|
A Lawyer Would Like to Pick Your Brain Once Again |
|
Monday, July 02 2007 @ 04:51 PM EDT
|
Ray Beckerman of The Recording Industry vs. The People would like to ask you to look at a declaration that the RIAA has filed with the court in the case of Arista v. The Does -- the Does are college kids in Boston. Is what this declaration tells the court technically valid? Here's his request:
Is RIAA's Linares Affidavit Technically Valid?
In support of its ex parte, "John Doe", discovery applications
against college students, the RIAA has been using a declaration by its "Anti-Piracy" Vice President
Carlos Linares" (pdf) to show the Judge that it has a good copyright
infringement case against the "John Does". A Boston University student
has challenged the validity of Mr. Linares's
declaration, and the RIAA is fighting back. Would appreciate
the Groklaw community's take on the validity of Mr. Linares's "science". So, have at it, if you wish to lend a hand and this is an area you are qualified to analyze. It's about MediaSentry again. You'll remember the earlier request about that, which he found helpful. I guess this is happening often enough I should set up a new topic for such requests, Pick Your Brain.
I thought it would be a breeze to provide the text, but the PDF seems to have anti-me-doing-so properties, as only some words copy properly and others don't. It is infuriatingly idiotic, but I'm doing it by hand to fill in the blanks. Here's what I have so far: ***********************
EXHIBIT A
UNITED STATES DISTRICT COURT
DISTRICT OF MASSACHUSETTS
No
ARISTA RECORDS, INC., a California corporation,
UMG RECORDINGS, INC., a Delaware
corporation; BMG MUSIC, a New York general
partnership; CAPITOL RECORDS, INC., a
Delaware corporation; SONY BMG MUSIC
ENTERTAINMENT, a Delaware general
partnership; MOTOWN RECORD
COMPANY, L.P., a California limited
partnership; MAVERICK RECORDING
COMPANY, a California joint venture;
ELEKTRA ENTERTAINMENT GROUP INC.,
a Delaware corporation; LAFACE RECORDS
LLC, a Delaware limited liability company; and
INTERSCOPE RECORDS, a California general
partnership,
Plaintiffrs,
v.
DOES 1-21,
Defendants.
_____________________
CIVIL ACTION No.
____________________
DECLARATION OF CARLOS LINARES IN SUPPORT OF EX PARTE APPLICATION
FOR LEAVE TO TAKE IMMEDIATE DISCOVERY
I, Carlos Linares, have personal knowledge of the facts stated below and, under penalty of perjury, hereby declare:
1. I am Vice President, Anti-Piracy Legal Affairs for the Recording Industry Association of America, Inc. ("RIAA"), where I have been employed over six years. My office located at [redacted]. I submit this Declaration in support of Plaintiffs' Ex Parte Application for Leave to Take Immediate Discovery.
2. As Vice President, Anti-Piracy Legal Affairs, I am responsible for evaluating and contributing to online strategies for the RIAA, including oversight of the investigations into online infringement of copyrighted sound recordings. As such, this Declaration is based on my personal knowledge, and if called upon to do so, I would be prepared to testify as to its truth and accuracy.
The The RIAAs Role in Protecting Its Member Recording Industry Companies From Copyright Infringement
3. The RIAA is a not-for-profit trade organization whose member record companies create, manufacture, and/or distribute approximately ninety percent of all legitimate sound recordings produced and sold in United States. The RIAA's member record companies comprise the most vibrant national music industry in the world. A critical part of the RIAA's mission is to assist its member companies in protecting their intellectual property in the United States and in fighting against online and other forms of piracy. All of the Plaintiffs in this action are members of the RIAA.
4. As part of that process, the RIAA, on behalf of its members, retains a variety of services from outside vendors to assist with its investigation of the unauthorized reproduction and distribution of copyrighted sound recordings online.
2
The Internet and Music Piracy
5. The Internet is a vast collection of interconnected computers and computer networks that communicate with each other. It allows hundreds of millions of people around the world to communicate freely and easily and to exchange ideas and information, including academic research, literary works, financial data, music, movies, graphics, and an unending and ever-changing array of other data. Unfortunately, the Internet also has afforded opportunities for the wide-scale piracy of copyrighted sound recordings and musical compositions. Once a sound recording has been transformed into an unsecured digital format, it can be copied further and distributed an unlimited of times over the Internet, without significant degradation in sound quality.
6. Much of the unlawful distribution of copyrighted sound recordings over the Internet occurs via "peer-to-peer" ("P2P") file copying or so-called online media distribution systems. The most notorious example of such a system was Napster, which was enjoined by a federal court. Notwithstanding the court's decision enjoining Napster, similar online media systems emerged and attempted to capitalize on the growing illegal market that Napster fostered. These included KaZaA, eDonkey, iMesh, Ares, BitTorrent, DirectConnect, and Gnutella, among others. To this day, some P2P networks continue to operate and to facilitate widespread copyright piracy. At any given moment, millions of people illegally use online media distribution systems to upload or download copyrighted material.
7. P2P networks, at least in their most popular form, refer to computer systems or processes that enable Internet users to: (1) make files (including audio recordings) stored on a computer available for copying by other users; (2) search for files stored on other users' computers; and (3) transfer exact copies of files from one computer another via the
3
Internet. P2P networks enable users who otherwise would have no connection with, or knowledge of, each other to offer to each other for distribution and copying files off of their personal computers, to provide a sophisticated search mechanism by which users can locate these files for downloading, and to provide a means of effecting downloads.
8. The major record companies generally have not authorized their copyrighted sound recordings to be copied or distributed in unsecured formats by means of P2P networks. Thus, the vast majority of the content that is copied and distributed on P2P networks is unauthorized the copyright owner -- that is, the
distribution violates the copyright laws.
9. The scope of online piracy of copyrighted works cannot be underestimated. The RIAA member companies lose significant revenues on an annual basis due to the millions of unauthorized downloads and uploads of well-known recordings that are distributed on P2P networks by infringers who, in virtually all cases, have the ability to maintain their anonymity to all but the Internet Service Provider ("ISP") they use to supply them with access to the Internet.
10. The persons who commit infringements by using the P2P networks are, by and large, anonymous to Plaintiffs. A person who logs on to a P2P network is free to use any alias (or computer name) whatsoever, without revealing his or her true identity to other users. Thus, Plaintiffs can observe the infringement occurring on the Internet, but do not know the true names or mailing addresses of those individuals who are committing the infringement.
The RIAA's Identification of Copyright Infringers
11. In order to assist its members in combating copyright piracy, the RIAA retained a third-party investigator, MediaSentry, Inc. ("MediaSentry"), to conduct searches of the Internet, as well as file-copying services, for infringing copies of sound recordings whose
3
copyrights are owned by RIAA members. A search can be as simple as logging onto a P2P network and examining what files are being offered to others logged onto the network. In gathering evidence of copyright infringement, MediaSentry uses the same functionalities that are built into P2P programs that any user of the software can use on the network.
12. Users of P2P networks who distribute files over a network can be identified by using Internet Protocol {"IP") addresses because the unique IP address of the computer offering the files for distribution can be captured by another user during a search or a file transfer. Users of P2P networks can be identified by their IP addresses because each computer or network device (such as a router) that connects to a P2P network must have a unique IP address within the Internet to deliver files from one computer or network device to another. Two computers cannot effectively function if they are connected to the Internet with the same IP address at the same time. This is analogous to the telephone system where each location has a unique number. For example, in a particular home, there may be three or four different telephones, but only one call can be placed at a time to or from that home. Each computer or network device is connected to a network that is administered by an organization like a business, ISP, college, or university. Each network, in turn, is analogous to an area code. The network provider maintains a log of IP address allocations. An IP address can be associated with an organization like an ISP, business, college or university, and that organization can identify the P2P network user associated with the specified IP address.
13. MediaSentry finds individuals using P2P networks to share music files over the Internet. Just as any other user on the same P2P networks as these individuals would be able to do, MediaSentry is able to detect the infringement of copyrighted and works and identify the
4
users IP addresses because the P2P software being used by those individuals has file-sharing features enabled.
14. For each suspected infringer, MediaSentry downloads a number of the music files that the individual is offering to other users on the P2P network. Those music files for each such individual are listed in Exhibit A to the Complaint. MediaSentry assigns an identification number to each individual for which it detects copyright infringement and gathers additional evidence for each individual, such as metadata accompanying each file being disseminated that demonstrates that the user is engaged in copyright infringement. That evidence includes download data files that show for each music file the source IP address, user logs that include a complete listing of all files in the individual's share folder at the time, and additional data that track the movement of the files through the Internet.
15. After MediaSentry collects the evidence of infringement, the RIAA engages in a painstaking process to verify whether each individual was infringing. That process relies on human review of the evidence supporting the allegation of infringement. For each suspected infringer, the RIAA reviews a listing of the music files that the user has offered for download by others from his or her computer in order to determine whether they appear to be copyrighted sound recordings. The RIAA also listens to the downloaded music files from these users in order to confirm that they are, indeed, illegal copies of sound recordings whose copyrights are owned RIAA members. Exhibit A to the Complaint lists the details of these downloaded music files. In my role as Vice President, Anti-Piracy, I provide oversight over the review of the lists contained in Exhibit A to the Complaint and hereby attest to the veracity of those lists. The RIAA also reviews the other evidence collected by MediaSentry.
5
The Subpoena Process to Identify Copyright Infringers
16. The RIAA frequently has used the subpoena processes of Federal Rule of Civil Procedure 45 and the Digital Millenium Copyright Act ("DMCA") to obtain the names of infringers from ISPs. The RIAA typically has included in their subpoenas to ISPs an IP address and on which through its agent MediaSentry observed use of the IP address and a date and time on which the RIAA, through its agent, MediaSentry, observed use of the IP address in connection with allegedly infringing activity. In some instances, providing the IP address alone to the ISP has been enough to enable the ISP to identify the infringer. Providing the date and time further assists some ISPs in identifying infringers, especially ISPs that use "dynamic IP addressing" such that a single computer may be assigned different IP addresses at different times, including, for example, each time it logs into the Internet.
Once provided with the IP address, plus the date and time of the infringing activity, the infringer's ISP quickly and easily can identify the computer from which the infringement occurred (and the name and address of the subscriber that controls that computer), sometimes within matter of minutes.
17. Since 1998, the RIAA and others have used subpoenas thousands of times to learn the names, addresses, telephone numbers, and e-mail addresses of infringers for the purpose of bringing legal actions against those infringers. During recent litigation with Verizon (an ISP) relating to the DMCA process, Verizon conceded that, as an alternative to the DMCA process, Plaintiffs could file the "Doe" lawsuits and issue Rule 45 subpoenas to ISPs to obtain the true identities of infringing subscribers.
6
The RIAA's Identification of Infringers in This Case
18. In the ordinary course of investigating online copyright infringement, the RIAA became aware that Defendants were offering files for download on various P2P networks. The user-defined author and title of the files offered for download by each Defendant suggested that many were copyrighted sound recordings being disseminated without the authorization of the copyright owners. The RIAA downloaded and listened to a representative sample of the music files being offered for download by each Defendant and was able to confirm that the files each Defendant was offering for distribution were illegal copies of sound recordings whose copyrights are owned by RIAA members. The RIAA also recorded the time and date at which the infringing activity was observed and the IP address assigned to each Defenant at the time. See Complaint Exhibit A. The RIAA could not, however, determine the physical location of the users or their identities. The RIAA could determine that Defendants were all using Boston University internet service to distribute and
make available for
distribution all the copyrighted files.
19. The RIAA also has collected for each Defendant a list of the files each Defendant has made available for distribution to the public. These lists often show thousands of files, many of which are sound recording (MP3) files that are owned by, or exclusively licensed to, Plaintiffs. Because of the voluminous nature of the lists, and in an effort not to overburden the Court with paper, I have not attached to this Declaration those lists. Such lists will be made available to the Court upon request. Exhibit A to the Complaint includes the username of the infringer if that was available, the identification number assigned by MediaSentry for that Defendant, and the number of audio files that were being shared by Defendant at the time that the RIAA's agent, MediaSentry, observed the infringing activity.
7
The Importance of Expedited Discovery in This Case
20. Obtaining the identity of copyright infringers on an expedited basis is critical to stopping the piracy of the RIAA members' copyrighted works.
21. First, every day that copyrighted material is disseminated without the authorization of the copyright owner, the copyright owner is economically harmed. Prompt identification of infringers is necessary in order for copyright owners to take quick action to stop unlawful and dissemination of their works and minimize their economic loss.
22. Second, infringement often occurs with respect to sound recordings that have not yet been distributed publicly. Such infringement inflicts great harm on the initial market for new works. New recordings generally earn a significant portion of their revenue when they are first released, and copyright piracy during a recording's pre-release or early release period deprives copyright owners of an important opportunity to reap the benefits of their labor.
23. Third, without expedited discovery, Plaintiffs have no way of serving Defendants with the complaint and summons in this case. Plaintiffs do not have Defendants' names or addresses, nor do have an e-mail address for Defendants.
24. Fourth, and perhaps most critically, ISPs have different policies pertaining to the length of time they preserve "logs" which identify their users. ISPs keep log files of their user activities for only limited periods of time -- which can range from as short as a few days, to a few months -- before erasing the data they contain. If an ISP does not respond expeditiously to a discovery request, the identification information in the ISP's logs may be erased, making it impossible for the ISP to determine the identity of the infringer and eliminating the copyright owner's ability to take action to stop the infringement.
8
[This page intentionally left blank.]
9
I
declare under penalty of perjury under the laws of the United States that the foregoing is true and correct.
Executed on April 26, 2007 in Washington, D.C.
__[signature]___
Carlos Linares
10
|
|
Authored by: MathFox on Monday, July 02 2007 @ 05:11 PM EDT |
neatly in one thread
---
If an axiomatic system can be proven to be consistent and complete from within
itself, then it is inconsistent.[ Reply to This | # ]
|
|
Authored by: MathFox on Monday, July 02 2007 @ 05:21 PM EDT |
the vast majority of the content that is copied and distributed on
P2P networks is unauthorized by the copyright owner.
My experience
is that especially Bittorrent is very often used for legal distribution of Open
Source software... Are there reliable statistics on legal vs. illegal Bittorrent
use?--- If an axiomatic system can be proven to be consistent and complete
from within itself, then it is inconsistent. [ Reply to This | # ]
|
- Point 8 - P2P is illegal - Authored by: Naive on Monday, July 02 2007 @ 05:43 PM EDT
- Point 8 - P2P is illegal - Authored by: Anonymous on Monday, July 02 2007 @ 05:45 PM EDT
- My 2-bit analysis - Authored by: Anonymous on Monday, July 02 2007 @ 05:49 PM EDT
- Point 8 - P2P is illegal - Authored by: Balance on Monday, July 02 2007 @ 06:13 PM EDT
- Mandriva's preferred distribution method - Authored by: Anonymous on Monday, July 02 2007 @ 06:18 PM EDT
- Point 8 - P2P is illegal - Authored by: lannet on Monday, July 02 2007 @ 06:20 PM EDT
- Point 8 - P2P is illegal - Authored by: Anonymous on Monday, July 02 2007 @ 06:26 PM EDT
- Point 8 - P2P is illegal - Authored by: Stanley Chow on Monday, July 02 2007 @ 06:30 PM EDT
- some thoughts - Authored by: Anonymous on Monday, July 02 2007 @ 06:47 PM EDT
- Point 8 - P2P is illegal - except when Microsoft wants it? - Authored by: Anonymous on Tuesday, July 03 2007 @ 01:48 AM EDT
- Point 8 - P2P is illegal - Authored by: proceng on Tuesday, July 03 2007 @ 02:58 AM EDT
- Jamendo - Create Commons music via bittorrent - Authored by: Anonymous on Tuesday, July 03 2007 @ 10:30 AM EDT
- NeyBSD can also be had via bittorrent - Authored by: Anonymous on Tuesday, July 03 2007 @ 10:32 AM EDT
- Point 8 is a huge leap of faith - Authored by: Anonymous on Tuesday, July 03 2007 @ 11:15 AM EDT
- Yep, there's a big lie here. - Authored by: Anonymous on Wednesday, July 04 2007 @ 04:52 AM EDT
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:26 PM EDT |
"Two computers cannot effectively function if are connected to the Internet
with same IP address at the same time"
If two computers are behind a router, don't they effectively have the same IP
address at the same time?
[ Reply to This | # ]
|
- Yes. Most definitely yes. - Authored by: Ed L. on Monday, July 02 2007 @ 05:33 PM EDT
- How about a proxy - Authored by: Anonymous on Monday, July 02 2007 @ 05:42 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Anonymous on Monday, July 02 2007 @ 05:47 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Anonymous on Monday, July 02 2007 @ 05:48 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: DannyB on Monday, July 02 2007 @ 05:51 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Anonymous on Monday, July 02 2007 @ 06:02 PM EDT
- Haven't they heard of NAT? - Authored by: Anonymous on Monday, July 02 2007 @ 06:27 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Anonymous on Monday, July 02 2007 @ 06:29 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Kelledin on Monday, July 02 2007 @ 07:30 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Anonymous on Monday, July 02 2007 @ 08:07 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Anonymous on Monday, July 02 2007 @ 08:21 PM EDT
- A Lawyer Would Like to Pick Your Brain Once Again - Authored by: Steve Martin on Monday, July 02 2007 @ 10:03 PM EDT
- Wireless routers tend to auto-NAT and default to public access - Authored by: dwheeler on Tuesday, July 03 2007 @ 11:51 AM EDT
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:27 PM EDT |
I'd say that the "Unique IP address is like a telephone number"
analogy is flawed.
1. Unlike telephone numbers, IP number may be changed and re-assigned by the
service provider at any time without the end-user knowing about it. Only the
time synchronization of the logging server(s) and the address assignment
server(s) ensure that the IP address logged to be assigned to John Doe at a
certain moment, actually is.
2. Unlike the explanation, certain IP address ranges can be used multiple times.
When someone uses a home network, the internal network is usually using a
'private' range which is translated to the single ISP-assigned IP address at the
router. There's no way to tell from the outside which internal address is being
used behind the router. There's also no way to prove that someone hasn't tapped
into such an internal network range, most likely through an insecure wireless
access point.
3. There are ISP's who use the same internal/external range translation for all
of their customers. In that case only the ISP has a set of official and unique
IP addresses, their customers get an internal address. The ISP is analogous to a
telephone PBX where the internal 'phones' can not be dialed directly from the
outside.
4. The text claims only one call per phone line is possible. I have ISDN and I
can have two simultaneous calls on the same number, or on one of three alternate
numbers on the same line.
HTH...
[ Reply to This | # ]
|
|
Authored by: ankylosaurus on Monday, July 02 2007 @ 05:27 PM EDT |
Please make links clickable - remembering to post in HTML and follow the
guidelines on the 'Post a Comment' page.
