Forensic Investigator Outlines BitTorrent Detection Technology 193
NewYorkCountryLawyer writes "In one of the many BitTorrent download cases brought by pornographic film makers, the plaintiff — faced with a motion to quash brought by a "John Doe" defendant — has filed its opposition papers. Interestingly, these included a declaration by its 'forensic investigator' (PDF), employed by a German company, IPP, Limited, in which he makes claims about what his technology detects, and about how BitTorrent works, and attaches, as an exhibit, a 'functional description' of his IPTracker software (PDF)."
Track me (Score:2, Funny)
Re:Track me (Score:5, Funny)
Only the old farts....
00:00:00:00:00:00 is where the hip anons lurk.
Re:Track me (Score:4, Funny)
IPTracker Based on Shareaza 2.4.0.0 (Score:3, Insightful)
Wouldn't that mean that it is subject to the GPL since it is derived from a GPL based product? So, let's see the source.
Re:IPTracker Based on Shareaza 2.4.0.0 (Score:5, Informative)
Re:IPTracker Based on Shareaza 2.4.0.0 (Score:5, Insightful)
I dunno about that. If something is GPL'd and being used in the courts to prosecute me, hell, even if it's closed source I want to see the source so I can tell whether or not it's tampered with.
We already do this with other forms of evidence gathering tools, it should be the same with data gathering tools.
Re:IPTracker Based on Shareaza 2.4.0.0 (Score:4, Funny)
Coca-Cola made me sick. Let's see the recipe! Come on...
Re:IPTracker Based on Shareaza 2.4.0.0 (Score:4, Informative)
Sure but this would be the same whether it was GPL'd or not. I seem to recall a breathalyzer lawsuit awhile back where the closed-source designs to the breathalyzers were subpoenaed by the defendants.
You're correct. There's some info on that right here. [broward-dui-lawyer.com] (I'm too lazy to look for another link.) But, something interesting I bumped across while reading one of the lawyer quarterlies. Is increasing amounts of digital evidence is being applied to the "hearsay" rule, because the technical understanding of said evidence is beyond the general scope of the court without an expert witness to explain it. Though to a point, the quarterly was two years old, so how accurate that is today I have no clue. And that was from Canada.
Re: (Score:3)
I2P/Freenet (Score:5, Insightful)
Try tracking us there.
Good luck.
Re:I2P/Freenet (Score:5, Informative)
Try tracking us there.
Encrypt all you want. Traffic analysis still screws you every time. The network tries to keep latencies low, so it forwards whatever it receives onto the next hop as soon as it gets it. If you're monitoring the source and the destination, then when it gets decrypted at the destination, you can correlate that with the traversal time through the 'black box' of Tor, Freenet, or whatever... and viola, you know who sent it, when, and what it was.
This is a known problem. It's discussed at length on EFF's website. If your connections are made in bulk, at regular intervals, instead of interactively, then it's a lot harder to do traffic analysis if all the other nodes exhibit the same behavior. But as long as you're trying to be anonymous by simply using a series of proxies that are set to store-and-forward... you're still screwed.
Re:I2P/Freenet (Score:5, Informative)
Read up on how Freenet works and you will see its not just about data encryption. Due to how it routes, and that data chunks are scattered about It also hides the source and requestors to the point that even if you are on the same LAN and sniffing packets directly you wont know for sure. Sure you can be caught using it which could be a legal problem for you depending on where you live, but they wont know if you are doing the requesting of file parts or you are just passing requests along.
I2P i believe has something similar in place but i'm still learning how their stuff works.
Re: (Score:3, Insightful)
It's still just extra obfusciation. You can't hide the fact that data leaves and arrives at certain times, and each node forwards data as it receives it... if you can monitor the traffic, you can derive from that who's talking to who, whether you know what the traffic is or not. And somewhere, either at the source, or the destination, is a decrypted copy. Since the US government already monitors all traffic that occurs domestically, this kind of analysis is already practical and being used right now.
Don't
Re:I2P/Freenet (Score:5, Funny)
I saw someone on Facebook complaining about the government tracking them online.
Re: (Score:2)
What's even worse is the government is tracking sales of tin foil so they know who has their hats ready.
