just not enough. and most users do run some kind of NAT device in their home networks. its really hard to see how a single IP could back-point (so to speak) at the device that is being NAT-mapped.
Re:Too flimsy (Score:4, Insightful)
Re:Is this safe? (Score:5, Insightful)
What? Conspire to subvert the legal system, and come close to perjury? I say, bring it on and let the jail terms fly.
Presumably, the EFF would vet their people, but I should think intentionally doing what you suggest might get you some kind of sanctions.
Then again, your cynicism might not be completely unfounded. Which, is a depressing thought.
Cheers
Re:Ridiculous! (Score:5, Insightful)
Re:Too flimsy (Score:3, Insightful)
Slashdot: accept no substitutes (Score:1, Insightful)
Now if only they could get rid of the big green splotches all over the pages.
Re:Too flimsy (Score:3, Insightful)
The reason is to prevent an "I was framed!" defense as much as preventing framing innocent parties. It's not unheard of for people to plant evidence of their own guilt. Discredit the planted evidence and most people will (reasonably) have a lot of doubt about the rest of it.
Easier Way to Frame someone (Score:4, Insightful)
Re:Too flimsy (Score:3, Insightful)
What I did miss was their explanation in the article on exactly what they did to get the printer implicated.
Re:Too flimsy (Score:3, Insightful)
I.e. linux distro trackers surge in the hours following a release, the curves for TV shows, movies, games, books, whatever.
So long as you don't claim you didn't download anything you have committed an error of omission, not a factual lie (IANAL), assuming you did download the torrent in question. However, so long as you didn't download that particular item you could in-fact claim you did not.
Might even be helpful to release an oss tool that simply connects to trackers and compiles this kind of data, if enough people ran it (distributed ap?) you could vastly increase the noise level.
-nB
Re:You're on to something there (Score:1, Insightful)
Subtlety is not required - brute force it (Score:4, Insightful)
An interested party could figure out a judge's address. And when you've got that then you'd know who their potential local providers are. And once you know those you know the range of possible IP addresses. And once you've got that - brute force. Ping everyone. Any return ping gets a spoofed false positive. Or if you're of the 'nuke it from orbit' mindset, false positive the whole subnet.
Piece of cake. If someone were so inclined, that is. Not that I'd advocate anyone ever doing this, of course. Oh heavens, no.
Re:Too flimsy...not really (Score:1, Insightful)
This just in (Score:3, Insightful)
There. I just saved you 7 pages of walled text.
Re:Is this safe? (Score:3, Insightful)
Your point makes me wonder if in this day and age we don't need non-biased experts in the same way we need non-biased jurors. I would propose that each court district should have and online listing of which experts are needed, and volunteering to fill that need would fulfill one's jury service obligations.