---
The Dinosaur with a Club at the End of its Tail[ Reply to This | # ]
|
|
Authored by: atheist on Monday, July 02 2007 @ 05:29 PM EDT |
There is scope for spoofing,
compromised machines
unsecured wireless connections
etc
Most pc users have little idea of the consequences of, for example, kazaa.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:32 PM EDT |
12. Is wrong or at least not accurate.
IP adres doesn't identify the user and not even a unique computer. For example
if multiple computers are connected to the same proxy or gateway they can have
all the same IP adress.
IP address is not allways unique. Only computers directly connected to the
internet must be unique.
But still it doesn't identify the user, but can sometimes identify the computer,
but not the person who is using it.
What is missing is the exact procedure mediasentry has taken to collect the
data. Have they included the downloaded files? Can the procedure be verified?
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:32 PM EDT |
"This is analogous to the telephone system where each location
has a unique number"
If we are using analogies, aren't the ip addresses that media sentry collect
analogous to caller id, which can be easily faked, and provide no guarantee that
who ever is calling is actually calling from the number that is being displayed?[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:37 PM EDT |
MediaSentry got some press here:
http://www.groklaw.net/article.php?story=20070302073736822#c542974
We just turf it out again. Does it need to be attacked.
Basic thing, it does not put a user at a keyboard, the best it can do is match a
mac address (an ethernet card) to an ip maybe, but these can be reprogrammed on
some cards - work it out. It is not a UID (unique identifier), therefore it is
not pointing at one person, more like some finger waving in a general direction,
those people there, rather than that person there.
IANAL, but I do read about terms of art a little. :)
I have gotten a gnu sense of fun.
[ Reply to This | # ]
|
|
Authored by: MathFox on Monday, July 02 2007 @ 05:38 PM EDT |
Second, infringement often occurs with respect to sound recordings
that have not yet been distributed publicly. Such infringement inflicts great
harm on the initial market for new works.
At first I wonder why
the RIAA members don't take measures against people that leak those songs... Or
would the company tactically approve of those leaks? When I see how much new
songs are pushed to radio stations (payola was made illegal) I don't think that
alternative distribution via P2P must be hurting that much.
The market for
electronic music might have been much bigger if the majors signed up with
DRM-friendly distributors like Apple much earlier.--- If an axiomatic
system can be proven to be consistent and complete from within itself, then it
is inconsistent. [ Reply to This | # ]
|
- 22 - unpublished records - Authored by: Anonymous on Thursday, July 05 2007 @ 11:52 AM EDT
- Sources - Authored by: Anonymous on Friday, July 06 2007 @ 05:59 PM EDT
|
Authored by: ankylosaurus on Monday, July 02 2007 @ 05:39 PM EDT |
In paragraph 9, it says:
The scope of online piracy of
copyrighted works cannot be
underestimated.
Good. I estimate
the scope at zero - and this is not an underestimate according to the gentleman
submitting the declaration, so the RIAA has no case and should leave the Does
alone, their privacy undisturbed.
Presumably, simple inverted logic errors
of this sort are actually recognized by the courts and this wouldn't directly
invalidate the declaration.
--- The Dinosaur with a Club at the End
of its Tail [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:40 PM EDT |
He doesn't give any indication of the widespread hijacking that occurs on the
internet.
Here is a great press release to throw in their faces:
http://www.fbi.gov/pressrel/pressrel07/botnet061307.htm
I like this in particular:
Most owners of the compromised computers are unknowing and unwitting victims.
They have unintentionally allowed unauthorized access and use of their computers
as a vehicle to facilitate other crimes...
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:41 PM EDT |
Each routine and computers ip address can be changed at any time. DHCP can
update address at any time. A user can or isp can force the ip to update by
issuing a renew command.
Each time a computer reboots it gets a new lease for up to 24 hours, then the
address automatically changes. If the computer is booted at 2pm one day and
left up 3 months, each day at 2pm the lease will expire and it's ip address will
(or could) change.
Note also that if a use logs onto someone else's machine via telnet, ssh or
Microsoft remote services, another user could download items, which the original
owner would have now knowledge of. Note most spam user, remotely log into other
persons servers or other persons home computer and sent their spam from the
other machines machine. It appears the spam from the users machine but it
really be controlled by the remote user.
Note also most wireless systems are wide open and anyone can connect to home
networks and download info with the knownledge of the owner of the wireless
system.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:45 PM EDT |
According to the declaration, the RIAA, perhaps through an agent such as Media
Sentry, downloads files from a computer they suspect is offering their
copyrighted works illegally. There are two interesting questions:
1) Is this itself an illegal use of (taking of?) computer resources that are not
theirs?
2) If they download files that are *not* copies of RIAA controlled media, as
their declaration implies, who is responsible for that infringement?[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 05:50 PM EDT |
The RIAA have paid for a law to be made, and are taking people to court for
infringement of that law.
I'm sorry. I am an engineer. I have nothing useful to say about whether the
people have infringed a law or not.
But I do understand commercial-scale intimidation when I see it, and as such it
prevents me from doing any kind of business with the intimidators.
I will sing my own songs. They are not very good, but they are mine. You are
welcome to distribute them to anyone you choose, if you would like to.[ Reply to This | # ]
|
|
Authored by: Kilz on Monday, July 02 2007 @ 05:52 PM EDT |
I think all of us would love to see the application, and the source code that
Media sentry uses. How can we be 100% sure it is flawless and contains no errors
that would give false or incorrect information?
Secondly, Media sentry downloads a few songs, then gets a list of what else is
on the computer. But unless they download the files how do they know for sure
they are recordings to which they control the copyright on? The p2p networks are
flooded with fake files, files that have the wrong names, even recordings of
others that are not the works they want to believe them to be. In section 15
they go over the fact that they look over this list of files they do not have ,
nore have they downloaded them.[ Reply to This | # ]
|
|
Authored by: aha on Monday, July 02 2007 @ 05:57 PM EDT |
An IP address can be stolen at any time from another machine by simply assigning
that IP address through the network configuration settings of the machine (or
other IP capable device that is configurable). Sometimes the connection on a
machine may be erratic, but it is possible to have two machines on the internet
at the same time with the same IP address. The routing tables in the vicinity
of the machine determine where the packets from that machine go. It may be
possible to transmit and receive data successfully on the internet when there
are duplicate IP addresses on the internet.
Duplicate IP addresses is one form of attack that can be used to cause problems
on a network. That does not mean that it cannot happen. There is nobody in
direct control of what is done on every machine in regards to their network
settings.
An IP address does not map to a person. The IP address is usually mapped to a
unique MAC address (which might itself not be unique) in the routers. If the
routing tables get stale, it is possible that the data intended for one machine
might be delivered to another through the mapping to the MAC address of a
device. There is no guarantee that there is a one to one mapping of device to
IP address. Some hardware allows the MAC address to be set manually. Sometimes
this is intentional where many machines work in conjunction with each other to
provide hight availability type services and answer to a single IP address.
Conversely, one machine may have many IP addresses on a single network interface
to present itself as many virtual machines. No one to one mapping in these
situations.
---
You get what you focus on.[ Reply to This | # ]
|
|
Authored by: James Wells on Monday, July 02 2007 @ 06:11 PM EDT |
Greetings,
Reading through the RIAA's document, I find the following
flaws;
The RIAA is a not-for-profit trade association whose
member record companies create, manyfacture, and/or distribute approximately
ninety percent of all legitimate sound recordings produced and sold in the
United States.
Right off the bat, I would have to say "Prove
it". I am willing to bet that all of the street hawkers, the bar bands, garage
bands, Magnatune, etc comprise greater than 10% of all music created,
manufactured, and distributed in the US. Please note that this is not counting
music from other countries which probably comprises another 5 - 10%. Then there
are the other sound recordings, such things as audio books, online news,
podcasts, vidcasts, etc. The RIAA would find it almost impossible to prove
this... Yes, I know I am being pedantic.
The major record
companies generally have not authorized their copyrighted sound recordings to be
copied or distributed in unsecured format by means of P2P networks. Thus, the
vast majority of the content that is copied and distributed on P2P networks is
unauthorized by the copyright owner - that is, the distribution violates
copyright laws.
Please prove it. The problem is that the
vast majority of content I see on P2P systems are large files that are being
distributed by the authors, such as Linux / BSD CD's / DVD's which are being
distributed with the express permission of the authors. From there, a rising
trend that I am seeing is a lot of people posting amateur movies/audio books and
shows, such as the the Rookie, by Scott Sigler and the 7th Son, by JC
Hutchens.
The RIAA member companies lose significant revenues
on an annual basis due to the millions of unauthorized downloads and uploads of
well-known recordings that are distributed on P2P networks by infringers who, in
virtually all cases, have the ability to maintain their anonymity to all but the
Internet Service Provider ("ISP") they use to supply them with access to the
Internet.
One of the problems with the RIAA is that they have
never proven that they are losing money to file sharers, instead they have
posted numbers of money loss and stated that it was caused by file sharers.
The closest they have come to "proving" it was by hiring some teenagers to
download music from one of their servers to prove that the teenagers could pull
600 songs over a three day period of time. Please note that these teenagers
were told what server to go to and given accounts on that server. The server was
hosted, IIRC, by Sony. Additionally, they have never been asked to explain why
the drop in sales coincides with the increase in CD prices and not with the
increase in broadband availability. Interestingly enough there is about a 3.5
year gap in the times.
Two computers cannot effectively
function if their are connected to the internet with the same IP address at the
same time.
Incorrect, through the use of Network Address
Translation ("NAT") and various other proxying mechanisms, this is actually
fairly common.
First, every day that copyrighted material is
disseminated without the authorization of the copyright owner, the copyright
owner is economically harmed.
Please prove this. Again, the
RIAA has never been able to prove this, and in fact, the opposite has been
proven by many other companies / organizations, including Baen Books, who has
quite a few articles on this subject, which include comments from other
companies who have proven an increase in revenue. Another fact which the RIAA
keeps glossing over is that a music file download does not always equal a lost
sale. I know many people who will download a couple songs from an album before
they decide to buy the album. I am the same way on various books, I will
download the first book in a series by a new author, if I like the book, I will
buy the entire series.
Second, infringement often occurs with
respect to sound recordings that have not yet been distributed
publicly
Interesting... So you are saying that there is
someone on the inside who is distributing this music? If not where are people
getting it to be able to distribute it in to begin with. Based on this
statement alone, I would suggest that the RIAA clean it's own house first, then
come back after they can prove that they are not the people distributing the
content initially. --- "Individuals are smart, people are stupid" --
Tommy Lee Jones as "K" from Men In Black [ Reply to This | # ]
|
- Being Pedantic - Authored by: Anonymous on Monday, July 02 2007 @ 06:42 PM EDT
- Being Pedantic - Authored by: MathFox on Monday, July 02 2007 @ 07:02 PM EDT
- Being Pedantic - Authored by: Anonymous on Monday, July 02 2007 @ 08:28 PM EDT
- Being Pedantic - Authored by: Anonymous on Tuesday, July 03 2007 @ 01:04 PM EDT
- Being Pedantic - Authored by: Anonymous on Wednesday, July 04 2007 @ 07:37 AM EDT
- Being Accurate - Authored by: Anonymous on Monday, July 02 2007 @ 10:13 PM EDT
- Being Pedantic - Authored by: Anonymous on Monday, July 02 2007 @ 11:06 PM EDT
- Defacto monopoly - Authored by: Anonymous on Tuesday, July 03 2007 @ 12:01 PM EDT
- What Losses ? - Authored by: Anonymous on Friday, July 06 2007 @ 06:10 PM EDT
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:12 PM EDT |
If the kids are using bittorrent, many points in the declaration is factually
wrong or at least misleading.
Paragraph 6: The RIAA has shut down many of the
sites listed in Paragraph 6, and forced them to go legal. As such, they aren't
offering illegal music for sale anymore.
Paragraph 7: In the case of
bittorrent, paragraph 7 is a very inaccurate description of the network.
bittorrent does not allow you to search other user's drives (paragraph 7(2)).
Additionally, it tends to prevent one from transferring a file from one computer
to another. It only allows the transfer of pieces of files, and one assembles a
complete file from data from many computers.
Paragraph 8: Since most P2P
users aren't in the U.S. The argument is jumping from international usage of P2P
software to "the distribution violates copyright laws" inside the U.S.
Paragraph 11: In the case of bittorrent, I am not sure paragraph 11 is
accurate. How do you login to a bittorrent network?
Paragraph 12: All of
Paragraph 12 is an incorrect or misleading description of how a router works.
Two computers behind a router can connect to the internet simultaneously
happily. Many people can't effectively identify computers (let alone people) as
described by:
... that organization can identify the P2P network
user associated with the specified IP address.
No one can go from
IP address to user. Behind a router, it is difficult to go from an external IP
address to a computer. If one is lucky, they can go from IP address to account
owner. Some of the testimony offered to the Canadian Supreme Court essentially
stated that the CRIA was accusing people with certain IP addresses of file
sharing, when in fact the associated IP addresses were not in use at the
time.
Paragraph 14 and 15: With bittorrent, you can't actually download the
file from someones computer. You can only download small pieces of the file.
(Not sure if this makes a difference under copyright law.) See Paragraph 15 and
Paragraph 14.
Paragraph 14 and 19: Paragraph 14, bittorrent clients don't
actually distribute the complete contents of the share directory. How in
Paragraph 19 does the RIAA know it contains 1000's of files?
Paragraph 18
does not actually specify which P2P networks the kids are accused of sharing
file information on. Some specificity in the allegation would be
helpful???
Paragraph 19: Most (all?) of the bittorrent clients only share a
few files at a time. Declaration 19 accuses the clients kids
of sharing 1000's of files simultaneously.
And that is the end of my list. [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:13 PM EDT |
There are two questions raised by the declaration:
1. Does an IP address, as seen by sniffing a network (MediaCentry) uniquely
identify a computer
2. Does uniquely identifying a computer identify a person responsible for P2P
activity
Let's look at 1:
Short answer: No.
Longer answer: As many other posts here have pointed out, IP addresses are
not fixed (like the analog drawn in the declaration to telephone numbers).
They may change through DHCP, or even may change manually.
Further, an IP address identifies the endpoint for IP-based communication,
which may be a router or other device, not a PC. As a result, several PCs may
share a single IP address.
Looking at 2:
Short answer: No.
Longer answer: Assuming, for a moment, we definitively know that a specific
IP _is_ assigned to a PC, it is still impossible to know who is responsible for
traffic from or to
that IP address. PCs can be remotely controlled, making it very possible for a
PC to be 'used' by any individual beyond the owner. This is commonplace, and
is used nefariously by SPAM organizations to use PCs to send bulk email not
under the owner's control (zombie PCs).
Or, even more simply. there is no way to tell from an IP who is sitting in the
chair -- owner, child, friend, malicious ex-spouse, babysitter, etc.
[ Reply to This | # ]
|
|
Authored by: EvilJake on Monday, July 02 2007 @ 06:14 PM EDT |
1. User computers are almost always behind NAT (network address translation)
devices or Internet proxies which effectively enable multiple machines to access
the Internet simultaneously using a single public IP address. This is almost
certainly the case at the Boston University network. The university may or may
not have sufficient logging in place to identify which internal computer had
which internal (private) IP address at a certain time, and thus perhaps identify
the offending machine.
2. A user's computer may have been compromised any number of ways by an external
attacker from the Internet, or even by another internal user of the university's
network, who then used the compromised computer to share copyrighted files. The
offending machine's "owner" is not necessarily the person responsible
for the copyright infringement, if any. A forensic analysis of the offending
machine would be required to possibly identify evidence that the machine was
compromised.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:23 PM EDT |
Not that I know anything about this, but I've always wondered why defendants
don't attack the notion of "distribution" more often. That is, it is
only illegal to disribute copyrighted work, not to possess it.
Did MediaSentry actually download the file to verify that the Does were indeed
distributing it, or were they just "advertising" it? As an analogy, is
a shifty street vendor in violation of copyright law if he's pretending to sell
bootleg videos, but they turn out to be nothing but blank tapes? False
advertising and fraud, yes; but copyright infringement?
Secondly, the RIAA would like to claim that both an uploader and a downloader
are "distributing". How can that be? If you take the point of view
that a downloader is performing an act of distribution by making a digital copy
from another computer to his own, then the holder of the original copy cannot be
considered to be distributing. He can be cosidered lax in his efforts to protect
his property, sure, but not distributing. If you take the opposite approach
where the uploader is distributing, then the downloader is simply in possession
of copyrighted material, but not distributing.
I'm sure there's some law regarding collusion or collaboration that irons this
out in court, but I've always wondered about it anyway.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:25 PM EDT |
As pointed out by other people, IP addresses are not necessarily unique. There
is nothing in the document that suggests that they know that each IP is uniquely
attached to a particular computer.
If an IP address is shared, then each computer behind the IP address uses one or
more ports to communicate. How these ports are allocated depends on the device
providing the IP sharing service, the operating system it uses, and the programs
connecting to it and requesting an outbound or inbound connection. Often port
usage is transient, and only recorded for the duration of the usage. There seems
to be no mention of this in the declaration. Presumably because it is damaging
to RIAAs case.
Secondly, although the declaration says that they checked representative samples
of files from each computer, it gives few details. Did someone listen in full to
each track to make sure it wasn't a permitted use under copyright - for instance
a parody. And how did they check that the download was covered by one of their
copyrights? For instance, how did they check that a download claiming to be
Bruce Springsteen singing Born in the USA, was in fact not a tribute act?[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:26 PM EDT |
Paragraph 5: Clearly he admits that the Internet has substantial, if not
overwhelming, non-infringing uses. Also, if a digital file is copied in its,
there is no-degradation in sound quality. His comment of "without
significant degradation" is not accurate, and he should be held to account
to specify just what degradation might occur. While this lack of degradation
might strengthen his case, it certainly weakens his credentials as an expert.
Paragraph 6: How does he know that P2P is the source of "Much of the
unlawful distribution...", as compared to other methods of trading files
and CDs, bootleg sales by authentic pirates at swap meets/flea markets etc.?
This sounds like a blowhard attempt to make the this "biggest villain"
of the moment. Perhaps at other times other methods of distribution will be his
biggest villains. One should always challenge vague conclusions like this one.
Also, is "copyright piracy" a legally defined term, as opposed to
filesharing or file copying?
Paragraph 9: Why can't the scope of online piracy (his definition) be
underestimated? It certainly appears to be overestimated at times. Also, this
seems to reiterate the old saw that attempts to equate every file download with
a lost sale. This is clearly not true, yet seldom goes challenged.
Paragraph 10: Equates making available with infringement. This, I believe, is
also shown not to be true. Actual infringement would involve copying files
between one computer and another, and this is something Plaintiffs clearly
CANNOT do, despite the claim that they are observing this infringement occurring
on the Internet. The only copying of files that Plaintiffs can observe are
those to and from their own computers, and under copyright law that does not
constitute infringement. All they can know about other users is the number of
uploads that user might be providing. Not the file names being uploaded.