Re:I2P/Freenet (Score:5, Interesting)
Which is why some p2p software, such as WASTE, has modes where it will always load links wether or not there is real traffic.
If the arms race goes on, we'll end up with a constantly saturated internet with only random connections sending apparent random data, leaving any actual signal indistinguishable and drowned out by the massive amounts of random noise.
Re:I2P/Freenet (Score:5, Funny)
Which is why some p2p software, such as WASTE, has modes where it will always load links wether or not there is real traffic.
If the arms race goes on, we'll end up with a constantly saturated internet with only random connections sending apparent random data, leaving any actual signal indistinguishable and drowned out by the massive amounts of random noise.
It's called /.
Re: (Score:2)
Not true. Such analysis is foiled by the fact that each note re-encrypts each packet and bundles bunches of them together. Even if there are no other packets available at the time the node can simply add junk data to pad things out. You see some packets go, each one possibly a bundle of more than one that but there is no way for you to tell, and see a different and uncorrelated load go out.
Tor already does this.
Re: (Score:2)
Re: (Score:3, Informative)
Freenet sends constant same size chunks. There's no way to tell if you're actively downloading something or not because the node's activity is always the same. Same upload/same download. When it's not fetching stuff for you it's fetching stuff for storage, when it's not uploading your stuff it's uploading "random" stuff from storage. At least that's my understanding of it.
Re: (Score:2)
Re: (Score:2)
I know of none that send large amounts of "random" data large enough to cover any peaks of real data, allowing information to be learned about the peaks, if nothing else.
That sounds like a new project. Bury the signal in noise.
Re: (Score:3)
"You aren't understanding how the Internet works. If you had taps on all nodes at the same time and the data was encrypted end to end, then you would still be able to "see" who sent what when"
so if you do something impossible, you can then do the impossible.
Taps on all the exit nodes... That's the same as counting all the grains of sand on the beach.
Re:I2P/Freenet (Score:5, Interesting)
No, it really, really isn't. You apparently don't know the first thing about freenet, yet feel that you somehow know enough to spout off about it. If I insert a file into freenet, it is split into many parts and distributed randomly to other freenet nodes. When someone requests that content, there is a reasonable chance that they won't get even one chunk of data from my computer. Monitoring all of the traffic between nodes buys you almost exactly nothing.
Re: (Score:3)
First, being able to capture packets doesn't equate to being able to capture realtime statistics on those packets at any given moment. It takes a large amount of hardware and coordination to do that for even a relatively small bitstream... trying to do it to everybody and everything would require more resources than the human race currently possess.
Second, it *is* possible to use secure protocols that make this technique useless. Tak
Re: (Score:3)
o_O Already exists in Europe: It's called the Data Retention Directive. This exists now. Today.
Do you have any references on a contry that has actually succesfully implemented the DRD? I know Germany has declared it unconstitutional, and here in Norway the "launch date" has been pushed back to infinity (it seems), as politicians and ISPs can't agree about who's going to pay the bill (and how large the bill is going to be).
Also, from my understanding of the Norwegian implementation, the DRD only requires logging cellphone and ordinary phone traffic, when you connect/disconnect to 3G or DSL/cable, a
Re: (Score:2)
o_O Already exists in Europe: It's called the Data Retention Directive. This exists now. Today. And it requires very much less than "all the resources of the human race". In fact, it merely requires an extra 1U unit here and there at the border routers for major ISPs, and sometimes an extra fiber link to duplicate traffic.
I am European, not sure you are.
Anyway as I understand it the DRD does not require ISPs to store the actual data, just the header information, so it only stores information about who is talking to who and not what they are talking about.
At least that is my understanding.
They do the same for cellphones, call-logs have to be stored for a long time, same for SMS.
Re: (Score:2)
Waitor!!! What have you this evening in the way of skullmeats??? Why Monsieur, we have a lovely Pate cerveau de porc! Ummm, sounds yummy. Would you have anything primate perhaps... er Neanderthal? Sorry Monsieur, we are all out of Neanderthal, perhaps you could come by tomorrow evening as the chef might be willing to whip you up some nice Australopithecine?