Paragraph 11: Nobody knows exactly what MediaSentry is doing, except MediaSentry
themselves. Are they using the actual, buggy, ad-ware/spy-ware ridden programs
most often out there, or their own hacked or homebrew solutions? So say that
MediaSentry only does what any P2P user does, and by implication, uses the same
software in the process of doing so, is yet to be demonstrated.
Paragraph 12: IP addresses do not necessarily identify a specific computer, and
cannot at all identify who is sitting at that computer. They are not unique
(many computers behind a single NAT-ing – Network Address Translation – router
will all have the same external IP address), and don't prove what computer you
are actually talking to, since you may be connected to a proxy computer, rather
than the final source or recipient of any data packets. Two computers can most
definitely have the same IP address on the Internet at large, so it's an
outright inaccuracy to have claimed otherwise here. And NAT-ing is very common,
not rare at all.
Paragraph 13: Again is the claim that MediaSentry operates "just as any
other user on the same P2P networks". This is not yet proven at all. Nor
is it proven that the MediaSentry computers might not be contaminated, as many
computers have been, by malware during the course of their investigations. They
should be required to provide a hard drive image of the drive used in their
investigation, said image taken AT THE ACTUAL TIME that the evidence was
gathered, to so that said evidence exists, and isn't subject to contamination
from computer worms, viruses, Trojans, and other malware. Any
"evidence" without this image to back it up should be considered
highly suspect.
Paragraph 14: Who has seen these downloaded files so far, except for
MediaSentry? Do we even know that they match that the file listing says they
should be (length, type, meta data, actual contents)? Also, for any
non-downloaded files, are you claiming that they are also exactly what their
titles claim? What about fakes that your, yourself, as the RIAA have hired
companies to spread as widely as possible. Is downloading and/or sharing a fake
or intentionally damaged music file also actionable infringement?
Paragraph 15: You provide the oversight of MediaSentry and attest to the
veracity of the file name list provided. What are your computer forensic
related credentials? Were you present when the data was collected?
Paragraph 16: How can you identify the "computer" from which the
infringement came by an IP address, with, or without, date, from just an IP
address? Answer: YOU CAN'T! You can no more identify a specific computer
plugged into the Internet at a specific IP address than, to use your telephone
analogy, knowing which model of telephone is plugged into a telephone line.
Over the course of even minutes, many different telephone handsets – or
computers – might be plugged into the same line, and you won't know which one it
is. This inaccurate talk on your part either shows your ignorance of what
you're talking about, or your belief that no one else realizes what you're
saying is simply wrong. Nor does knowing the account holder's name tell you who
actually controls a computer. And we're not even talking about unsecured – as
the majority are – wifi access points that anyone can log into with a wifi
enabled computer and send and receive data on the same IP address.
Paragraph 17: You should not be joining unrelated Doe defendants in your
subpoena process.
Paragraph 18: By this admission, they only "distributed" these
particular files to you, which is legal. There is no indication or evidence
that these files were ever downloaded to any other person. In fact, it's likely
that many files on P2P networks are not ever downloaded by other users, but are
simply file names in a shared directory. Also, you claim here that the files
were offered for distribution by each "Defendant". WRONG! You have
tried to identify the account holder, which may or may not have been accurately
done by the ISP, but that does not get you to whatever person is actually owning
and operating the computer offering up the files in question. ONE OF THE GREAT
WEAKNESSES of all your cases is your attempt to claim that the account holder is
the one doing the file sharing. And if they're not, to scare them in to telling
you who it must be. You too often sue the wrong person, and attempt to put them
under duress to make them incriminate someone else. THIS SHOULD NOT BE THE
PURPUSE OR PROPER USE OF THE LEGAL SYSTEM!
Paragraph 19: You have recently sued students with as few as 100 files allegedly
shared.
Paragraph 20: Why? Is this your justification on why this must all be ex parte,
and not contested at the point where your case is the most fragile of all?
Paragraph 22: Are you willing to admit that the sources of these not yet
publicly distributed works are most often industry insiders?
Paragraph 23: Must discovery be expedited – rushed by with no chance to contest
– in order to discover your victims – er, Defendants? Maybe it does need to be,
before critical eyes can examine your "evidence".
Paragraph 24: And this has happened how often so far? Or are you only being
theoretical here? You're very short on actual facts, Mr. Carlos Linares.
[ Reply to This | # ]
|
|
Authored by: bap on Monday, July 02 2007 @ 06:31 PM EDT |
As has been mentioned in some of the above posts, the analogies put forward by
this affidavit are erroneous on a number of levels.
"Two computers
cannot effectively function if are connected to the Internet
with same IP
address at the same time"
While the basic idea is true, this
statement is an oversimplification and demonstrates a lack of true understanding
of IP addressing. There is a specific set of IP addresses designated as
"public" which must remain unique across the Internet at large. These are the
IP's that the above quote refers to. But there are large subnets of IP
addresses that have been designated as unroutable or "private" that are for
private use as any end-user sees fit. These include the ranges of 192.168.x.y,
10.x.y.z, etc. There are likely large numbers of computers accessing the
internet that all have the IP address 192.168.1.10 but that is because they all
sit behind different routers that each converts that private IP into a unique
public IP.
For example, in a particular home, there may be three or
four different telephones, but only one call can be placed at a time from that
home.
Non-sequitur. Many people have routers in their homes that
split an internet connection (cable modem, DSL router, etc) so that multiple
computers can access the internet all at the same time. In my own home I have a
Windows workstation, a Windows server, a linux server, and a virtual Windows
server running in vmware on the linux server. All these computers can and do
access the internet at the exact same time. They all have unique private IP's
in the 192.168.x.y range and appear as the same public IP as far as the rest of
the internet is concerned. I also have a wireless router so that I can connect
my laptop to the internet without having to plug it into anything, and although
I keep the router settings well secured there is always the possibility that
somebody outside my house could hack the wireless connection and connect their
computer to the internet through my connection as well.
On a related note I
also have a hosted server at a datacenter that has 8 IP's assigned to it. So
one server has 8 unique IP's that it can make use of. It also responds to
incoming requests on those 8 IP's (or at least the ones I have configured to do
so). So multiple servers can easily share one IP and one server can easily make
use of multiple IP's. Neither scenario is uncommon at all.
If I wanted to I
could fairly easily set up the routing on one of my computers at home to route
through the server at the datacenter (a proxy). This means that, for example,
my virtual windows server with one IP, running on a linux server with a
different IP, would look to the rest of the internet as if it was a server in a
datacenter in another state from where I live.
Another reason why the
telephone analogy fails is that telephone numbers remain highly static. A given
individual is not likely to have his telephone number changed on a regular
basis. A public IP assigned by an internet provider is usually dynamic and can
change from day to day or even hour to hour. The length of time that an IP is
used by an individual can be configured by an ISP for a period of seconds to
years. Usually the time range is in hours or days and may not actually change
when a dynamic lease is renewed.
MediaSentry is able to detect the
infringement of copyrighted works and identify the users' IP address because the
P2P software being used by those individuals has file-sharing features
enabled.
This right here is a glaring hole in their argument. As
I described above I could easily reconfigure a Windows computer at my home to
look like it's actually a linux server in a datacenter in another state by
routing the Windows computer through the linux server. If I were unscrupulous
and wanted to share copyrighted materials on a P2P network I might search for
other servers on the internet that are configured as an open proxy. I might
even download a virus (whose source code can easily be found with a little bit
of google searching) then modify that virus and release it in the wild. That
virus would configure unsuspecting Windows computers as anonymous proxies that I
could then hijack. By routing my P2P software through those proxies,
MediaSentry or anybody else would think I was connecting from that remote
computer rather than my own computer. To use the RIAA's telephone analogy, it's
as if I broke into a home that had two telephone lines and taped the handsets of
the two phones together. From my house I call one of those lines and cause the
second line to dial the number I actually want to call. If the person I was
ultimately calling had Caller ID then they would see the call coming from the
house I broke into rather than my own home. The FBI recently issued a press release
stating that as many as 1 million unsuspecting computers may be compromised in
order to send spam. This same compromise could easily allow those infected
computers to serve as P2P proxies, leading the RIAA to identify the wrong IP as
the source of shared music.
I happen to live in the Boston area and
currently have a lot of free time on my hands. I'm a professional sysadmin with
a lot of networking experience. If Mr. Beckerman would like to talk to somebody
in person (if just to bounce some general questions around, or more) I'd be more
than happy to help out. [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:31 PM EDT |
If Media Security record down the route at that time as well as the IP address,
then it's pretty solid. If they don't have the routing information then it can
be demonstrated that two machine can have the same IP on the internet. [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:35 PM EDT |
The RIAA is suing an IP address. IP addresses don’t file share. They are then
trying to attach that IP address to an account owner, and claim that the account
owner is the actual filesharer, and that it's all being done on a specific
computer that they can identify without error. This simply does not follow, as
a growing number of case dismissals will attest to, and no amount of smooth
words on the part of Mr. Linares will ever make it true[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:44 PM EDT |
Quick question. Do the Universities who provide their students with internet
connections use NAT so each user gets a "private" address on their
machine? If they do then would not Media Sentry or any other P2P user only see
the university's IP address not the specific machine's address? If that is so
then it could have been any one of perhaps several thousand possible users that
they would see at that same IP address? And they would have no actual way to
determine which user might be sharing the music.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:47 PM EDT |
There's a particular point which many people have referred to, but no one
appears to have stated outright (probably because it's obvious to most of
us).
The declaration states that an IP address identifies a computer. It
does not and cannot. And IP address is associated with the network device to
which it was assigned; in most cases, the network device the ISP assigns the
address to is a modem, adaptor, or router owned by the ISP.
Dialup?
The public IP is assigned to the modem on the ISP side. Cable? The public IP is
assigned to the cable modem, which is most often leased from the ISP. DSL? The
public IP is assigned to the DSL adaptor, most often leased from the ISP.
In
order to tie these IP addresses to a location, one would have to have
high confidence that:
- The ISP's records accurately record which specific
device is at which location; I have, on more than one occasion, been told that
the cable modem I have in my house was registered to someone else. For example,
when the ISP forgot to update their records when they swapped out a modem for
repair.
- The clock on the computer that logged the IP and MAC addresses
matches the clock on the computer that logged a given IP offering a
file.
- The IP and/or MAC had not been spoofed.
- The device in question
was physically at the location on record at the time the file was transferred;
the device could have been at a friend's house (e.g. if one were attempting to
diagnose an issue for that friend, one might take one's own modem
along)
Even if you have all of that with confidence, you've only
identified a location, not a computer, and certainly not an individual. [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 06:58 PM EDT |
This is flawed for several reasons, some mentioned already by others:
1. NATs - The ip of connections coming out from behind a NAT can only identify
the network, not the person who uses the device behind the network
2. Proxies - see above
3. Same IP can indeed be used be more than one person on the internet, and even
on the same network, though this would result in packet collisions, this is a
valid form of network attack
4. Identifying the IP does not identify the person -
4.a Even if IP identifies the device, it doesn't identify the person who
uses the device
4.b Unsecured, or purely secured networks, especially wireless networks can
result in anauthorized usage of the connection
5. Dynamic IP assignment, many (most) ISPs assign IPs dynamically some times
reassigning every several minutes. see below on time sync
6. Time synchronization - this is an important argument that is unfortunately
rarely made - If i go to the network owner, and say - At 5:15 on June 22nd 2007,
a person with IP www.xxx.yyy.zzz has copied file X, I rely on the fact that:
6.a The clock of the person requesting disclosure is completely (up to a
millisecond) synchronized with every device in chain in the ISP clock, that
includes the router to which the connection is made, the log server etc etc...
and that they all are synced together. Unfortunately, for anyone involved in
time synchronization in software, we all know that this is not what happens in
reality.
6.b there is no hardware time skew on any of the devices in chain
6.c The requestor and the ISP have both switched our daylight time savings at
the same time
6.d The time synchronization is accurate (if you have a slow connection, you
will be skewed by the latency of connection)
6.e The request is accurate - that is saying 5:15 is not enough, it has to
specify the exact millisecond, cause in one minute the IP can be switched to
someone else.
6.f The requestor and the ISP have both accounted for time zone differences,
and have their systems (all devices in chain) configured properly for such
accounting).
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:12 PM EDT |
I have a suggestion for a fun project. Write a program that will create a mp3
file with a simple computer generated voice saying something like "this is
not the file you are looking for" repeated for a specified period of time.
Then have it generate these files with filenames and exact lengths for a large
number of current popular songs. Then serve them up on the p2p networks and
make the server easy to locate who owns it. That way the RIAA will have a very
easy time filing a suit. Then counter sue based on the fact they did not even
determine if their IP was infringed as every song will not be the actual song.
Of course this would require someone with money to deal with the suits but it
would just be one more loss to counter the RIAA suits with showing they don't
actually know what they are suing over.[ Reply to This | # ]
|
|
Authored by: dwmosman on Monday, July 02 2007 @ 07:16 PM EDT |
Minor:
P2. this does not appear to document expertise in explaining how computers or
networks work. In fact, some of the statements in this document re PC's and
routers are simply wrong (see below).
P6. "... similar online systems emerged attempted to capitalize on the
growing market Napster fostered ..."
- Assertion, ascribes motives to other companies actions
P8. "...Thus..."
- Invalid conclusion, does not follow from preceding statements. The fact that
people copy copyrighted material, even large volumes of it, and the fact that
people use P2P networks (as well as ftp sites, CDs, cassette tapes, etc.) are
not together logically sufficient to make the conclusion that "the vast
majority of content" of P2P traffic is unauthorized.
P9. "The scope of online of copyrighted cannot be underestimated..."
- (nitpick) He probably means to say it cannot be overstated. If it cannot be
underestimated, then if I estimate the cost at 0, I'm still too high. (of
course, he's the "expert" :) )
P12. "...the unique IP address of the computer..."
- Almost always incorrect. Virtually all computers on computer networks today
have "dynamic" IP addresses. That is, a network server will
TEMPORARILY assign each PC an IP address. After a set period of time, the PC
must request another IP address and the server will assign a NEW IP address. It
may be the same address or it may be an entirely different address. Thats up to
the server.
P12. "...each computer or network (such as router) that connects to a P2P
network must have a unique IP address within the Internet to deliver files from
one computer or network device to another..."
- Incorrect. Each local computer network (i.e. collection of PC's, printers,
routers, etc.) must have a gateway to the internet. The gateway must have a
temporarily assigned IP address which is either unique to the next higher level
network that the gateway is connected to or unique to the entire internet.
However, at any one time, there are probably millions of PC's, each with the IP
address 192.168.0.1, which are all successfully connected to the internet
(through cable routers).
P12. "...Two computers cannot effectively function if they are connected
to the Internet with the same IP address at the same time...For example, in a
particular home, there may be three or four different telephones, but only one
call can be placed at a time to or from that home...
- Incorrect. All across America, familys are using cable routers, purchasable
in Best Buy and competing stores for $70 or less, to enable two or three or more
PC users to simultaneously access the web.
ex. "The Linksys EtherFast(R) Cable/DSL Router is the perfect option to
connect multiple PCs to a high-speed Broadband Internet connection...acts as the
ONLY externally recognized Internet device on your local area network..." -
Linksys product description for the BEFSR11 Cable Router
Disclaimers:
IANAL (I am not a lawyer, If you want legal advice, hire a lawyer),
IANANA (I am not a network administrator, if you want network advice, hire a
network admin)
MUCoCiW (Making unauthorized copies of copyrighted material is wrong. Don't do
it. Microsoft would still be a little company making home products if millions
of people had not gleefully bootlegged copies of Windows into their
businesses).
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:17 PM EDT |
Two points.
1. Computer is not person
In most networks, desktop PCs are assigned IP addresses via DHCP which keeps
logs of which machines are assigned which addresses for which periods. If the
network operator provides this information then that is a strong indication of
which PC was exchanging the data. The address of a PC in such a situation
however does not identify an individual, only a computer.
2. Addresses can be forged
It is also possible to forge the MAC address of a computer and hence make one
computer appear exactly like another on a network.
If I change the MAC address on my PC to that of my neighbour then the network
cannot distinguish between traffic from my PC and traffic from my neighbour. If
both PCs are on then some network malfunction will be obvious, but if the
computer being forged is off the network then the forgery will be undetectable.
As such I do not think that the MediaSentry approach can ever identify more than
the LAN on which data was exchanged. This might be sufficient to cause a judge
to allow experts to examine the machines attached to the network at the time.
--
BbMaj7 (sorry lost password -> anon)
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:22 PM EDT |
As this lawyer should already know, MediaSentry was acquired by another firm,
SafeNet, Inc.
The deposition is technical and factually incorrect, and the author has knowing
lied at best!
This is another case of a non-Engineer making claims that only a certified
Engineer can make. Lacks both personal knowledge, formal education, experience
and training to make claims the author makes! Should be rejected on this basis
alone.
Second, makes claims about software and procedures that have not been peer
reviewed by any organization whose charter is in these fields of expertise
(telecommunication, network engineering, communications protocols, etc).
Third, he continues to propagate a self serving fallacy. The fallacy consist of
two-parts, 1) that a routable IP address is in fact a end-point, and 2) that the
IP protocol contains routing information.
Dealing with the second part of the fallacy first, and that is the IP protocol
does not and has never conveyed as part of the protocol routing information.
Thus is there is no way to know with certainty that a IP address is an
end-point. If a IP address is not an end-point, then nothing can be attributed
to the IP address.
And IP address identifies a process (software being executed) on some machine
and nothing further. It is impossible using the IP protocol to identify an
individual based solely upon an IP address.
Since IP addresses may not be end-points, it should be noted that ISP's
routinely re-use routable (externally exposed IP addresses) and assign them to
internal IP addresses frequently. Thus date and time may be insufficient to
properly identify an IP address or user because of differences in time on
different machines.
Lastly, because of bots and viruses which Microsoft has been unable to prevent,
rogue processes (executing applications) may be running on a machine without
user knowledge. And this ignores high-jacked servers. Again, since the IP
protocol does capture or convey routing information, application layer relays
appear as end-points even though they function as routers.
Again, because the required instrumentation does not exist on the internet at
large (ignoring the constitutional issues of attempting to do this), it is
impossible for any professional to claim any IP address encountered is an
end-point. There is insufficient information to make that claim, much less be
able to prove it scientifically. Thus the author has already impeached
himself!
Next, a file name is not proof of the contents of a file. Only by downloading
the file and examining its contents, current format, and format derived from can
one make any claims of infringement. There have been a number of cases where
someone was accused of infringement based solely on file name similarities.
Again, not proof of infringement without downloading and examination. This
ignores the whole sampler issue of a snippet being used as advertising
enticement.
In closing, MediaSentry (now part of SafeNet, Inc.) needs to come clean with a
expert who testify about the software and procedures used by MediaSentry to make
claims that are unsupportable scientifically. It would be interesting to learn
whether MediaSentry's software and/or procedures have been reviewed by any
outside peer review organization(s), and what the charter and qualifications of
such organization to perform peer reviews is.
It appears to me, the the author is attempting to make accusation's that can not
be supported by science and using another corporation (entity) to hide this
fact.
I would request that MediaSentry identify a witness who can speak on behave of
MediaSentry to the issues I've raised here.
An engineer who wishes to remain anonymous.
[ Reply to This | # ]
|
|
Authored by: Peter Baker on Monday, July 02 2007 @ 07:24 PM EDT |
Is intention relevant in these cases? I'm asking these questions because I
would like someone to examine the argument - I am by no means stating I'm right
:-)
On the one side, we have end users which run Windows. Not only is that
an OS which is easily compromised, the latest version is actually
compromised from the inside. All the statements I've seen so far make
running P2P proof of the intention to distribute (which, incidentally, also
isn't the same as actually doing it). Leaving the door open of your car does
not display an intention to share its use with the rest of the neighborhood or
you could never get a carjacker to jail..
On the other side we have
MediaSentry who appears to break the Computer Misuse Act (in the UK, forgot what
it is in the US) by WILLFULLY entering a system without seeking permission of
the owner. Again, the fact that I leave a service available does not constitute
a right of access. Going back to basics - I may not even KNOW I'm putting up a
service as fighting virus infections is something that even specialists
occasionally have a problem with (especially zero day).
It thus strikes me
that any MediaSentry driven case starts with an admission in Court of willful
invasion/compromise of computer systems. AFAIK MediaSentry nor RIAA have the
required legal statue or warrants for that..
In summary, assuming I'm
correct, given the incredible (and increasing) amounts of rather pissed off John
and Jane Does out there it strikes me that RIAA/MediaSentry are not really
navigating a very safe course..
--- = P =
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:31 PM EDT |
How many cable modems, wireless routers, or other network devices are installed
in user's homes with default (or well-known) security? An external attacker
need only forward the appropriate port and it could appear that the (hacked)
router was doing something illegal (because it is the destination and port that
matches the sniffer), when it is really relaying frames somewhere else, possibly
with shifted source/destination port numbers (i.e. not P2P). I can
"see" at least seven unsecured wireless networks from my house.
Routers with external management enabled are wide open to abuse and
mis-diagnosis of alleged illegal activities.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:37 PM EDT |
First, I re-express the bulk of the comments about NAT & DHCP.
But one
position I did not notice is the use of _wireless_ routers at many
homes and
schools.
Many home wireless routers are simply wide open. Meaning not only that
all
the computer in the residence are hiding behind the Router's IP, but there
could be an insane number of other completely unknown people
using the
"same IP."
At a school, they'll usually hand out userIDs & passwords to use
for the
wireless access. Perhaps even lock it to a (nominally) unique MAC
address
internal to the computer's ethernet. At a fair chunk of places, this is
about as
useful as the lock on a toy jewelry box. It _can_ be pretty secure. Or
it can be
as secure as storing all your stuff under a tarp in your front
yard.
The whole 'wireless' argument moves it past "Yeah, but you _let_ your
friend
sit at the computer and steal from me." [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:49 PM EDT |
Hopefully, someone can lawyer-ize this, but I think it should help.
#8. Non-sequitur. It has not been shown what portion of peer-to-peer traffic
is authorized or unauthorized, nor what portion of peer-to-peer traffic consists
of audio recordings. In addition, mere lack of authorization by the copyright
holder for the distribution of copyrighted content does not equal a violation of
copyright law. Therefore, one cannot conclude based solely on the lack of
authorization by RIAA member companies that the "vast majority of
content" on peer-to-peer networks is distributed in violation of copyright
law.
#9. There has been no meaningful study of the amount of revenue lost by RIAA
member companies as a result of online piracy. In particular, such a study
would need to show (a) the portion of downloaders who would buy the products of
RIAA member companies, had they not downloaded digital files of those products
via peer-to-peer networks, and (b) the portion of downloaders who do not buy
those products eventually anyway. Since no such study has been produced, it is
impossible to ascertain what damages, if any, RIAA members suffer as a result of
peer-to-peer online music downloads.
#12. IP addresses do not have a one-to-one correspondence to an ISP account
holder. In fact, an account holder's IP address can change at nearly any time
(called a "dynamic IP address", because it is allocated dynamically
and arbitrarily from a pool of IP addresses). At any given moment, an IP
address also does not correspond to the user of a particular computer, nor does
an IP address necessarily correspond to an individual computer (in fact, most
consumer-grade routers employ NAT routing, which causes all computers on the
local area network side of the router to have the same apparent IP address to
machines on the wide area network side of the router).
This _directly_contradicts_ Mr. Linares's affidavit, where he claims, "This
is analogous to the telephone system where each location has a unique number.
For example, in a particular home, there may be three or four different
telephones, but only one call can be placed at a time to or from that
home." In fact, a huge of machines could potentially be attached to the
local area network side of a router, but all will appear to have the same IP
address to machines elsewhere on the Internet. Furthermore, all of those
machines can engage in communications with each other or with machines elsewhere
on the Internet. Finally, there is no way to ascertain solely from the IP
address which of those machines is being spoken to at any given time, since the
determination of which machine on the local area network a particular
transmission is destined for takes place entirely and solely within the router.
An IP address also does not correspond to a particular user. It does not
identify which human being is operating the machine at any given moment, or
which human being has potentially set into motion events which result in the
violation of copyright.
#14. A mere filename is insufficient to prove the violation of copyright. In
order to provide evidence of copyright infringement, MediaSentry would be
required to download a music file, listen to it, and ascertain that a client's
company was (a) the current holder of the copyright for that work, (b) that the
downloaded file was obtained from someone who did not have authorization to
distribute it, and (c) that none of the provisions in copyright law which
abrogate a copyright holder's rights apply to the situation at hand. In
addition, it is not possible to provide in a textual document evidence that a
particular music file is violative of copyright. Filenames, metadata, and other
such content which does not constitute the actual copyrighted data of a music
file can be set arbitrarily by the user, including in a manner which provides
the suggestion that a particular file's copyright is held by one of
MediaSentry's clients, when this is in fact not the case.
For example, a file could be named, "Britney Spears - Oops, I Did It
Again.mp3", but could consist of an amateur vocalist singing that song a
capella. In such a case, not only would royalties not be due to any RIAA member
companies, but the vocalist may have even obtained a compulsory license
permitting them to legally distribute their rendition of the song.
For another example, a file named as such could be an audio news article
discussing that particular song, using short clips of the song in the interest
of completing the news report, and as such would be covered by fair use
provisions in copyright law.
A third example would have the filename and metadata indicating a song whose
copyright is held by an RIAA member company, but with the content of the file
consisting entirely of random data, producing nothing but noise if played. In
fact, such a tactic is frequently used by copyright "protection"
companies to foil the efforts of peer-to-peer downloaders, and could conceivably
be used by private individuals as well.
#15. By downloading files whose copyright they cannot possibly be certain of
until a particular file is examined in more detail, MediaSentry, the RIAA, and
RIAA member companies put themselves in the precarious position of committing
copyright infringement themselves, if they download a file whose copyright they
do not hold, and for which the copyright holder does not wish their file to be
distributed.
#16. An ISP's logs cannot determine the facts which Linares claims:
"...can identify the computer from which the infringement occurred (and the
name and address of the subscriber that controls that computer)". The
"computer" assigned that particular IP address may be a router,
possibly with multiple computers owned and controlled by several different
people. The ISP's logs provide no way to determine whether the machine assigned
an IP address is a router or a computer (or both), nor do those logs indicate,
if a router is present, which machine behind the router participated in
infringing activity. In addition, a machine may be infected with malware - a
computer program placed by a person on another person's computer
surreptitiously, which can allow them to, among other things, participate in
illicit file sharing without revealing their own IP address to the RIAA or
MediaSentry. In such a situation, it would be difficult to claim that the
computer's owner is truly the person "that controls that computer".
However, an ISP's subscriber data can be used by the RIAA to badger individuals
frightened by the prospect of a protracted and expensive lawsuit (perhaps
costing tens of thousands of dollars) to settle out-of-court by paying mere
thousands of dollars, even when no infringement has occurred.
#17. Concession of one company (Verizon) - or even multiple companies or
organizations - to a particular subpoena process does not mean that said
subpoena process supports the public good or is even legal. Many ISPs see
little upside to battling the RIAA in defense of their customers, and therefore
choose not to contest those subpoenas. In most cases, these subpoenas are
executed ex parte, intentionally preventing the target of the subpoena from
having the opportunity to defend their rights.
#18. Neither the RIAA nor MediaSentry can guarantee that the defendants (i.e.,
those who actively participated in the act of distributing files for which RIAA
member companies hold the copyright) are on the Boston University campus or
using Boston University's Internet service. The presence of malware on any
number of the RIAA-targeted machines would allow the true infringer to
participate in peer-to-peer filesharing anonymously, by using the
malware-infected machine as a proxy.
#19. As mentioned before, the mere filename and/or metadata of a file does not
indicate the holder of the file's copyright. The RIAA and/or MediaSentry would
have to demonstrate having listened to the "thousands of files" to
ascertain their individual status in order to ensure that each of those files is
violative of copyright.
#20. The RIAA cannot determine how many times, if any, a particular file has
been downloaded from a particular computer, aside from the time or times that
they have themselves downloaded a file or the number of times MediaSentry has
reported downloading the file from them.
#21. The RIAA cannot demonstrate whether or not a particular file is downloaded
on a particular day, nor can they demonstrate any tangible losses as a result of
any particular download. A downloader may have no intention of purchasing a
work. Said downloader may already own a work, but find downloading the file
more convenient than "ripping" the song from a CD. Said downloader
may have already legally purchased a work, but, having destroyed the CD in some
manner, is downloading the song to restore the work's place in their
legally-purchased collection.
The mere threat of a legal action against unidentified members of a targeted
community such as Boston University is also likely to greatly diminish the
amount of actual violative distribution within that community for the duration
of the threat, thus greatly diminishing any continued economic losses from that
distribution.
#22. The RIAA has not demonstrated that any particular works in this case are
pre-release works.
#23. Service of defendants does not require expedited discovery.
#24. The court can specifically enjoin an ISP to keep records of their logs for
the relevant time period beyond the point that they would normally be deleted as
a routine matter of system maintenance.
In contrast, the privacy rights of a potential defendant are materially and
irreversibly harmed by permitting ex parte discovery to occur.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:57 PM EDT |
- How exact is "exact"?
- In paragraph 7 section, paragraph three claim that "exact" copies
are transfered. The copies are unlikely (but may occasionally) be exact. Most of
the time the files won't be exact.
- When a recording is ripped, the ripped file has a specific and exact bit
pattern. However, within the PC data/file transfers have "BER" (or Bit
Error Rate) in the transfer. Meaning the copy to audio codec has a probability
of receiving a slightly different bit stream than was contained in the original
file. If the file is shared across several servers and several networks (each
computer that transfers the file has it's own BER), the destination file will
likely be different than the source file (to a greater or lesser degree). Error
detection and correction reduce, but not eliminate, the errors that creep in.
- Furthermore, the human ear is not the best method for determining how
identical two audio streams are. The brain easily fills in what the hearer wants
to hear. Sorry I don't have the sources, but firmly believe it to be true.
- In addition, from a legal perspective, how exact must exact be? In that, if
the Least significant bit in each (let's assume an 8 bit) word is inverted and
all others are identical, then the file/stream is 87.5% identical to the
original. This type of change is unlikely to call significant attention to
itself, when listened to. On the other hand, if the Most significant bit of each
(8 bit) word is inverted, then the file/stream is also 87.5% identical to the
original. However, the file/stream is totally different, to the ear! One of the
rules of digital hardware, bits have different levels of importance, depending
on their position. in the data words.
- Therefore, how does the law define an "exact" copy, an
"identical" copy, a "close enough" copy or "not close
enough/legally different" (not-)copy when dealing with copyrights?[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 07:57 PM EDT |
"12. Users of P2P networks who distribute files over a network can be
identified by using Internet Protocol {"IP") addresses because the
unique IP address of the computer offering the files for distribution can be
captured by another user during a search or a file transfer. Users of P2P
networks can be identified by their IP addresses because each computer or
network device (such as a router) that connects to a P2P network must have a
unique IP address within the Internet to deliver files from one computer or
network device to another. Two computers cannot effectively function if they are
connected to the Internet with the same IP address at the same time. This is
analogous to the telephone system where each location has a unique number. For
example, in a particular home, there may be three or four different telephones,
but only one call can be placed at a time to or from that home. Each computer or
network device is connected to a network that is administered by an organization
like a business, ISP, college, or university. Each network, in turn, is
analogous to an area code. The network provider maintains a log of IP address
allocations. An IP address can be associated with an organization like an ISP,
business, college or university, and that organization can identify the P2P
network user associated with the specified IP address."
This is not correct. I, personally, have 5 computers connected to the internet
through the same IP address. I have a internal network, 192.168.xxx.xxx that is
routed to the internet through a single computer. My internal network includes a
wifi router so that 2 laptops can connect. It is possible (likely) that others
that I don't know use my internet conection from time to time.[ Reply to This | # ]
|
|
Authored by: Bill The Cat on Monday, July 02 2007 @ 07:57 PM EDT |
Many arguments have already been brought up in Anderson v. Atlantic, RIAA, et al
and Lindor v. UMG. As has been covered here already, the MediaSentry/SafeNet,
diposition uncovered many flaws with the methods used for gathering so-called
evidence. The dialog that followed covered even more analysis and perspective
on the subject. I see a lot of that being rehashed here. Recording Industry vs. the
People has a lot of commentary however, I am not sure that a significant
amount would stand up to legal scrutiny. The point is that this web site offers
a lot to think about but I'd be reluctant to take any advice without consulting
a lawyer The bottom line is that the RIAA and SafeNet's methods are highly
questionable and, in some cases suspect of being illegal. I would certainly
start here because if you can destroy their foundation, the rest of the case has
little to support itself. --- Bill The Cat [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 08:04 PM EDT |
I do not have the expertise to debunk this declaration
But!
What he doing is using weasel words and weasel sentences
to imply things and situations which can just as easily
have the exact opposite meaning and cause.
I do know what he is doing. Nothing he says if blatantly
false.; it CAN all be true AT TIMES.
Likewise nothing he says id really true; all of it can be
false at times.
Examples:
3.The RIAA is a not-for-profit trade organization whose
member record companies create, manufacture, and/or
distribute approximately ninety percent of all legitimate
sound recordings produced and sold in United States
Is the RIAA making a profit from their law suits? If so
where does the money go? If it is returned to its members
then the RIAA is a profit making carte.
6.Much of the unlawful distribution of copyrighted sound
recordings over the Internet occurs via "peer-to-peer"
("P2P") file copying or so-called on line media
distribution systems. The most notorious example of such a
system was Napster, which was enjoined by a federal court.
Notwithstanding the court's decision enjoining Napster,
similar on line media systems emerged and attempted to
capitalize on the growing illegal market that Napster
fostered. These included KaZaA, eDonkey, iMesh, Ares,
BitTorrent, DirectConnect, and Gnutella, among others. To
this day, some P2P networks continue to operate and to
facilitate widespread copyright piracy. At any given
moment, millions of people illegally use on line media
distribution systems to upload or download copyrighted
In Canada a copyright charge which goes to the Canadian
version of the RIAA is charged on recording medium for the
stated purpose of paying the making such downloads legal.
Does that mean that if a server is located in Canada that
the above programs would be being used fro improper means?
Once a sound recording has been transformed into an
unsecured digital format, it can be copied further and
distributed an unlimited of times over the Internet,
without significant degradation in sound quality
Yes. That does not mean that it is and has been copied and
distributed or if distributed that it was done illegal.
Here is some example of legal on line music
http://www.national-anthems.net/
Take especial note of
United States
France
Cuba
http://debian.fmi.uni-sofia.bg/~kalata/docz/National
Anthems/
Soviet Union
http://www.soviet-empire.com/ussr/viewtopic.php?t=28560
The International
http://www.marxists.org/history/ussr/sounds/
Which according to this brief the RIAA owns the copyright
to these - Bull.
8.The major record companies generally have not authorized
their copyrighted sound recordings to be copied or
distributed in unsecured formats by means of P2P networks.
Thus, the vast majority of the content that is copied and
distributed on P2P networks is unauthorized the copyright
owner -- that is, the distribution violates the copyright
law
Sentence 8.1 is completely unrelated to sentence 8.2.
12.Users of P2P networks who distribute files over a
network can be identified by using Internet Protocol
{"IP") addresses because the unique IP address of the
computer offering the files for distribution can be
captured by another user during a search or a file
transfer
If there is 1 in a billion, 1 in a hundred trillion
chances of this happening then the statement is true which
implies that this individual is practicing deceit since
all the other times the event does hot happen.[ Reply to This | # ]
|
|
Authored by: Stanley Chow on Monday, July 02 2007 @ 08:08 PM EDT |
Point 8: As I posted in another thread "Point 8 -
P2P is illegal", many bands have given explicite permissions for trading of
recordings.
Point 9: The scope of online piracy of copyrighted
works cannot be underestimated. The RIAA member companies lose significant
revenues on an annual basis ...
As others have pointed out,
this is not proven. In fact, most (if not all) unbiased studies say CD sales is
not hurt by P2P sharing. For example, quotes a 2004 study by Felix
Oberholzer-Gee of Harvard Business School and Koleman Strumpf of UNC Chapel
Hill that concludes "downloads have an effect on sales which is
statistically indistingushable from zero." On the other side of the argument,
there are new releases that were hyped on the P2P that catapolted to the top of
the charts.
Indeed, many (new/indie) bands now operate under a new business
model where they see P2P as an advertising medium that drives their income from
"gigs", from sales of physical CD as well as sales of digital mp3
files.
Point 12 about unique IP addresses - by and large true, with some
notable exceptions:
NAT (Network Address Translation) is used to hide a
private network so that only one IP address is presented to the "public"
network. Inside the private network, many machines each with a private IP
address not visiable to the outside world. The private IP addresses are usually
(but not always) in what are called RFC 1957private addresses. Many
enterprises has NAT firewalls, as do many home owners (most "broadband routers"
from Linksys, 3com, ... are all NAT firewalls).
Proxy firewall is another
way that hides private networks (different mechanics, but similar result for
this purpose).
Address-spoofing is the act of the originator using some
other IP address (often done as part of some attack to hide the address of the
originator). Un-masking the spoofing is difficult and can only be done close to
the originator - i.e., it is unlikely that MediaSentry and other observers have
enough information.
depending on the LAN topology, it is easy to "sniff"
packets that are addressed to another machine on the same subnet. For example,
classical ethernet on coax cable presents every packet to every machine on that
subnet and depends on each machine to process only the packets destined for it.