Re: (Score:2)
You aren't understanding how the Internet works. If you had taps on all nodes at the same time and the data was encrypted end to end, then you would still be able to "see" who sent what when. You are assuming that "the network" is a cloud. It isn't. "cloud" doesn't exist.
Are you retarded? Every router, switch, etc., has port mirroring capability. Most of those pass through telecommunications equipment. That telecommunications equipment has taps built into it. That's what most of the internet is built on. They can tap it. They do tap it. They're building a nationwide infrastructure to capture all the IP header data at each point where it enters a telecommunications network. YES, THEY CAN DO THIS. THEY ALREADY HAVE DONE THIS. THEY DO THIS ALL THE TIME. Am I getting through your neanderthal skullmeats?
In this example, 'they' is the NSA, NSA has zero interest in Tor/l2p/Freenet. The amount of data taken in by the NSA is already massive as it is and they can barely process all of it, this is a known problem for them and has been somewhat widely publicized.
Right now, the NSA being an intelligence outfit focuses mostly on gathering intelligence related to foreign relationships (they have a long and proud history of eavesdropping on embassies and diplomats) and the hunting of terrorists. So yes, assuming they
Re: (Score:2)
They can tap it. They do tap it. They're building a nationwide infrastructure to capture all the IP header data at each point where it enters a telecommunications network. YES, THEY CAN DO THIS. THEY ALREADY HAVE DONE THIS. THEY DO THIS ALL THE TIME.
[citation needed]
See, we found it. Not hard.
**---__ FBI __---**
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
I think that same issue could apply in the UK, with added nastiness: Not only could you be prosecuted for having on your system, and/or producing/disseminating it, but you could also be thrown in prison for failing to decrypt any parts of it that are encrypted.
Oddly that latter part is the more serious concern, as it's quite hard to prove that an encrypted blob is of whatever form, so it would be tough for the prosecution to demonstrate that you did indeed have nastiness on your system.
Anyway, wouldn't th
Re:I2P/Freenet (Score:5, Informative)
that is why there is garlic routing. garlic routing is a modification of onion routing used by tor, what it does is bundle packets together so as to make traffic analysis useless. it does have greater latency but should not be a problem unless you are streaming
Re: (Score:2)
Try tracking us there.
Encrypt all you want. Traffic analysis still screws you every time. The network tries to keep latencies low, so it forwards whatever it receives onto the next hop as soon as it gets it. If you're monitoring the source and the destination, then when it gets decrypted at the destination, you can correlate that with the traversal time through the 'black box' of Tor, Freenet, or whatever... and viola, you know who sent it, when, and what it was.
This is a known problem. It's discussed at length on EFF's website. If your connections are made in bulk, at regular intervals, instead of interactively, then it's a lot harder to do traffic analysis if all the other nodes exhibit the same behavior. But as long as you're trying to be anonymous by simply using a series of proxies that are set to store-and-forward... you're still screwed.
TOR (and the rest of the darknets, I guess, I haven't tried them) really isn't intended for secure communication, it is intended for anonymous communication. In your example both destination and source of the messages are known which means that any hope of anonymity was lost from the start.
If you want secure communication then you need a extra encryption like a public key based algorithm or something like that.
Re:private trackers solved this long ago (Score:5, Insightful)
Only takes one person to sell out an entire private tracker.
Re:I2P/Freenet (Score:5, Funny)
GUID (Score:3, Interesting)
It is not possible that an allocated GUID is allocated to another user again.
I would look into this. As it is written it sounds, at least, misleading. Even if it is true this GUID thing for all P2P protocols (which I sincerely doubt), I would say that it should be spoofable directly or indirectly (compromising the machine if public key cryptography is used).
Re:GUID (Score:5, Informative)
It is not possible that an allocated GUID is allocated to another user again.
I would look into this. As it is written it sounds, at least, misleading. Even if it is true this GUID thing for all P2P protocols (which I sincerely doubt), I would say that it should be spoofable directly or indirectly (compromising the machine if public key cryptography is used).
He is technically correct, assuming that the act of "GUID allocation" involves the correct use of a valid GUID generation algorithm by the software in question. That said, as you noted, it's remarkably easy to spoof such a GUID (in this case). His statement implies that a GUID positively identifies a user, which it does not, and is thus a misleading statement.
Re: (Score:2)
He is technically correct, assuming that the act of "GUID allocation" involves the correct use of a valid GUID generation algorithm by the software in question.
The 'random' method is a valid GUID generation algorithm, defined by the relevant RFCs. It basically consists of picking random bits, and packing them with an indicator that the GUID was generated randomly. It is entirely possible (although extremely unlikely in absence of failures in the random number generation algorithm) for two identical GUIDs to be produced.
Read their software specs (Score:5, Interesting)
I've read their software specs. Seems they have some typo,
The data can only be decoded and used by the responsible lawyer, only his software contains the deciphering method and this one one in this case also secret (called "public") key.
Seems at least that one typo. At least I *hope* that's a typo.
... it is not possible that an allocated GUID is allocated to another user again.
Same could be said about MACs, and cell phone ID numbers. No one ever clones those!!!
So it seems, by their reasoning, if you go on a P2P network and clone someone else's GUID, well, then I guess the other party must be guilty, no?
Seems that even if you use Bittorrent or similar to only download Linux distros or even WoW patches, someone can just clone that and use it and then they will just send the innocent the bill?
Re: (Score:2)
My GUID seems to be faulty, an I borrow yours for a bit?
Re: (Score:2)
No, I don't think it is a typo. The author doesn't understand public key cryptography, which is startling as the system appears to rely on it as its guarantee of the validity of the evidence chain.
The document contains a number of dubious claims of the effects of its cryptography, including the notion that a key embedded in the software and used for signing the evidence as it is discovered is a secret key, and that the process of signing cannot be replicated without using the software because only the soft
Hmm. Claims to get a screenshot. How? (Score:2)
Reading the description, his application claims to get a screenshot of the "offending" computer.
How? I can't imagine that any of these P2P applications include such functionality.
Re:Hmm. Claims to get a screenshot. How? (Score:4, Insightful)
How? I can't imagine that any of these P2P applications include such functionality.
They don't. This guy might be a programmer, but he's got bricks for brains when it comes to proper terminology.
Re: (Score:2)
Re: (Score:2)
"They don't. This guy might be a programmer, but he's got bricks for brains when it comes to proper terminology."
That's not what the description said. They capture a screenshot of the MONITORING computer, which is displaying data that is presumably evidence.
That's why it goes on to say that data that is not relevant to a particular infringement is blocked from the screenshot.
Re: (Score:2)
That was the only way I could see it made sense.
But the image on page 5 seems to directly contradict this view - it strongly suggests that the screenshot comes from the client.
Re: (Score:2)
"Why on earth there would be need for this mechanism, I can't imagine."
There isn't. These people have historically inept at trying to produce what amounts to actual "evidence" in court. Apparently they are still struggling with the concept.
Now that court after court has ruled that an IP address does not identify an individual, they're still trying to use IP addresses to do that very thing.
From the description: (Score:2)
Re: (Score:2)
They also have an RSA key, which is super secure at 4096-bit...except they include the raw key in a compiled library with the software. Gee, let's see how long it takes me to find this key with my trusty decompiler and a good CS education.
Hash Collisions (Score:3)
TFA states that BitTorrent uses "the so-called BiTH" hash alogorithm. Basically, his software doesn't look at filenames, it compares hash values to determine if a downloaded file is infringing.
Perhaps a defence would be to argue that a hash collision had occurred.
Re: (Score:2, Insightful)
Doubtful. It doesn't fly in normal court and it won't fly here.
Does The IPP Company Exist? (Score:5, Interesting)
Does this so-called "IPP" company in fact exist at all? I've had a cursory glance on Google, but didn't find much of interest.
German companies are not called Limited or Ltd. if they are indeed "governed by German law", as claimed in the court declaration. Under German law it should be called "IPP GmbH". I would normally assume a "Ltd." company was based in the UK, on one of their islands or somewhere far away from Europe in general.