It is very easy to put machines into "promiscuous" mode to process every
packet.
This means I could operate as another machine by a combination of
spoofing and sniffing. Depending on configurations and so on, the spoofed
machine may or may not act strangely.
Many cable boardband systems treated a
neighbourhood as a subnet and many people could sniff packets destined for other
people. This used to be common, but I assume the cable operators have tighened
up security. Also, any network segment using a hub (as opposed to a switch) is
similar (including cases where a hub is used to allow multiple machines to use a
single ADSL account).
Point 13 - finding IP address means finding the
individual. As many of the briefs in many cases have noted, the IP address
cannot tell which machine in a private network was used, much less which actual
person.
General point on identification of individuals from the IP
address:
the RIAA tactic can only map "dynamic" IP address to user account -
that is, find out which account was active and assigned that IP address. This
assumes clocks are synchronised and ISP records are correct. Quite often, clocks
are be off by days, and a mistake of minutes may be enough to misidentify users.
At the minimum, the ISP log must show a time interval that matches MediaSentry
times as well as when the user would have been theoretically on the
computer.
given the user account, it is difficult to identify the actual
machine in the private subnet created by a broadband router (or Linux firewall,
etc.). There are techniques that can probe behind a firewall to discover the
toplogy of the private subnet and characteristics of machines inside the private
subnet.
given the actual machine, it is not necessarily true that the owner
of the machine is responsible. Most machines at home (or dorms) operate with no
logon security so anyone with physical access can do anything to the machine,
including setting up P2P without approval (or knowledge) of the
owner.
There are millions of machines that have been taken over by malware
and turned into "bots". There are many documented instances where bots were used
to serve illegal contents of many types (indeed, this usage far predates the
term "bot"). The rise of the bot armies is a major concern for many security
reason, including botnet-for-hire as a tool for DOS (Denial Of
Service).
Many people have WiFi access points to allow laptops and so on. It
is difficult (at least for the layman) to secure WiFi access points; as a
result, many access points are "open" and allows anyone to connect. Most home
WiFi access point systems (or even enterprise units) do not keep logs that are
sufficient to track usage. Note that WiFi security has a poor history - each fix
has been easily cracked. It is only recently that it is even possible to set up
WiFi securely, and it depends on interworking between particular brand and model
of equipment. It is well beyond the knowledge and ability of the average
consumer to secure a WiFi access point.
even for a machine that is not
infected by malware, it is possible for a friend to have set up P2P (of whatever
flavor) and left it running. The owner or some other friend may then unwittingly
share content (to which they may or may not have rights).
Fundamentally, it
is very difficult to prove that a particular individual intentionlly
shared files. It is somewhat easier to prove that a particular machine was
sharing files - by forensic examination of the machine. Traditionally,
investigating "anti-social" behaviour has oftern required mapping IP address to
user but it is usually an early step in the investigation as opposed to the only
step.
Point 22 - pre-release availability on P2P. The have some many cases
where the songd were hyped on P2P and, as least ancedotally, sales of CD were
proportional to hype and not propertional to availablity.
[ Reply to This | # ]
|
|
Authored by: PJP on Monday, July 02 2007 @ 08:10 PM EDT |
There are apparently quite a few people here with an imperfect understanding of
how TCP/IP works.
The telephone analogy is imperfect, but then so are the arguments about routers,
network address translation and DHCP.
Lets look at this in more detail and see how what is required to trace a P2P
connection back to a specific machine.
There are two types of IP address, routable and non-routable. Only routable
addresses can directly communicate across the Internet. These are assigned in
one of two ways, either statically - and ISP will assign an IP or number of IPs
to a user, and the user will then use those addresses as he sees fit. These
addresses are traceable to the user (or organization) to whom they were
assigned. In this case it would be addresses assigned to the Boston University.
The second method of assignment is dynamic, usually via DHCP. In this case a
computer connecting to a network will broadcast a request for an address. The
DHCP server will receive the request and allocate an address from a pool that it
maintains. The assigned IP is valid for a specific period of time. This can vary
from minutes to days or even weeks depending upon how the server is configured.
Short validity times are typically assigned when it is expected that the system
will normally only be connected for a short time, and that there are is a large
turnover of connecting systems. A good example of this might be an airport
lounge where users would typically connect to check e-mail then leave shortly
afterwards to catch their plane. If long duration validity was used, the system
could find itself with all of its pool of IP addresses assigned to laptops now
on planes, and no addresses to assign to new users.
Long validity times are typically used where there are a large number of
relatively static machines. Examples might be desktop systems within a company
or home users on a domestic ISP. With the very large number of systems, a short
validity period would cause a large load on the DHCP servers, potentially
leading to capacity problems.
Now, on a DHCP network a malicious user could statically assign one of the IP
addresses in the DHCP pool to his machine. Provided this was not being used by
another machine the chances are high that this would work. It takes significant
extra effort to ensure that only currently issued addresses can be routed onto
the internet. Most domestic ISPs do not make this extra effort, and given the
static nature of domestic ISP systems an IP used in this way could potentially
be used for long periods (weeks/months) with no problem.
Another scenario is that user A is assigned an IP address. It has a validity
period of (say) 1 week. User A is known to shut down his machine when not in
use. User B can determine if user A's machine is online with a simple 'ping'
command. If user A is not online, user B can configure user A's IP statically
and use it. Again, it is technically possible to ensure that a given IP can only
be matched to a specific MAC (hardware) address, but the overhead of this is
such that it is typically not done. Even if it were, it is possible to change
the MAC address too. So user B could use both the MAC and IP of user A.
To map one of these pool addresses to a specific user when using DHCP the log
files of the DHCP server would be required. It would also be necessary to
establish that the time and date set on the DHCP server matched the time and
date of the observer making the trace. The DHCP server logs could match a given
IP address to a specific MAC address to which it issued the IP. However, as we
have seen, the IP can be obtained by other means, and MAC addresses can be
spoofed. The DHCP logs are only definitive if:
* Non issued/valid IP addresses are blocked.
* IP and MAC must match else the IP is blocked.
There is no way to determine if MAC address spoofing was used unless a
username/password is required before an IP is issued. This then raises questions
about the security of the encryption (if any) used for the login sequence.
Thus, directly routeable IP addresses can be only be traced back to a specific
machine at a specific time if unusual precautions are taken by the network.
otherwise, an element of doubt exists since a reasonably competent individual
could acquire an address either unissued, or issued to a different individual.
On the topic of routers, they are used to route packets between networks. They
typically DO NOT alter any of the address information. So when we are dealing
with routable IP addresses the address in the packet will almost always be that
of the originating system.
This brings us to network address translation (NAT).
There are a limited number of IP addresses. As a limited resource, they are
relatively expensive to acquire. For this reason network address translation
(NAT) was developed.
NAT allows one (or a small number of) routeable address(es)to be mapped to a
much larger number of non-routable addresses. Within an organization (or maybe
even a home) every device has a non-routable address which is unique within that
network, but may be re-used on any number of other networks. If packets with
non-routable addresses are presented to the Internet they are recognized as
invalid (there is, by definition, no way to determine a route to reply to shuch
a packet) and dropped.
NAT works by looking for a TCP connection initiation to an address on the
Internet. It re-writes the packet to remove the non-routable IP address and
replace it with a routable one, and potentially re-writes the originating port
number with one it knows to be available. The port number and original
(non-routable) IP and port are stored in a table with in the NAT device. When a
packet arrives addressed to that port, NAT re-writes the packet destination with
the internal (non-routable) address and port, and sends it on to the internal
network to be delivered to the machine waiting to receive it.
Although developped to allow mapping of many non-routable addresses to a smaller
number of routeable ones, it is often used as a security measure since random
incoming packets are rejected unless they match (IP, port, sequence number) the
values of an established connection. Thus internal systems are protected against
probing by external systems.
If internal systems (with non-routable addresses) need to receive incoming
connections, specific measures need to be taken at the NAT device to specify
where to deliver incoming connections on a specific port.
Because of this, setting up P2P systems on a system behind a NAT device is more
difficult, since it requires specific configuration of the NAT device. The P2P
system must also know the external (routable) IP address of the NAT device. This
when a P2P system advertises itself, it specifies the (routable) IP and the port
on which it can be contacted. the NAT device must be pre-configured to recognize
incoming connections to that port and rewrite/forward them to the internal
system.
ISPs which issue non-routable (NATed) addresses will almost certainly refuse to
to set up the appropriate mapping. This means that P2P systems almost invariably
run either on systems with routable addresses, or on NATed systems where the
owner of the P2P system has direct control of the NAT device to set up the
appropriate mapping.
Because of the amount of configuration required, a P2P system behind NAT device
will almost invariably have a statically allocated routable IP for the NAT
device.
To determine the machine used for P2P when NAT is in use, we have first to
determine the routable IP and the machine using it. This is already problematic
as we have seen previously. Beyond that, we need a copy of the NAT configuration
(port forwarding) which was in force at the time of the supposed infraction in
order to identify a specific machine (again the internal, non-routeable
addresses are subject to the same hijacking/spoofing potential as the
external/routeable addresses.
Where the routeable IP can be unequivocably linked to a specific NAT device, if
that NAT device fronts systems all owned by the same person, it may be
reasonable to assume that that person has some responsibility.
If the NAT device has a statically allocated IP, and is permanently powered on,
it would be difficult to see how its owner could deny any responsibility.
[ Reply to This | # ]
|
|
Authored by: pajamian on Monday, July 02 2007 @ 08:21 PM EDT |
12. ... the unique IP address of the computer offering the files
for distribution can be captured by another user during a search or a file
transfer. Users of P2P networks can be identified by their IP addresses because
each computer or network device (such as a router) that connects to a P2P
network must have a unique IP address within the Internet to deliver files from
one computer or network device to another. Two computers cannot effectively
function if they are connected to the Internet with the same IP address at the
same time.
This is not true. Two or more computers can
function on the internet simultaneously under the same IP address if they are
behind what is commonly known as a NAT (which stands for Network Address
Translation) router. As an example I have several computers on my home network
all connecting to the internet with the same IP and they can all be doing
different things on the internet at once. It is even possible, via the use of a
VPN (Virtual Private Network) or a proxy server or some sort of tunneling
protocol (such as SSH) for computers to share the same IP address even though
they are physically distant from each other (they could be on opposite ends of
the world). There are even some ISPs (such as AOL) that use a group of proxy
servers and run the traffic of several users through one out of many proxy
servers such that hundreds of users all located in different parts of the world
may share the same IP address at a given point in
time.
This is analogous to the telephone system where each
location has a unique number. For example, in a particular home, there may be
three or four different telephones, but only one call can be placed at a time to
or from that home.
This is a bad analogy as the point he
is trying to make is false.
Each computer or network device
is connected to a network that is administered by an organization like a
business, ISP, college, or university. Each network, in turn, is analogous to an
area code.
While it is easily recognizable when looking at
a telephone number which portion is the area code, which is the exchange code
and which is the individual's telephone number, this is not the case for IP
addresses. a 32 bit IP address may be broken down into any number of nets and
subnets and may be divided on any bit number. It takes someone with a fair
amount of knowledge to understand which portion of an IP address corresponds to
what part of the network.
The above analogy also breaks down in that
telephone numbers are static in that once assigned a telephone number you keep
that number until you cancel the account. IP addresses, while they can share
this static property, may also be dynamic and can change from one user to
another over a period of seconds, days or months.
The
network provider maintains a log of IP address
allocations.
There is no technical requirement for a
network provider to maintain such a log and while many or possibly even most do,
I highly doubt that all network providers maintain such logs. Even among those
who do, the life of the log may be relatively short, in the order of
days.
An IP address can be associated with an organization
like an ISP, business, college or university, and that organization can identify
the P2P network user associated with the specified IP
address.
There are many factors which make this method of
identifying users less than fully reliable. The logs (if they exist at all) may
not be accurate, computers that log the data could be out of sync timewise, the
time reported for an alleged offense could be wrong, or out of sync with the
network provider's time, human error could cause the wrong record to be fetched.
There have almost certainly been cases in the past where the wrong user has
been identified by this process (none have as far as I know been proven because
the RIAA always drops the case before it gets to that
point).
16. The RIAA frequently has used the subpoena
processes of Federal Rule of Civil Procedure 45 and the Digital Millenium
Copyright Act ("DMCA") to obtain the names of infringers from ISPs. The RIAA
typically has included in their subpoenas to ISPs an IP address and on which
through its agent MediaSentry observed use of the IP address and a date and time
on which the RIAA, through its agent, MediaSentry, observed use of the IP
address in connection with allegedly infringing activity. In some instances,
providing the IP address alone to the ISP has been enough to enable the ISP to
identify the infringer. Providing the date and time further assists some ISPs in
identifying infringers, especially ISPs that use "dynamic IP addressing" such
that a single computer may be assigned different IP addresses at different
times, including, for example, each time it logs into the Internet.
1
Once provided with the IP address, plus the date and time of the
infringing activity, the infringer's ISP quickly and easily can identify the
computer from which the infringement occurred (and the name and address of the
subscriber that controls that computer), sometimes within matter of
minutes.
This is all contingent on, (1) the ISP
maintaining accurate records, (2) MediaSentry maintaining accurate records, (3)
timestamps being accurate and in sync, (4) no human error. If any of the above
fail then the wrong user could be identified by the ISP. Even then, only the
account holder can be identified. There are many cases where the person who is
using the P2P service might not be the account holder, such
as:
- A second user who shares the same account.
- A
wireless access point that is unsecured and is being used
surreptitiously
- A secured wireless access point that was successfully
hacked into anyways
- Spyware or other malware on one or more of the end
user's computers causing it to be used remotely by a third party without that
user's knowledge
- Hijacking of the users account such that another
remote user connects directly to the ISP with the user's account access data
unbeknown to the user or the ISP
--- Windows is a bonfire,
Linux is the sun. Linux only looks smaller if you lack perspective. [ Reply to This | # ]
|
|
Authored by: vonbrand on Monday, July 02 2007 @ 08:30 PM EDT |
AFAIU, "piracy" is not the same as illegal copying, so this is whole is
legal nonsense. [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 08:32 PM EDT |
I have five PC's hooked to a NAT box via a 10/100 switch. Each PC on the
internal network has its own *non-routable* IP address.
The NAT box has, naturally, two NICs. One NIC with a *non-routable* IP address
and one NIC with a public IP address.
Between (it's the only way I know how to say it) the two NICs is a software
firewall (Firestarter).
All five use the Internet at the same time for a variety of purposes, on a daily
basis.
Due to the way a NAT works, no *unsolicited* inbound traffic can get past the
public IP NIC and into the internal network.
The RIAA's mouthpiece statement about only one box at a time can access the
network via a single IP (or however he/she/it worded it) is, at a minimum, sheer
folly.
krp[ Reply to This | # ]
|
|
Authored by: whoever57 on Monday, July 02 2007 @ 08:40 PM EDT |
There is no mention of what procedures Media Sentry has to ensure that its logs
have the correct time and that there was no confusion on time zones. Remember
the case of the school kid who spent time in juvie until it was discovered
that the clocks at the school had not been changed for the summer time change? [ Reply to This | # ]
|
|
Authored by: PTrenholme on Monday, July 02 2007 @ 08:58 PM EDT |
For example, the public library here in Boulder, Colorado provides four or
five free Internet
connection "hotspots" for anyone who brings a computer to the library. Each
"hotspot" (PAT-2 ... PAT-7, if I recall correctly) can handle scores of "users"
with an IP address assigned dynamically by the "hotspot" when the user connects.
That address is, of course, assigned to that specific computer when it's
connected to the library's network, and the name associated with the
assigned IP address is the "name" the user chose to use for their computer when
they configured the computer or the connection. In any case, the
library has no record of which computer user was using any
specific system name at any specific time nor do the library's systems
enforce any policy that would preclude having more than one computer with the
same "name" connected to the network at the same time. So, even if they
kept records of the names of the computers connected to the network, and the IP
addresses assigned to that name (and, I believe that, in fact, they do not
keep such records) there is no possibility of mapping a "computer name" to a
specific computer user.
P.S.: No library card is required to
use the Internet from the library's access points.
P.P.S: I think,
but have never tried it, that one can connect to the library's access points
from the park outside the library.
In other words, these assertions in
the declaration are complete rubbish. --- IANAL, just a retired
statistician [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 09:07 PM EDT |
Hey- Same deal another issue. Just like the last time Media Sentry had an
*expert* testify, no dice unless they have a MAC address. Also, no evidence said
MAC address (if they even had one) was not being spoofed, no evidence of butt
being in seat in front of computer or network device (palm top, lap top, etc)
being in hand. Could be anyone.
Wikipedia article on IP spoofing
http://en.wikipedia.org/wiki/IP_spoofing
**The basic protocol for sending data over the Internet and many other computer
networks is the Internet Protocol ("IP"). The header of each IP packet
contains, among other things, the numerical source and destination address of
the packet. The source address is normally the address that the packet was sent
from. By forging the header so it contains a different address, an attacker can
make it appear that the packet was sent by a different machine. The machine that
receives spoofed packets will send response back to the forged source address,
which means that this technique is mainly used when the attacker does not care
about response or the attacker has some way of guessing the response.
In certain cases, it might be possible for the attacker to see or redirect the
response to his own machine. The most usual case is when the attacker is
spoofing an address on the same LAN.**
Please make these useless goons go away.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 09:15 PM EDT |
11. In order to assist its members in combating copyright piracy,
the RIAA retained a third-party investigator, MediaSentry, Inc. ("MediaSentry"),
to conduct searches of the Internet, as well as file-copying services, for
infringing copies of sound recordings
How does this read
factoring in the countersuit claim from Anderson vs Mediasentry (and friends) in
which it is claimed Mediasentry is acting as an investigator without proper
licensing in the venue of action? Can you argue that Mr. Linares knowingly (as a
result of the other case at least) presented inadmissable evidence? (this would
both exclude this witness and the Mediasentry evidence if sucessful)
Just a
thought
Jen[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 09:24 PM EDT |
Oh yeah - and one more thing - this stuff about 'packet sniffing'?
http://www.donationcoder.com/Software/Mouser/urlsnooper/
Url snooper is a neato little piece of sharware that enables you to sniff your
own packets. It uses:
http://www.winpcap.org/
to enable you to sniff your own traffic, and translate it. Why people use this
is to get links to video off sites that are blocking, or masking addresses with
java, redirects, etc. Sites that feature streaming content (like youtube).
Pop those guys a mail. Both of those appliances have active user communities.
The thing about url snooper is that it *always* lists your specific network
device. It has to, or else it won't work. You have to *have* a sniffable network
chip/card in your box/device in order for the thing to configure itself.
Detailed data - like manufacturer, firmware version - all that stuff is listed
by ths prog.