IPP seems to be a fairly common name in the German business register (Unternehmensregister), but none of them seem to be the company in question? Does anyone out there have further information?
Re: (Score:3, Informative)
Found their website for you: IPP International Unternehmensgesellschaft [ippint.de]
Lesser Form (Score:3)
Thanks, after looking it up in the business register I see it's formally "IPP Int UG" (i.e. haftungsbeschränkt or almost the equiv. of Ltd/LLC).
In other words this is the "light version" or less serious company form, founded with €1 in capital, i.e. not a very serious business [in my and the bank's opinion].
Well (Score:2)
Truth be told, the private copyright cops have no reason to lie or cheat. What they are doing is quite easy and straightforward. All they have to do is hit a major torrent site like TPB, click a tracker with their hacked version of an open source bittorrent client, and save all the IP addresses in the swarm. The rest is just meaningless fluff that costs stupendous sums of money. The IP addresses they record are by PREPONDERANCE OF EVIDENCE (meaning at least a 51% chance) guilty of infringement. 51% cha
Re:Well (Score:5, Insightful)
Sure they do. Since this is really just an elaborate extortion racket, the more IPs they deliver to their clients, the more they get paid. Their clients just file a bunch of John Doe lawsuits and hope for settlements. The more IPs they have, the more possible settlements -- false positives be damned.
Re:Well (Score:5, Informative)
Indeed. My understanding of the situation (having followed some of these cases etc., including attending court hearings) is that the tech companies get paid by the IP. Most other parties involved (the copyright owner, the legal team, the holding company that brings the case) get either a percentage of net profit, or a fixed fee. As such, it's in the tech. groups interests to provide as many IPs as they can, as cheaply as possible.
This is why they have been known to cut corners (such as just scraping a list of IPs from a tracker, rather than checking that any given IP is actually sharing the file at the particular time), or spend too much time actually looking into the technology. Interestingly, an "expert witness" in a recent English case noted that he"did not have [the software he was testifying with regard to] installed on his computer, and did not concern himself with how it worked").
In the ACSLaw leaked emails, one thing that was noted was that around 1 in 4 IP addresses that had been identified as infringing weren't even assigned by the ISP at the time when the alleged infringement occurred. That statistic, to me, suggests that something is pretty screwed up is going on with data gathering.
Re: (Score:3)
Suggests ACS were just scraping IPs from the tracker without validating they actually had the data. Trackers often have large proportions of stale addresses.
Re: (Score:2)
This assumes that false positives are costless. They aren't. Think: attorney's fees.
Re: (Score:2)
This assumes that false positives are costless. They aren't. Think: attorney's fees.
Then obviously the only solution to this problem is to make all attorney's free of charge. We have a large population of convicts that instead of stamping license plates, we can force them to be free attorney's to pay for their crimes, and they already have experience in the courtroom!
Re: (Score:2)
Do you have a newsletter?
Re: (Score:3)
"The IP addresses they record are by PREPONDERANCE OF EVIDENCE (meaning at least a 51% chance) guilty of infringement. 51% chance is a pretty darn low threshold to reach, and we know that millions of people occasionally pirate, so legally it's an open and shut case."
Not true. Since the courts have ruled that an IP address does not identify an individual -- and in some cases not even a household -- then your 51% gets cut down to more like 25% or possibly even less.
Oh REALLY.... (Score:2)
To guarantee the immutability of the data, IP, date and time is signed with a private 4096 bit RSA key. The RSA key is included internally in the IPTRACKER program using a precompiled library and cannot be read or used elsewhere.
Challenge accepted. Now where do I pirate IPTRACKER from?
Re: (Score:2)
From their truecrypt-encrypted hard disk on a single machine in a secure location. Internet-connected, of course, but one presumes it's firewalled. Still, you may get lucky trying to exploit bugs in their network handling code when they randomly connect to your machine to see if it has data they're looking for. They don't sound competent from their description of how the system works.