As Media sentry if they have anything even remotely similar to this.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 09:34 PM EDT |
And, thus, If definitions are important in legal circles, isn't there likely to
be a legally defining meaning of the word "piracy"?
Isn't that definition likely to involve swabbies, deck apes, navies, drinking
rum, smoking cigars, and pillaging ocean transport, rather than copying data, in
some cases perhaps against civil (or even criminal) law?
Wouldn't calling up the real definition of Piracy in court documents be at least
a little embarrassing to the lawyers and publicists employed by RIAA?
Just a thought. I noticed that definitions seem to be important in other issues
covered here on GL.
JR without my password... [ Reply to This | # ]
|
|
Authored by: bigbert on Monday, July 02 2007 @ 09:38 PM EDT |
The police observe a known criminal delivering narcotics at 123 Main street.
There are five people living at that address. Can they arrest all five without
any further evidence?
Same thing.
---
--------------------------
Surfo, ergo sum.[ Reply to This | # ]
|
|
Authored by: Steve Martin on Monday, July 02 2007 @ 09:41 PM EDT |
"2. As Vice President, Anti-Piracy Legal Affairs, I am
responsible for evaluating and contributing to online strategies for the RIAA,
including oversight of the investigations into online infringement of
copyrighted sound recordings. As such, this Declaration is based on my personal
knowledge, and if called upon to do so, I would be prepared to testify as to its
truth and accuracy."
Perhaps I missed something, not being
a lawyer and all, but didn't he already testify as to its truth and
accuracy, by affirming at the bottom "I declare under penalty of perjury under
the laws of the United States that the foregoing is true and
correct"??
(Not a major point, but it's one that caught my attention
right off the bat.)
--- "When I say something, I put my name next to
it." -- Isaac Jaffee, "Sports Night" [ Reply to This | # ]
|
|
Authored by: Steve Martin on Monday, July 02 2007 @ 09:57 PM EDT |
8. The major record companies generally have not authorized
their copyrighted sound recordings to be copied or distributed in unsecured
formats by means of P2P networks. Thus, the vast majority of the content that is
copied and distributed on P2P networks is unauthorized by the copyright owner
— that is, the distribution violates the copyright
laws.
This is a non sequitur. This presupposes that the
"vast majority of the content that is copied and distributed on P2P networks" is
in fact the record companies' "copyrighted sound recordings". There is no
foundation for this supposition. The declarant has presented no factual basis
supporting his assertion.
--- "When I say something, I
put my name next to it." -- Isaac Jaffee, "Sports Night" [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 10:08 PM EDT |
A DHCP server's log cannot for certain say that a specific MAC address was using
a certain IP. The log can certainly list assignment and renewals of IP leases
to certain MAC addresses, but all "releases" of leases are not
recorded. For example, a computer may connect to its service provider, request
an IP address via DHCP, and be granted one, which it subsequently starts using.
It may later become disconnected without telling the DHCP server that it is
releasing the lease. Another machine on the network can then (unless certain
measures are in place, like preventing a MAC address not associated with that IP
via DHCP lease from communicating over the network) use that IP with no
difficulty until the IP is reassigned. The time which an IP is reassigned may
be a CONSIDERABLE time after the lease would have expired.
Simply stated: A DHCP log does NOT identify the MAC address using the IP, with
the SOLE EXCEPTION of the DHCP Request/ACK/NAK/etc communications interchange.
The log ONLY lists the MAC addressed ASSIGNED that IP... not the one using it.
-- signed, a Computer Engineer in law school (mostly because of Groklaw)[ Reply to This | # ]
|
|
Authored by: gdeinsta on Monday, July 02 2007 @ 10:33 PM EDT |
19. The RIAA also has collected for each Defendant a list of the
files each Defendant has made available for distribution to the public. These
lists often show thousands of files, many of which are sound recording (MP3)
files that are owned by, or exclusively licensed to, Plaintiffs. Because of the
voluminous nature of the lists, and in an effort not to overburden the Court
with paper, I have not attached to this Declaration those lists. Such lists will
be made available to the Court upon request. Exhibit A to the Complaint includes
the username of the infringer if that was available, the identification number
assigned by MediaSentry for that Defendant, and the number of audio files that
were being shared by Defendant at the time that the RIAA's agent, MediaSentry,
observed the infringing activity.
So they have not
provided the judge with the contents of any of the files, not even the ones they
claim to have listened to. (CDROMS are not used by lawyers apparently.) And
they have not provided the judge with enough information to identify the
allegedly infringed works, for example copyright registration numbers. Never
mind any evidence that RIAA members own those copyrights.
Why does
this all seem so familiar? [ Reply to This | # ]
|
|
Authored by: urzumph on Monday, July 02 2007 @ 10:37 PM EDT |
Perhaps not lying per say, but very, very misleading.
Once
provided with the IP address, plus the date and time of the infringing activity,
the infringer's ISP quickly and easily can identify the computer from which the
infringement occurred (and the name and address of the subscriber that controls
that computer), sometimes within matter of minutes.
If the ISP
keeps logs, it can identify the subscriber from which the transmission
appears to originate
Anything which alters the IP address of the
traffic will change who the traffic appears to originate from. This is a very
long list, including VPNs, Routers/NAT devices (including some Wifi access
points), Proxies or anonymity systems like Tor.
The owner might not even
know they have a proxy/anonymity system in place if it was installed by a
virus/trojan. [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 10:41 PM EDT |
Even if the lease has expired the computer may still be able to communicate on
the network using that address if the DHCP server has not handed out that
address to another computer.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 10:42 PM EDT |
Ok I am feeling pissy. Go ahead and use this deconstruction.
point 9: Can this be quantified? Accurately? The data that I am aware of
shows *precisely* the opposite affect, in that music companies *gain* customers
as a result of easier access to product. There may be a perfectly valid
business reason why the media companies are losing money. Crappy product comes
to mind.
point 12: IP addresses do *NOT* need to be unique. You will see some strange
effects on responses, due to ARP (mapping of ip addresses to hardware MAC
addresses). IP addresses may be masqueraded behind a firewall/router. This
could let one of several users send packets out, with an IP address indicating
the *ROUTER* and not the end users *PC*. More to the point, if you have several
users behind the router, it is possible that any one of them may be using the
service. Even more specifically, if one of the machines behind the router has
been infected by a bot/malware system, it could be acting as a proxy for other
users, not behind the firewall, leveraging the firewall effectively as a
"cutout". Similarly for a Wifi connection. All you need is a single
laptop set up to route packets behind the router, and a point to point network,
and then you have no possible way to tell where the end user is, other than they
must be within ~50 meters of the system. Assuming that a mesh net does not
exist behind the firewall, in which case you get routing from point to point,
and significant distance. Or a TOR system, which could also convey packets from
far away, to be re-emitted through the router. Put another way, IP address
tells you of a possible end point. Not a unique computer/user. Their
supposition is incorrect. Anything built upon this (most of their efforts) are
in fact inaccurate at best. C.f. suing grannies who never owned a PC.
point 14: as IP's are not unique, one-to-one and onto mappings to users,
logging IPs is of *dubious* value at best.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 10:43 PM EDT |
A solution? Ideally, if you could use the Creative Commons License with the
standardized "digital Meta-Data or machine readable code" see
http://www.creativecommons.org - and use it for each and every copyrighted
"digital" work, then the DMCA protection of the Meta-Data code would
be good, as the DMCA then prevents a change to the Metadata part of the Creative
Commons Licensed works! Yep - The DMCA could still protect the Creative Commons
digital work (no need for DRM). The DMCA would prevent the change or removal of
this Creative Commons Metadata code...! The media content creators could then
make use of a Creative Commons License (with Meta-data tags/code) that could
then be machine readable, meaning searchable, AND the content creators could
then also use the search or filter technology to track or filter the meta-data
attached content.. IF, it were to travel on the internet as and exceed
"fair use" limits. ISPs could monitor this traffic and report the
"commercial only metadata" traffic that is above "fair use"
quota (?) to a central reporting database where the creator could then thru a
pseudonym email address (hides ISP provided email address that is real, and
forwards the email meant for the pseudonym address to the real address) notify
the INTERNET IP address of the potential for "fair use"violation. A
series of warnings could proceed the actual reporting of violations directly to
the content creator. Users would like this better than having a army of RIAA or
Movie Industry lawyers appear at the door when their kids are downloading who
knows what? Content Creators could still have financial interests protected!
Peer to Peer networks could be set up to filtering and audit guidelines, or fair
use quotas, that are enforcable by the Creative Commons Meta-Data transfer AUDIT
process (easy to do)! No DRM needed! And no user lockin to technologies that
prevent proper and legal fair use to happen with legally acquired content. DMCA
protection of DRM or encrypted content is only going to cause problems by
restricting access to fair use of content by legal users (and the ability to
move the content to a format that is usable by the users "machine" or
software of choice)! A Creative Commons Licensed Meta-data tag would never be
harmful to users and it would protect the financial interests of the creator!
View – Library of Congress's CPAN “Digital Future” series
http://www.c-span.org/congress/digitalfuture.asp
and view the the segment by Lawrence Lessig, and pay attention when at the end
when a lawyer brings up a question... in the Q&A. Lawrence Lessig has
already proposed a solution. The RIAA lawyers might not be telling their client
about this solution... as then the money they are making working for the RIAA
would dry up.
If the industry would just adopt Creative Commons, then they could have a
solution that would work nicely.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 10:44 PM EDT |
Another issue just popped into my head. If you consider what kids in college
are using these days for computers, I think you will find many of them are
laptops. We all know laptops are portable. We all know kids take their stuff
to other kids rooms and do things. So just the fact that you can identify the
internet port in some students room does not tell you which students were in the
room at the time, nor which laptop or laptops may have been connected to the
port at the time.
Kids know about routers. Unless there is some method in place at the school to
prevent it, they will take some laptops into someones room, hook them up to the
internet through a router, and have an all night LAN party. Now try and figure
out which computer did what behind the router.[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 10:46 PM EDT |
If I were defending myself in this type of action the first thing I would want
to see would be the source code for the ISP's DHCP server, login servers if any
(PPPOE, etc), and all applicable routers, especially the logging routines. Just
because an ISP says that customer X was using a specific IP address at a certain
date and time doesn't mean that it is so. [ Reply to This | # ]
|
|
Authored by: nuthead on Monday, July 02 2007 @ 10:58 PM EDT |
First, if MediaSentry is downloading the allegedly infringing material, then
THEY are engaging in copyright infringment, are they not? Second, if they have
some sort of empowerment from the RIAA to download the songs, what are their
credentials? Are they licensed to do that sort of investigation? Trained to do
it? Who verifies what they turn over? How hard would it be for MediaSentry to
lie about what they uncover? How can the RIAA prove MediaSentry didn't just
"create" or even "help" the evidence along?
Maybe attacking the chain of evidence, the training and empowerment of
MediaSentry, their methods, etc. might help out. Also, can a copyright holder
legally give permission for someone to illegally infringe on those copyrights?
And if they can, and do, would that protection extend to the other party? Is it
illegal to share copyrighted works with a party (MediaSentry) that is legally
allowed to share those files? Maybe going over the MediaSentry contract and
permissions might prove useful.
Sorry for rambling, hope this helps. ;) [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 11:15 PM EDT |
Others have pointed out that NAT allows mutiple computers to share a single IP
address. Anyone can share the IP number assigned to them by setting up a
NAT-ting router of some sort. And there is also already mention of spoofed MAC
addresses. As far as I can tell nobody has mentioned bridged networks.
Many, I'd like to say most but don't know for sure, ISPs do not assign and route
particular IP addresses to particular customers. Instead, ISPs have entire
networks from which they hand out IP numbers to customers. This is known as
bridgeing. The distinction is subtle but important.
When IP addresses are routed, the ISP is responsible for sending a customer only
those IP addresses assigned to the customer. Bridged networks work differently.
The definition of a network is, more or less, that all the packets go
everywhere in the network. (Switches have "broken" this model, but
can themselves be convinced to send packets anywhere via MAC address spoofing,
breaking into the switch, or other means beyond the scope of this note.) When
an ISP bridges, any customer can see the traffic of, and most significantly,
impersonate the traffic for, any other customer on the same network. Usually
the networks are "class C networks" consisting of 255 contiguous IP
addresses.
Thus, on a bridged network one customer can use the IP address assigned to
another. This can be either very easy or relatively complicated depending on
the equipment involved. I can't say just how easy it is in the typical case,
but it's always possible or else the network would not be bridged, it'd be
routed.
Regards,
Karl O. Pinc kop at meme com[ Reply to This | # ]
|
- Paragraph 12 - Authored by: Anonymous on Monday, July 02 2007 @ 11:17 PM EDT
|
Authored by: mobrien_12 on Monday, July 02 2007 @ 11:15 PM EDT |
"A search can be as simple as logging onto a P2P network and examining what
files are being offered to others logged onto the network."
They need to be called on this.
The RIAA and MPAA have been known to send faulty DMCA takedown notices from
their bots. Essentially, they find a file with a name somewhat similar to
something they own a copyright on, and have their bots send a takedown notice,
without checking exactly what the content was.
I would suggest asking the MPAA how many times they have sent faulty takedown
notices, and exactly what steps they take to make sure they have a legitimate
claim on these "files." [ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 11:17 PM EDT |
You know, it would be trivial to set up a courtroom demonstration of the flaws
here. In the courtroom, take a simple, of the shelf, consumer router. Wireless
would be better, but not strictly needed for this demonstration. Two computers
(you can't tell me there aren't two suitable computers in a courtroom!).
Connect the two computers to the router, connect the router to the internet, and
have mediasentry prove which computer is the one sharing. You wouldn't
necessarily need a real internet connection, though you'd need at least two
routers.
An alternative approach, though probably best used if the defendants are
actually using the "anonymous hacker" defense would be to set up the
router and have another computer outside the courtroom breach the security to
demonstrate how easy it really is. this would not require internet connection
or mediasentry's participation, which may be difficult to get.
I'm sure there would be no shortage of qualified volunteers to run such a
demonstration in any given area; this demonstration could reduce the impact of
the assertions by proving that while they "may" be true, as Obi-Wan
Kenobi says "from a certain point of view" (hey, maybe that's SCO's
problem.."we're not lying, exactly your honor, we just need you to see
things from our point of view...")... sorry I digress.... while the
assertions "may" be true from a certain point of view, they are not
all necessarily universally true (this has been pointed out and commented upon
previously so I won't further restate those here.)
The fundamental point would be to prove a plausible alternative that an average
person with no particular technical expertise could put together. From there,
you could springboard to the more technical, deliberate hack types of things
that people who wish to remain anonymous employ, the "IP Spoofing" and
such that are possible without a degree in computer science. A demonstration of
this could also be set up, but would be more difficult in a courtroom.
There's also more advanced techniques that could be employed , techniques that
could even fool the ISP logs, for example, but those begin to get to the realm
of requiring specialized training or tools not generally available, which tends
to make them a lot less plausible to the average person. I think the idea hear
should be to make it obvious that it isn't difficult to fool or confuse
medisentry's system.
m2cw[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 11:18 PM EDT |
This is all moot if I'm wrong about the MAC address always being contained
within the sent packet transmission. If I am wrong, please correct me.
It is my understanding that the law usually requires "best evidence" -
I am not a lawyer. And I am going to assume that these people ARE distributing
copyrighted music illegally.
It just seems to me that if the RIAA wants to PROVE that a particular computer
is sharing these files they say they downloaded, wouldn't best evidence require
a sniffer trace?
The reason I say this - isn't the MAC address of the network card the computer
is using at the time of the infringement located within every transmitted IP
packet? This would be a hell-of-a-lot more reliable than the hit and miss of
using an IP address. Granted, you need to identify the IP address of the
infringer in order to identify the possible infringer. But without the MAC
address of the network card to tie to the IP address in the transmission the
data is useless.
To put it in Star Trek terms - even an encoded Starfleet message is no good
unless a Starfleet ID is included in the background of the transmission.
Only junior level technicians can say that directory listings tied to IP
addresses are sufficient proof of infringement. I've never seen the RIAA attempt
to use logs off of the captured computer hard drive to prove that the infringing
computer actually had that IP address at the infringing time. And I've never
seen them attempt to link the MAC address to an identification of the offending
computer.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 11:36 PM EDT |
"Two computers cannot effectively function if they are connected to the
Internet with the same IP address at the same time."
The flaw in this statement can be easily explained by the telephone analogy that
follows it in the next sentence of the declaration:
"This is analogous to the telephone system where each location has a unique
number. For example, in a particular home, there may be three or four different
telephones, but only one call can be placed at a time to or from that
home."
A business PBX can receive many calls to one main business number and route each
to a different extension telephone. There can be many calls going on
simultaneously, all under the one business central phone number. Yes, it is true
that a business phone system can be set up to give everyone their own direct
dial number. Computer networks at a site can be set up like that, each computer
having its own externally visible uniqe ip address. But it is also possible for
phone extensions to be internal only, and NAT causes a similar setup for
computers in which they have local private ip addresses and all of them share
one public external ip address on the Internet.
One big difference between telephone PBXs and computer networks is that setting
something like that up for computers requires only a small inexpensive
router/firewall box or WiFi access point which is commonly used when people at a
residence want to share a single ISP account amongst several computers. That is
similar to the analogy with three or four phones in a home, except, in flat
contradiction to the above statement in the declaration, more than one
"call" can be placed to and from that home.
The important point here is that the IP address does not identify which computer
was being used or who was using the computer, and does not indicate whether
there were multiple computers sharing that IP address at different points in
time.
I don't know if this would help or hurt the defendant's case, but the
information that they want to subpoena could point to one person or could point
to multiple people, and the RIAA could not know which until they identified what
account the ip address is associated with and found out just who used that
account on what computers, including the possibility of visitors and hacked
machines taken over by outsiders. Are they able to get such a subpoena on the
possibility that it might get them useful evidence, even though it might only
bring in innocent people?
[ Reply to This | # ]
|
|
Authored by: Anonymous on Monday, July 02 2007 @ 11:44 PM EDT |
Alternate logic, but flawed in some cases:
1) My music collection is stored on a stack of CD.
2) I live in a dorm on a college campus.
3) We have a very honest and trustworthy group of people living in this dorm,
well, to the extent that anyone not returning some thing that was borrowed
excludes themselves form any social life in the dorm. (perhaps a childless
future, also)
4) The CD's are borrow and returned. Some people like my taste in music, others
have a limited acceptance, the rest think I've waste of media.
5) How would RIAA know whether the music a computer came from a download, or
from a CD?
5a) do they have a court order for the wire tap?
6) [kicking a dead horse] none of the members of RIAA went to college, they
never borrowed anyone else's music collection, they never made copies of any of
the music they borrowed.
-wb-[ Reply to This | # ]
|
|
Authored by: WCTU on Tuesday, July 03 2007 @ 12:41 AM EDT |
From reading Groklaw for some time, I seriously doubt that this 'document' could
be taken as anything more than one man's opinion. And that opinion seems to
consist, mostly, of the idea that he sees the conditions for infringement
present, so there must be infringement. He just needs a warrant to examine the
contents of everyone's computer/home/whathaveyou to make sure he gets the right
people.