Plausible Deniability... (Score:5, Interesting)
So in all of these cases, as a technical person, I can't help but wonder how they're connecting an IP address to positive evidence of a specific person's deliberate action. There are countless plausible scenarios where a person can own a number (IP address) involved in a crime and yet not themselves be aware of or involved in said crime. Some examples are:
In all of these scenarios, the crime could have been committed without any knowledge of the defendant. In some of these scenarios, the defendant has little-to-no chance to detect or thwart the crime. How does any lawyer convince any judge or jury that the person on trial committed a crime in light of this?
From a defensive point of view, what is the minimum number of compromises that one should run in their own network to provide themselves with sufficient plausible deniability from this type of thing?
Furthermore, from an activist's point of view, imagine someone built a malware variant that monitored browser usage (Google, Facebook, etc.) for movie names and automatically downloads movie titles that were mentioned to a secret directory? I've now got a piece of malware that automatically, without any user knowledge or intervention, downloads illegal files that that user is interested in. What if the malware downloads new movie releases instead by monitoring public release knowledge bases [wikipedia.org] for titles? Is being infected by such a malware enough for innocence? If enough people are thusly infected would the entire concept of using IP subpoenas for prosecution fall apart?
Just food for thought. I'd really like to know how someone can be held criminally-liable unless the prosecution caught them using the illegal file or captured an attributable confession.
Re: (Score:2)
As a quick follow-on regarding "preponderance of evidence" (and legal burdens of proof [wikipedia.org] in general) mentioned in another post: If I'm infected with a downloader malware, or if I have an open WiFi point, I could argue that this points to the likely scenario being that I didn't download anything illegally.
In the case of downloader malware, if someone finds stolen art in my basement, and, upon further investigation, discovers that someone else has built a hidden tunnel into my basement and used that area to sto
Re: (Score:3)
So far my understanding of the sequence of events is:
Re: (Score:3)
(A) First, the procedure. You have items (1) and (2) right, but it has almost never gotten to (3), and that will probably happen even less in the future. Why? Because the courts have finally realized (and so ruled) that an IP address does not identify an individual. You can't prosecute a neighborhood or a house or even a family. You can only prosecute individuals.
(B)
Re: (Score:3)
Just want to chip in a bit with respect to "it is not a crime". A lot of people think that because it is illegal it is a crime. But there is an important distinction. In a crime, the *state* charges you, takes you to court, etc. Also you can go to jail. Civil infractions like copyright infringement are pursued by the party that was damaged, not the state. Your punishment, should you lose the court case, is financial -- You won't go to jail and you won't have a criminal record. This is also why it is
Re: (Score:2)
But even if the statute allows "punitive damages", we still have the principle that the punishment should fit the crime.
So... if the "damages" are $1, maybe a "reasonable" punitive measure would be to charge 10 times that: $10.
Nowhere else in law are punitive damages set to such an outrageous multiplier of the actual damages. THAT is a crime.
Re: (Score:2)
> If copyright were returned to anything resembling a moral framework like the one I just described, do you think people would be pirating everything like they are right now?
Yup. The vast bulk of what is pirated today is less than 10 years from original release.
Re: (Score:2)
I don't even think Disney would disappear - it might get smaller, and they might have to come up with more, higher-quality works(and lower profit margins), but I doubt it'd really affect them. It could hurt the Home DVD market(Because lots of people don't have broadband or internet at all... and BluRays are too expensive media-wise) as more companies make compilations and sell them dirt cheaply, but hey, that's good for the consumer.
Re: (Score:2)
14 years, with a 14 year extension if explicitly requested is reasonable.
Re: (Score:2, Interesting)
Heh, I wrote your hypothetical "malware" for myself as a useful piece of software. Checks the Rotten Tomatoes new on DVD RSS feed, discards anything with a rotten score, uses Torrentz search API to search for a variety of strings, prioritizes blu-ray rip over DVD rip, more seeds over less seeds, user "verified" torrents over non-verified torrents, tries to weed out common strings that denote non-English languages "ITA", uses release year to resolve ambiguities, and then feeds the magnet link into uTorrent v
Re: (Score:2)
From a defensive point of view, what is the minimum number of compromises that one should run in their own network to provide themselves with sufficient plausible deniability from this type of thing?