My only technical criticism of this is the IP address explanation, which may
have been somewhat true 10 years ago but today, with home and small office
networks common (what I do for a living), pinpointing a specific computer and a
specific person would be very hard indeed.
What the RIAA is doing is hoping the courts will grant them a fishing license so
they can find someone, anyone, who might have a copyrighted work with no other
way to prove they came to have it legally.
Paragraph #6:
How many of the files transferred are actually copyrighted works? What
information is this based on? Does anyone/anything have the ability to know
whether a file is a copyrighted work as it is being transferred? From personal
experience, I know that BitTorrent is a system that can be used to download
legitimate files, which is how I use it (Linux Distros).
The internet facilitates the exchange of files; should this be banned? How is
the figure "At any given moment, millions of people..." arrived at?
Paragraph #8:
How do they know what is being transferred over P2P networks? Again, is there a
study or some data somewhere that gives a breakdown on what is being transferred
via P2P networks? What is the "...vast majority.."?
Paragraph #9:
Has the scope of P2P networks or the number of files they transfer ever been
accurately estimated? Same for revenue. Where are the figures and how were they
arrived at?
Paragraph #10:
How do they know they are observing infringment? How do they know that a
particular stream of packets going from one IP to another is a copyrighted work
that they own being transferred illegally? If I see you walk out of Sears with
a pairs of pants, does that mean I've witnessed a theft? How would I know this?
I hate plastic bags and often refuse them, so I would be seen walking out the
door with a pair of pants. But I have paid and have the receipt in my pocket.
How does anyone know by only observing the internet traffic that a crime is
being committed?
Paragraph #11
They can identify illegally offered works just by viewing a list? How do they
know that the file "Blue Xmas" by Porky Pig is actually that
copyrighted work and that it is offered illegally?
Paragraph #12
The computer I'm using right now has the IP 192.168.10.10. Since 192.168.xxx.xxx
is a commonly used private network IP range, I'd hazard a guess that there are a
lot of computers on the internet at any given time that have the identical IP.
The IP address explanation is poor at best. Is the man certified in any
discipline? Even A+?
Paragraph #13
How does MediaSentry detect actual infirngment?
Paragraph #14
MediaSentry downloaded a file, so they have used the P2P network and they can
examine that file and tell if it is a copyrighted work or not. How do they tell
if the traffic from that site to another IP address is also transferring
copyrighted work?
Paragraph #20
Is this a supposition or a fact or what, and how is it backed up?
Paragraph #21
Where is the data/study that shows economic damage? Does anyone KNOW what the
damage is, per song or per 'infringer'? Sears can show, thru tracking
inventory, damage and sales data, a fairly accurate financial picture as it
relates to shoplifting. Where are the RIAA figures and how were they compiled?
Paragraph #22
If pants are missing from the Levi factory, does it make any sense to target
everyone who sells Levi's? Should the police investigate at the factory or
should they stop anyone wearing jeans and make them prove they got them
legally?
Paragraph #23
It would also seem that they had no way of knowing that a crime had been
committed; that the only way to find out would be to search their belongings
prior to charging them. Seems to be a bit backward to me, given our justice
system.
Tom
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 12:51 AM EDT |
If the case isn't made that they are sharing the files with each other, then
there truly isn't a relationship between the defendants and the cases should be
separated.
Also, any expert that claims you can identify a person via IP address is not an
expert.
The IP address could be:
1) A router
2) A proxy
3) Shared machine.
4) Any combination of the above.
The actual source of a message could also be from a wireless connection making
the identification of the source even tougher.
For example, I and my family have over 12 machines connected via a proxy to the
internet. At best you could tell a message passed through my house. I also
have 3 wireless hubs that in theory would allow a 3rd party to access the
internet.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 01:38 AM EDT |
I put the same thing on Slashdot, with a couple of naughtier words I censored
for PJ (sorry if I missed any! the MAFIAA upsets me) but I'm worried it might
be buried since I'm posting anonymously there due to MediaSentry DoSing my
connection because they think I'm sharing a file I'm not just because I clicked
a torrent I didn't want and deleted it before downloading a single byte.
==========
9) "Can't be underestimated"? It can certainly be OVERestimated.
11) MediaSentry, or SafeNet as they call themselves now, uses customized
clients. Even if they use the same features of the client or protocol, they've
clearly been tampered with in at least the case of BitTorrent where they appear
to use modified versions of Azerus and LibTorrent, both open source. I know
that others have looked into this and said that, for BitTorrent, you see ratio
hackers (people who have "uploaded" far more data than is even
possible) often sitting at 0%. They also spam the heck out of your connection,
even if it's disconnected or you block them if your IP was ever once seen by
them. They like to send batches of 10 connections in a single second, which is
highly unnatural. This may well be part of a Denial of Service attack. They
will NOT desist, even if blocked at the firewall and even if the connection is
down for a long time. In DHCP situations, it is hard to believe they never end
up attacking innocent people, although the connections won't do much harm unless
there's a BitTorrent client to process them. They send the batches of
connections every 30 minutes to 1 hour randomly according to my logs. I wish I
knew more, but I don't have any idea how to capture and analyze whatever data
they're sending me, I just block it. In any event, absolutely no normal BT
clients do that, so it's pretty clearly nefarious and almost certainly intended
as a DoS attack. The irony is, I think I know what started their attack and I'm
not even a member of the BT swarm they want nor did I download what they're
trying to protect.
12) IPs are NOT unique. Look up NAT (Network Address Translation). Yeah, it
can lead them back to an ISP who probably has records, but just how good are
those? It's not like they establish any kind of chain of evidence. And the
part about "two computers cannot effectively function"? That is
COMPLETELY wrong! At work we have hundreds of computers on private subnets by
plant, each one has a unique private IP in the private subnet, but if you look
at us from the outside, all connections to the internet are through a single
routable IP (not many are allowed internet access, mind you). That single IP is
the ONLY thing they'd see from the outside unless the protocol embedded my
non-routable IP (192.168.x.x) for some reason. Not that it'd do the least bit
of good, because you can't route anything to it. Our gateway knows that IP, but
there's no reason for anyone outside the WAN to care about it. Similarly,
pretty much all WAPs (Wireless Access Points) do a similar thing. You get a
private non-routable IP and the device itself has a routable IP from your ISP.
Then many people can connect to the WAP and everyone appears to share the same
non-routable IP. Yes, two computers on the *same* network cannot share an IP,
but just how many 192.168.1.1s do you think are out there? The private ranges
are VERY widely used, ESPECIALLY for anyone with a WAP. Around here, the cable
company sells Linsys wireless routers to pretty much everyone who gets cable
access and I can see almost 20 networks likely using the exact same setup.
Also, they claim that the organization the IP is assigned to can trace it back
to a single user. This is almost invariably false. They can give you the
*subscriber* who pays them for the account. They almost never have evidence of
which *person* was in control of that PC, let alone which *PC* was actually
connected to them when it goes through NAT or any kind of gateway like the WAPs
I discussed before. That's not at all a trivial distinction, they're trying to
pull the wool over people's eyes with that one.
13) Yeah, they can get IPs, I understand that. But especially on networks like
Kazaa, I've heard many reports of "noise" killing DSL lines. That is,
when the DHCP lease renews, they get the IP of someone who used to be sharing
files, and they get lots of requests for those files even if they're not running
any file sharing program at all. When the DHCP is renewed, the application
probably doesn't know it happened at all (or doesn't care), so the old IP is in
the peer lists, etc. Just because the application says that IP is (or was)
sharing files is no reason to believe it. In addition, I'm of the understanding
that they use hacked clients which may well misinterpret or misrepresent the
network traffic. Unless you can identify specific files or pieces of a file
that you got from one IP exclusively, I'm not really convinced. And even then,
the source of the program used should be audited. It's probably some giant
multi-threadded application given the scale on which they operate, and those are
VERY non-trivial programs which could very easily present corrupt data even by
accident. Sure, maybe they did everything right, but they should have to prove
that. Especially when the networks they connect to are anything but infallible
given the numerous reports of "noise" I've heard. I mean, when there
are enough requests to *kill* someone's DSL for a while and enough reports of
that, it doesn't appear to be uncommon.
14) That's nice, but they need to ensure that the files are gotten from single
sources, or that bits can be authenticated against a known file that's
copyrighted by them. After all, I remember the story of an usher.mp3 that was
Prof. Usher's lecture, not a song by a musician of the same name. Also, I have
questions about their incomplete production of files in a few cases. That gives
me the feeling that their operation is sloppy. And does that mean that those
files were the *actual* ones they downloaded, or did they find an identical copy
from elsewhere? Sure, it's the same file, but the file isn't the real evidence,
because thousands of people have the same damn file. The *evidence* is that
they downloaded it from such-and-such an IP. Anyone could look up the file
hashes they list in evidence and provide a complete list of the files assuming
anyone is still sharing them, even after the fact.
15) Painstaking!? Hah! "Yup, those look like copyrighted files, let's
listen to a couple, then send a letter to the ISP!" I can't imagine
anything more thorough than that going on given the poor cases they've taken to
trial elsewhere. Also, they claim to identify "individuals" but
they're really establishing that the *IPs of certain computers* allegedly
transmitted copyrighted materials without authorization because they don't get
any information about "individuals" until after the John Doe suits.
16) MOST IPs are dynamic. Yeah, in a FEW cases you have a static IP, but those
are far and away in the minority (they cost extra, if your ISP even offers
them... just price DSL sometime, and good luck getting them on cable at all...
sure, you MIGHT keep getting the same IP a lot from your DHCP server, but that
doesn't make it static). I note that they fail to mention how they violate FRCP
45 by joining many unrelated cases, or the fact that they've been ordered not to
do so again. IANAL, but I wouldn't miss this golden opportunity to dispute that
they follow FRCP in my answer. Also, they claim the ISPs do this "quickly
and easily" but this can be turned against them. The ISPs are simply
handing over a subscriber name associated with that IP and timestamp, not
verifying anything whatsoever (such as their clocks being correct, synchronized,
or whether they've got the correct timezone, have DST set properly and properly
PATCHED with the recent change, etc.). For billing purposes, they only really
care who was connected for how long. I doubt they take great pains to make sure
it's accurate for anything beyond that. Also, the ISP can't even identify the
computer in the case of NAT, WAPs, etc. See response to 12.
17) Errr, I thought they used only a FEW subpoenas against thousands of people
by improperly joining the cases into single causes of action that they later
drop and persue independently. Why no, I'm not going to quit mentioning that.
I'd love to wave those Texas santions in front of their nose. Continually.
Even if they don't matter legally in this case, I would very much like to rub
their noses in it. Does it hurt to let the judge know that the other lawyers
are slimeballs and that you can prove it? I find it interesting how they
mention that Verizon conceeded that this. Did they really? Or did they think
that you could file individual Doe suits? Because while IANAL, I have yet to
hear of any legal authority upon which they can join unrelated cases in a cause
of action they never intend to carry past discovery.
18) How much is a "representative sample"? And how do they
distinguish these files from the fakes they hire MediaSentry to pollute the
networks with? Especially when some of their own fakes are supposed to be
things like the first few minutes of the song, followed by horrible noises,
swearing at the listener, etc.? They should be required to produce the copies
actually downloaded from the ISP in question. No substitutions accepted
whatsoever.
20) How is it critical? Because money cures any injury, why does it have to be
sooner rather than later? What's the rush?
21) Further dissemination means further damages means more money they can
collect. I mean, they can get thousands of dollars per song from litigation and
what? A buck or two from iTunes? Twenty bucks from a CD? Well, that's retail,
even they don't make that much from those.
22) And such infringements are in the minority I should think.
23) Well, they can't have non-expedited discovery? They can't allow any
challenges? Where's the fire? The cases aren't going anywhere.
24) This is hardly relevant. Once an ISP is served, they have a duty to
preserve the evidence. Just what ISP is going to go delete the data and what on
earth would they tell the court if they did? "Oops! Sorry, we deleted all
the logs that showed me, err, someone downloading stuff!"?
Well, maybe he believes all that crap to be correct, but I don't think so. I
think he's full of it, personally![ Reply to This | # ]
|
|
Authored by: grokker59 on Tuesday, July 03 2007 @ 01:55 AM EDT |
I'll try to post more tomorrow, but the declaration if made under oath can be
impuned from just the first 10 paragraphs. There are so many factual errors
stated by the declarant as 'first-hand facts' that if the first 10 paragraphs
were picked apart, the rest of the document would be be in serious doubt before
the technical analysis even begins.
For example, the statement that "most P2P sites transfer copyrighted
material is accurate in-and-of itself. ALL material is copyrighted by SOMEONE -
open source software, images, lectures, PDF documents, etc. This does not make
that material illegal.
"3. The RIAA is a not-for-profit trade organization whose member record
companies create, manufacture, and/or distribute approximately ninety percent of
all legitimate sound recordings produced and sold in United States. The RIAA's
member record companies comprise the most vibrant national music industry in the
world. A critical part of the RIAA's mission is to assist its member companies
in protecting their intellectual property in the United States and in fighting
against online and other forms of piracy. All of the Plaintiffs in this action
are members of the RIAA."
For example, is this person a legal expert that can testify as to the source of
his numbers and estimates for the '90%' of 'legitimate' sound recordings
produced and sold in the US ? If so, what is the percentage of 'sound
recordings' contained in motion pictures ? 'concert recordings ?' radio/tv
shows that are re-sold as next-day downloads ? Pay-per-view ?
"4. As part of that process, the RIAA, on behalf of its members, retains a
variety of services from outside vendors to assist with its investigation of the
unauthorized reproduction and distribution of copyrighted sound recordings
online."
This sounds like an admission to the RICO charges that the RIAA is actually a
'front' for the recording industry and is using a common pool of lawyers and is
making a business of these lawsuits. I say that poorly, but check the RICO
counter-claims of Ms Anderson?? that have been in the news.
para 5: Most of it is technically true and is background boilerplate with this
one exception:
"Unfortunately, the Internet also has afforded opportunities for the
wide-scale piracy of copyrighted sound recordings and musical
compositions." 1. Opportunities do not equal facts. Again what are the
qualifications of this 'expert' witness ? If the RIAA is suing for ANY and ALL
sound recording, we should find they own the copyrights - not the labels. If
they do not own the copyrights as a seperate non-profit organization, do they
have standing to sue ?
para 6 is nothing more than supposition, bald statements and wishful thinking.
There are no facts here, and he is pre-supposing the facts that he has to prove
in this case. There is no evidence of support for most of the statements in
this paragraph - especially "At any given moment, millions of people
illegally use online media distribution systems to upload or download
copyrighted material.". In fact, it's probably this statement that this
entire case hinges on - the desired perception that there exist millions of
'pirates'. But look at the statement closer: "online media distribution
systems" could mean itunes or any on-line music store. "Illegally
use" could mean 'to use for illegal purpose' or 'to use illegally'. Is he
saying that the services like itunes are being used illegally ? Again - all
material on the internet is copyrighted - check copyright law and the Berne
convention.
paragraph 7 is correct. There is nothing wrong or illegal with what P2P
networks do. I see nothing wrong with using P2P neworks to download audio
recordings - say the GPLv3 speech by Ebon Moglen recently - or any audio
transcript of any court transcript or a speech or lecture by a prominent
politician that took place somewhere else.
paragraph 8: "8. The major record companies generally have not authorized
their copyrighted sound recordings to be copied or distributed in unsecured
formats by means of P2P networks." ==> and his point is ???... Perhaps
the major record companies should not distribute their sound recordings outside
the walls of their buildings... Other people HAVE authorized their 'sound
recordings' to be distributed via P2P even if the major record labels have not.
This could be phrased as a 'free speech' vs 'censorship' issue over the use of
P2P as a form of communication dialogue.
"Thus, the vast majority of the content that is copied and distributed on
P2P networks is unauthorized the copyright owner -- that is, the distribution
violates the copyright laws." ==> A conclusion totally without
supporting evidence or any other factual backing.
paragraph 9: "9. The scope of online piracy of copyrighted works cannot be
underestimated." ==> but it CAN be over-estimated !
"The RIAA member companies lose significant revenues on an annual basis due
to the millions of unauthorized downloads and uploads of well-known recordings
that are distributed on P2P networks by infringers who, in virtually all cases,
have the ability to maintain their anonymity to all but the Internet Service
Provider ("ISP") they use to supply them with access to the
Internet." ==> several conclusions not proven: 1. the loss of revenues
has never been shown to be due to piracy. That is simply the RIAA's assumption.
Another explanation for falling sales is over-priced albums, poor product
offerings, DRM that prevents consumers from effectively enjoying the music they
do purchase or that destroys (or renders useless) the music that is purchased,
thereby discouraging new purchases of DRM-infected content.
Clearly, given the RIAA's inability to PROVE the user@keyboard relationship for
file-sharing in past cases, even the ISPs cannot tell who is doing the file
sharing (or even whether it's 'legal' filesharing) - remember Professor Usher
that was the target of an RIAA case (mixed up with the group 'Usher') - remember
the deceased computer users sued by the RIAA - those that don't even own a
computer ? Another issue is that Plaintiffs have so polluted the file-sharing
content that they may well be watching their own pollutants being downloaded
instead of a true copyright infringement. The act of injecting the pollutants
into the P2P networks constitutes their release of the pollutant files to be
downloaded by others. Which are 'legal' pollutants and which files are
'illegal' downloads ? I don't think it's possible to tell anymore by filename
alone.
paragraph 10: "10. The persons who commit infringements by using the P2P
networks are, by and large, anonymous to Plaintiffs." ==> It's called
'privacy' - get over it.
"A person who logs on to a P2P network is free to use any alias (or
computer name) whatsoever, without revealing his or her true identity to other
users." ==> This concept is called 'privacy' - get over it.
"Thus, Plaintiffs can observe the infringement occurring on the Internet,
but do not know the true names or mailing addresses of those individuals who are
committing the infringement." ==> Plaintiffs are not 'observing the
infringement occurring on the Internet'. At best they are retroactively
searching for evidence that a file of a given name MIGHT have once lived on a
particular victim's hard disk. Their forensics is usually questionable, they
have a habit of accusing the wrong people, and if they are monitoring the
transactions between two arbitrary computers, they need a warrant for this
obvious 'digital wiretap' operation they've got going. If it's not legal for
the President of the US to authorize illegal wiretaps, where does the RIAA get
its authority to do so ?
[ Reply to This | # ]
|
|
Authored by: richardpitt on Tuesday, July 03 2007 @ 02:28 AM EDT |
IP addresses are unique!?