Some ISPs provide this for the customers by giving them all secondary semi-open wifi networks. For example BT Broadband customers have their own private wifi network but the router also broadcasts a second BT OpenZone SSID that allows other BT subscribers to get internet access after logging in. Fon offers something similar. The deal is you provide free wifi to other subscribers in exchange of having use of the same service when you are out and about.
Can you prove I didn't have malware? What if I sold a computer recently - it must have been infected, since all of the ones you confiscated aren't - and wiped the disk prior?
Can they confiscate your computers? In the UK they can't
Re: (Score:2)
From a defensive point of view, what is the minimum number of compromises that one should run in their own network to provide themselves with sufficient plausible deniability from this type of thing?
Some ISPs provide this for the customers by giving them all secondary semi-open wifi networks. For example BT Broadband customers have their own private wifi network but the router also broadcasts a second BT OpenZone SSID that allows other BT subscribers to get internet access after logging in. Fon offers something similar. The deal is you provide free wifi to other subscribers in exchange of having use of the same service when you are out and about.
Can you prove I didn't have malware? What if I sold a computer recently - it must have been infected, since all of the ones you confiscated aren't - and wiped the disk prior?
Can they confiscate your computers? In the UK they can't because copyright infringement is a civil matter. They can ask to examine it and you can tell them to fuck off because the burden of proof is on them and you are not required to aid them in any way, other than sharing evidence you yourself intend to rely on.
Well here's the thing - assuming that they can, through some judicial voodoo, examine all of your computers and other systems, how could they ever hope to prove that you didn't have malware on your system at the time the alleged crime occurred that has since been removed (by itself or by you)? The burden of solid proof just seems impossible to meet.
Re: (Score:2)
The burden of solid proof just seems impossible to meet.
If it is a civil matter than they don't need solid proof, only "balance of probabilities" which is much easier to prove. Still way beyond what they can show though.
Re: (Score:2)
The defendant has (or had) a secure WiFi access point with secure credentials, but the password was cracked by someone using commonly available, easy to use open source security tools.
In one case it took me 20 minutes to crack somebody's WPA2. And no, the passphrase was not a common dictionary word.
Re: (Score:2)
Enough people will be found guilty/infringing/whatever to scare many others into compliance. This is worse than contempt of cop or contempt of court. This is contempt of big business. You have meddled with the primal forces of nature. And you will atone. [youtube.com]
What is written on silly old pieces of parchment and civics texts matters not a whit.
How to not be sued for copyright infringement (Score:2)
So all the user would need to do is introduce a commented-out line within the code of any downloaded file, in order to change the hash value, and essentially tell RIAA/MPAA to shove it.
Re: (Score:2)
That would completely break the torrent though. In practice if you do that, the torrent client will see that a portion of the modified file doesn't match the hash for that portion specified in the .torrent file and "repair" the file by re-downloading the "damaged" piece.
Re: (Score:2)
It cant prove who, but it can prove who's ISP account was used, and you can possibly claim that they are responsible as either they allowed it to happen, or didn't secure their systems properly.
Sort of like if you left your rifle on the front seat of your car, with the doors unlocked, and then it was stolen and used in a crime. You would be partially responsible too.
IP matching could also serve as enough 'suspicion' to be granted a warrant ( part of why they want this stuff moved to criminal court and not c
Re:Nothing new (Score:4, Informative)
Possibly, possibly not. Being a legal thing, this will vary hugely by jurisdiction, but in general I'm not aware of any contested case where an individual has been found liable, either jointly/vicariously, or through negligence, for the mere actions of another using their Internet connection.
A while back TorrentFreak looked into this, getting a couple of US lawyers to argue for [torrentfreak.com] and against [torrentfreak.com] this sort of liability. Unfortunately the "for" one only discusses negligence, and the "against" only looks into indirect and vicarious liability, so both could be perfectly correct...
This is where the tests for "negligence" come in (ignoring any statute law on the handling of firearms; obviously, where I'm from, possessing a rifle would probably be illegal in the first place). In common law negligence generally requires that there be some duty of care owed by the defendant to the claimant/plaintiff, that the defendant fell below the appropriate standard of care, which caused damage to the claimant that wasn't too remote.
Wrt allowing someone to use your Internet (or not securing it), it seems possible that there may not even be a duty in place (due to a lack of proximity, unless children are involved), and it would be easy to argue that the standard wasn't breached by simply having an unsecured or weakly secured network, or letting someone use a computer unsupervised (that would be far too onerous).
It would be an interesting, if pointlessly expensive, case to argue, and afaik, that hasn't been argued either in the US or the UK (the first article references a case, but I have a strong feeling that may be a summary judgment).
Re: (Score:3)
Perhaps, but having your electronics taken by the FBI for further analysis is usually enough of a pain in the ass that it might as well have been a punishment. And that of course assumes that you have nothing on anything electronic that would point to your guilt. As the linked PDFs claim, the vast majority of these cases when identified by IP address, and then served with a search warrant do indeed provide incriminating evidence.
You don't need beyond a reasonable doubt to get a search warrant, just just n
Re: (Score:2)
not really that would mean my collage, library, and local starbucks responsible for my torrenting which they are not.
Re: (Score:2)
Until its tested we don't really know. They may well be liable for what transverses across their networks.
Eventually that case will be heard.
I can say that a company can be held liable for what their employees do online.. so its impossible.
Re: (Score:2)
Re: (Score:2)
Hey, i dont proofread. its slashdot after all.
Re: (Score:2)
if they are liable then would it not fallow logically that the isp and everyone who owns a cable between my and my fellow pirates are responsible? i mean DMCA safe harbor protect them so would not the same apply to anyone allowing unfettered Internet access to others? but they don't want that because then they would have to prove you actually did copy the content they would have trace it two your MAC address but then i could simply be spoofing my MAC address. also if you have encrypted wifi then they would
Re: (Score:2)
"Until its tested we don't really know. They may well be liable for what transverses across their networks."
Yes, we do know, because it's a matter of statute.
I'm trying to remember the exact name of the statute. But the "electronic something something act" a few years back, passed by Congress and signed into law, specifically says that someone who provides internet access to others cannot be held liable for the actions of those others.
Most importantly, it very definitely does NOT say that it applies only to ISPs or ISP-like companies. It applies to anybody who supplies "access". And an open router is defini
Re: (Score:2)
Re: (Score:2)
In some cases, I believe so. However, this would still not necessarily provide immunity from a copyright infringement claim wrt downloading from the investigator (depending on jurisdiction). You probably wouldn't be able to get away with an implied licence, as it could be argued that it is common knowledge much of this stuff is unlicensed. The point might, however, go some way to limiting the damages awarded (and any equitable remedies) if it can be shown that the only person at the other end of the connect
Re: (Score:2)
It wouldn't matter, he would have permission from the copyright holder.
And if you are thinking 'entrapment', you had to go to him to ask for the file parts..
Re: (Score:2)
Hmm... what if every bittorrent transfer also included user-generated copyrighted material going the other direction... (say a doodle that the user created during program installation, or something). Then anyone downloading it should have explicit permission of the user, no? (e.g. them: ``you're downloading thiscoolmovie.avi''... you: ``wait, you're telling me you've illegally downloaded my copyrighted doodle without permission?'')
Re: (Score:2)
You can see the completion status of the torrent for other members in the swarm, you could confirm downloading by monitoring it over time. Swarm trackers could indeed flag each other as pirates - to get the longest and greatest number of connections to downloaders, they have to complete the torrent themselves first.
Re: (Score:2)
#6 - you're absolutely right, but the legal system stil doesn't get it
#15 - hell if I know
#16 - you're right again
#20. Right again, BT clients will block any peer that transmits too many corrupt pieces
#21 - receiving a complete file from any one user is extremely unusual in Bittorrent. The only way that will happen is if only one user has a full copy of the file (happens sometimes with old/rare torrents). Usually many users contribute different pieces of the file, this is faster for everyone.
Re: (Score:2)
Gnutella uses SHA1 to identify files in search results, and only uses TTH to verify downloaded chunks during downloading. SHA1 is usually used for the final file verification, hence the fact that you can occasionally end up with a file that looks good while it's downloading but is rejected after it finishes: you got given the wrong TTH when you requested it after connecting to a client and requesting a file by SHA1.