Set up a demonstration:
1 DHCP server
2 firewall NAT routers (identical, out of the box)
2 PCs - one behind each firewall/router
start the systems
ask the operator of each PC to identify their IP address
PC-1 "192,168.1.100 your honor"
PC-2 "192.168.1.100 your honor"
hmmm... seems that they're the same
Prosecution: "objection your honor - the routers each have different IP
addresses"
Defense council "Yes your honor, maybe they do - but they are not PCs and
are not themselves sharing files - there can be over 150 different PCs 'behind'
each router before their default tables run out of individual local IPs so there
is no definitive public IP address for any of them - they share the single
one.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 02:37 AM EDT |
BT was originally designed and created to facilitate speedy transfer of large
Linux distros. To simply dismiss it as attempting to fill the napster void of
illegality, is misleading. It had entirely a different purpose.
Just because I drive a car does not make me a DUI killer of families of 5. [ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 03:39 AM EDT |
Ok. Let's suppose that the relevant network works like Stanford's network,
which assigns fixed IP addresses on a per-computer basis. (That's pretty much
the best possible situation for the plaintiffs to have a point, I think.)
First off, there's no enforcement of whether a computer is using the IP address
that's been assigned to it. For instance, there were several times when I
wanted to hook up a computer to the network that didn't have an account. So,
what I did was tell it to use the IP address of a computer that was currently
turned off. Not a problem.
And, if that other computer got turned on -- still not a problem for me, but
they'd have some (probably inexplicable) problems connecting to the network
until I turned my computer off. This is why I always used IP addresses that
belonged to computers I knew weren't in use, but there's no reason one would
have to.
Ok, so that's the IP address. What about a MAC address? Well ... so I used to
use VMWare to run a virtual machine, on this network, too. In the config file
for that virtual machine is a line where one specifies the MAC address for its
virtual ethernet adaptor. You can set it to whatever you want -- it's just a
line in a plain text file. The way I had my computer set up back when I was
doing this (four or five years ago, but I'm sure it's still possible), that
acted just like an ethernet adaptor directly on the network. I got a second
account for my virtual computer, and it was quite happy to automatically pull
down its IP address off the DHCP server. (A DHCP server is a server on the
network that supplies IP addresses to computers based on their MAC address --
typically, a computer these days isn't set up to know its own IP address, but to
ask the local DHCP server for it; this makes changing the IP address a lot
easier.)
Anyhow, so there's a pretty trivial little hack here, which I'll sketch out as a
proof of concept. Suppose I don't like Bob. And suppose I know Bob turns his
computer off at night. I can poke at his computer (or various local records,
probably) and find out his MAC address. Then I set up a VMWare virtual machine,
and set it to connect directly to the local network, with the MAC address on the
virtual adaptor set to the same as Bob's MAC address.
So, I turn this virtual machine on, late at night. The local DHCP server thinks
it's Bob's machine, because of the MAC address, and sends it Bob's IP address.
As far as the local network is concerned -- and, in particular, as far as any
logging on that network is concerned -- this is Bob's computer. If I were to
run some file-sharing software on it and be really blatant about it ... well,
Bob would get blamed for that, now wouldn't he?
(And this is not even getting into what might happen if someone sets up wireless
network-sharing off their computer and leaves it unsecured, or secures it but
someone finds the password....)
- Brooks
[ Reply to This | # ]
|
|
Authored by: el cojo on Tuesday, July 03 2007 @ 04:00 AM EDT |
IANAL so I hope that malice is the right word.
(PJ may correct me and insert the correct one)
Mr. Carlos Linares makes the implicit assumption that the user offering and/or
downloading copyrighted music is in fact the temporary assignee of a certain
IP.
As we see in the other comments this is false.
Here just 3 possible scenarios.
1. The computer using the IP listed by Media Sentry is infected by malware.
Lots of computers running MS Windows are infected with Trojans etc.
Just look at the websites of anti-virus software vendors.
It even went around the world an was in every newspaper, when a russian group
started a DDOS (distributed denial of service) attack against a whole country
(Estonia if I remember correctly) with thousands of computers around the world
that were controlled by trojans, nearly paralyzing all computer networks in the
country.
Mr. Linares has to know about it.
2. The administrator of the computer gave another person an account.
Very simple. And this person with an account does not need to be in the room
or even near the computer. He could connect through the net very easily using
telnet (ouch!!) or ssh and being physically present in Sydney, Australia or
wherever on the world.
I am sure that Mr. Linares knows this.
3. Wireless Networks
Very common at university, where students take their laptops to class or for
working
with others, but have a desktop in their room (typing multi-page homeworks or
papers
on a laptop keyboard is a pain in the ***).
Just to show that it is not easy to secure a WiFi for non experts:
When c't (the best german computer magazine) wanted to test some wireless
equipment,
they were completely surprised when they found out that they were able to browse
all the
data from the medical university across the street.
So if professional network admins make this sort of blunders, what can you
expect
of a, say, sociology student?
Also I personally know people who use other peoples internet connection just by
walking around
in the city with a laptop and a WiFi card. The seldom need more than 15 minutes
to connect.
Mr. Linares should know this.
I'm sure there are more methods of gaining access to a computers IP than the 3 I
mention.
But back to Mr. Linares.
He is Vice-President Anti-Piracy, and if we believe what he writes, quite savvy
in computer things.
So either he is a complete incompetent, or he knows about all this.
He is also a lawyer, so he knows exactly what perjury is. So if he knows that
he does not know
enough about computer networks, he should not write such a declaration himself,
but leave that to a
network expert.
Conclusion :
Mr. Linares is lying, or at least willfully misrepresenting the truth for purely
commercial reasons,
namely obtaining some money from people which may not have infringed anyones
copyright.
If I make a correct interpretation of PJs article on Slander of Title, this is
called malice.
(IANAL).
IMHO this should have legal consequences for Mr. Linares (but it probably won't,
he is a lawyer
and knows how far he can go with his lying/misrepresenting. A pity.)
[ Reply to This | # ]
|
|
Authored by: EireannX on Tuesday, July 03 2007 @ 04:27 AM EDT |
Many of the comments above have reflected on how you cannot uniquely identify a
device by IP address. In most cases they make the point that the best you can
hope to do is uniquely identify a network. This is not true either.
In the ISP environments I have worked in, traffic accounting is performed at the
border of the network. This means that you can identify in the records when
traffic enters and exits the ISP network, but not uniquely where it goes once
inside the cloud.
This is important, because from here there is an assumption that because it
arrived at the ISP it ended up reaching the end user's network, and there is no
information being gathered that could disprove this.
Now there are two tools I have used to diagnose user faults. One is when a user
cannot log in. I can bend the tail circuit going to his ADSL router onto an ATM
interface in my test network and configure it with their paramaters to ensure
that it does log in and get the correct IP address. Apart from my knowledge of
the test I performed there is no real evidence of my action. The radius server
will show that the user re-authenticated, but it doesn't show that the device
which logged in changed in any way. Even if the technology is not ADSL, most
technologies would provide methods which would produce the ability to locally
terminate user sessions.
The second tool I used was an address translation. If a user complained that a
particular protocol was not working for them, I could isolate just that protocol
on their IP address and terminate it yet again on another device on the network
to ensure that it wasn't a routing or filtering issue.
Now while I would use both of these tools with the knowledge and permission of a
customer, there really wasn't anything other than my own ethics preventing me
from hijacking an IP address on the network at random and using it for whatever
purposes I chose. The only way it could have been caught was 'in the act' by
looking at the actual network configurations.
While the first tool above would have disconnected the user, the second tool
would have been completely transparent, unless they were trying to use that
protocol on their IP address during the time it was redirected to a separate
device. The only other clue would have been a higher than normal usage level if
the customer had metered billing, but even then billing records would never have
pointed out the culprit, they don't generally capture the correct data.
Now to some extent this is all conjecture, because on the networks I worked on
this is all possible. It may turn out that on the upstream ISP and carrier
networks they have more sophisticated tracking tools in place so that such
redirection of traffic is not possible.[ Reply to This | # ]
|
|
Authored by: billwww on Tuesday, July 03 2007 @ 06:26 AM EDT |
In a legal case, won't an acknowledged expert in the field have to be deposed
and/or appear as a witness at the trial? Simply avering that 400 relatively
anonymous Groklaw-ers believe there are factual errors in an RIAA statement
won't cut it in court.
billwww (formerly addicted to logic)[ Reply to This | # ]
|
|
Authored by: mtew on Tuesday, July 03 2007 @ 06:27 AM EDT |
3. Where did that 90% figure come from?
6. 'so-called'? They are 'online' - that is connected to the internet. The
work with a number of different information formats - that is 'media' (plural).
They facilitate the transfer of information - that is they perform a
'distribution' of the information. The parts are designed to work togeather -
that is it is a system. The term is an accurate description of these
facalities. The use of 'so-called' implies that the term is somehow
misleading. If he thinks the description is inappropriate, he should be asked
to explain how.
Napster is ancient history. They got very throughly and (probably) properly
punished for their conduct. While the other programs mentioned have a similar
technical function, evidence should be provided that they are, in fact - not
just in his opinion, doing the reprehensible things that Napster did. There are
reasonable and legal uses for at least some, if not all, of the programs
mentioned. IIRC this has been demonstrated in court.
Where did the 'millions' come from? Have there been millions of convictions?
While I am not an expert on this, I suspect any such massive amount of proven
offensive behavior would have been mentioned in common news sources quite
prominantly.
7. 'Download' - jargon - it is just another word for 'transfer'. And since
when is searching for somthing bad?
8. The 'major' record companies are NOT the only source of music. So what if
they have not authorized the transfers. They are trying to pretend that they
own it all. They don't.
9. There is no right to revenue. They have to earn it. This is the buggy-whip
manufacturers argument. Support for the 'virtually all' opinion?
'can not be under-estimated'? Sorry, but that is patently false. An estimate
of zero would almost certainly be too low. The problem is their over-estimates.
Weasel words.
10. So they want to ignore the requirement that they have to prove someone
guilty? If you believe this, you would expect that there would be no way to
identify the 'culprits' and there would be practically no cases in the courts.
There are good reasons for not plastering your name all over the place. Since
they use 'Public Relations' to increase their sales, they may not be able to
understand this.
11. The quality of 'Media Sentry's results have been called into question and
they have not answered those questions satisfactorily. Has this guy actually
observed one of their operations? Is he qualified to judge the accuracy of the
'Media Sentry' results?
12. His understanding is faulty. Routers often provide Network Address
Translation (NAT) services. That service changes the effective IP address of
the network device. Many network devices on internal networks are assigned IP
addresses in the reserve address ranges. As long as there is no direct
connection between the internal networks, this does not cause problems. Routers
routinely map these reserved addresses to different addresses for internet
communication.
He is ignoring the fact that heavily loaded ISPs will assign IP addresses to
network devices for a period of time and later assign that same IP address to
some other network device. You have to know both the IP address being used and
the time. In a matter of a minute or less, an IP address can switch from one
network device to another one hundreds of miles away. One of the most serious
flaws in the techniques used by 'Media Sentry' in the (third hand) reports that
I have seen is there failure to provide tracable event times. The accuracy of
there reports are therefor in question. They have also failed to establish the
accuracy of the records they have demanded from the ISPs. Without sufficent and
documentable accuracy, their records would be practicaly useless because they
might be incorrect with no way to check on there validity.
The telephone and Area Code analogy is bogus. A major advantage of the Internet
design is that the same hardware can be used virtually simultaniously to
establish multiple connections.
While the mapping from a network device address to an IP address has to be kept
for the duration of the network device's connection, there is no compelling
business reason to retain this information beyond that interval. The necessary
records are only the entity to be billed and the amount of service used so that
the amount of the bill can be justified. Unless the coustomer has paid for a
stable IP address, there is no business need to keep the IP assignment
information.
13. IIRC 'Media Sentry's ability to perform the identifiaction service has been
called into serious question. To judge how well they do this task, their 'false
positive' error rate is needed.
14. They are assuming that the identification of the individual is not in
question. The contents of the meta data is not likely to include information
from the log files. The log files do usually contain extracts of the metadata.
From the data gathered it is probably possible to show that someone is
infringing a particular copyright, but establishing who that someone is
reliably, has not been demonstrated.
15. One of the important characteristics of digital data is that its integrety
is regenerated when it is transfered. Simply listening to the music is one of
the less accurate ways to compare different digital recordings. This can cause
problems when the RIAA holds a copyright on a particular performance but does
not hold a copyright on a similar but different performance.
16. This conflicts with his reasoning in (12) and (14).
17. Does Verizon's opinion have any weight with respect to anything but
Verizon?
18. See (15) and (12). He said 'Media Sentry' recorded the times. Hearsay?
People do not have IP addresses. Network devices do.
"The RIAA could not, however, determine the physical location of the users
or their identities." That just about kills their whole case...
19. They have not established that the 'defendants' are the infringers. The
'Media Sentry' identification numbers and, in themselvs, show nothing.
20-23. INaL - no comment.
24. How old is the evidence? 8-9 weeks at a minimum. Check with Boston
University - their request may well be moot.
---
MTEW[ Reply to This | # ]
|
|
Authored by: erikm on Tuesday, July 03 2007 @ 06:35 AM EDT |
I don't know if you're familiar with it, but the
Witness statement of Henk Sips and Johan Pouwelse might also be an
interesting read (yeah, MS Word format, if you Google a bit you might be able to
find PDF). Not all of it might apply to your case, but there are certainly
elements you can use.
Erik (who has worked with Henk Sips and Johan
Pouwelse in the past) [ Reply to This | # ]
|
|
Authored by: itchytweed on Tuesday, July 03 2007 @ 08:02 AM EDT |
As a birthday present, I put together a computer system for my father to put his
collection of vinyl LP's onto CD's. He is retired and this was something he
enjoys doing. Well, in his collection, he also has reel-to-reel mag tape from
the record companies, one being Capitol Records. Now, both vinyl and mag tape
were prevalent in the 50's and 60's. There was equipment available to the public
to record on 1/4" mag tape. Did the RIAA go after and successfully
prosecute, on a regular, ongoing basis, people who may have been in the
"business" of making copies of the mag tape recordings for either sale
or friends. IMNAL, but can it be possibly applied that if there is no
sustainable history of defense of copyright throughout, that this may be
selective prosecution or a Latches (sp?) issue?
-Itchytweed
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 08:08 AM EDT |
OH right i play to many video games , can i really blame that also on murdering
them.[ Reply to This | # ]
|
|
Authored by: ka1axy on Tuesday, July 03 2007 @ 08:17 AM EDT |
14. For each suspected infringer, MediaSentry downloads a number of the music
files that the individual is offering to other users on the P2P network. Those
music files for each such individual are listed in Exhibit A to the Complaint.
Bittorrent doesn't work this way. The file you are downloading is split up into
chunks, and you download the individual chunks from any one of multiple IP
addresses offering the file. Unless MediaSentry is going to great lengths to
download all the chunks from the same IP, the file they end up with, though
bit-identical to the file stored on any of the IPs offering it, was not
downloaded in its entirety from one single IP.
A log of the network traffic during a bittorrent download will show that data
transfers are made from many different IPs during the download of a single file.
It's a small detail, but maybe important.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 08:44 AM EDT |
An important point that I have not seen mentioned is the nature of Torrent
clients. They are designed to be good citizens of the "swarm".
As soon as you start downloading a file, the client immeadiately starts sharing
the portion of the file that you have downloaded so far. Other members of the
swarm can then get a piece of the file from you. Once you stop downloading and
shut down your client, you stop sharing as well.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 08:48 AM EDT |
This whole statement assumes that this peer-2-peer trolling that Media Sentry
did was ONLY downloading and not uploading. They could have placed the files on
the p2p networks and then gone back and "found" them. They have a
financial interest in "finding" these files, and we have no way of
proving or disproving how those files were place on thos p2p networks. We also
have no way of positively determining if the files they claim to have downloaded
were really downloaded. Have Media Sentry and RIAA "Nifonged" us? are
they only presenting evidence that seems to help them while making sure all
other evidence is hidden or destroyed? If there are 1000's of files, how does
Media Sentry know that the computer owner placed them there and not Media
Sentry, one of is agents, some malicious outside party or just some other party?
Planted evidence is not proof of what crime occurred, just proof that a crime
was created. Media Sentry has a vested interrest in making RIAA happy. To what
ends will they go/have they gone to provide evidence that supports RIAA's
claims. And RIAA has always gone after small fish which makes it easy to create
the appearance of much evil to support their claims that much evil is going on.
And just who did prime the p2p networks with "pre-release works"?
Sounds like entrapment to me.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 09:06 AM EDT |
Computers, IP and individual users are not even synonyms much less
interchangeable as if each was labeled "1A,1B,1C"
"Two computers cannot effectively function if they are connected to the
Internet with the same IP address at the same time. This is analogous to the
telephone system where each location has a unique number. For example, in a
particular home, there may be three or four different telephones, but only one
call can be placed at a time to or from that home."
OK, so exactly who dialed the call .... and who is on the phone?
As for IP's --- others here have remarked networks, etc --- is this not general
knowledge a reasonably competent expert would know? If so, are these statements
misrepresentations?
But of the most important statement is
"The RIAA also reviews the other evidence collected by MediaSentry."
What is this, in total and exhaustive detail.[ Reply to This | # ]
|
|
Authored by: tz on Tuesday, July 03 2007 @ 09:14 AM EDT |
I think the problem is this - if I leave a stack of books in my open garage for
my neighbors to borrow, and some stranger comes in and takes them, it is still
theft.
Media Sentry can only prove that "There were books in the Garage".
It might be a fair use to, say, have my mp3ized CD collection available for my
cousin in another state to browse through.
And what of the licenses of both the clients, announcers, and torrent sources?
If they put up a dialog box requiring the same kind of EULA click-through
"Only Authorized users should click OK", would it fix things?
P2P isn't strictly a public performance or access (a broadcast to an anonymous
crowd), nor is it like a group of known friends listening to my CD player in my
living room (individual to individual), but a hybrid.
I would not give Media Sentry permission to access my computer if I knew it was
them (EULA style click-through again?). I would consider them to be the same as
any malware author, bot-herder, or malicious hacker trespassing and vandalizing
my computer.
Note that even if I knew someone was doing illegal activity on their home
computer (e.g. bragging at work), it would be illegal for me to hack their
computer, and I think it is illegal for even the FBI to do so without a
warrant.
Just because I have an open port (or don't lock and bolt my physical door)
doesn't mean there is an open invitation for anyone to enter. Or to pretext
much like HP.
They should find out who these people are and throw them in jail at least as
long as Kevin Mitnick, and with the same restrictions on not using any
computers.
[ Reply to This | # ]
|
|
Authored by: seanlynch on Tuesday, July 03 2007 @ 09:26 AM EDT |
The statements in 12 seem mostly accurate, but they have a glaring omission. IP
addresses are not guaraunteed unique from one internet session to the next.
These addresses can be assigned dynamically.
Users who have a unique ID this hour, may be assigned a new address the next
time they log in.
Exact timing, as well as logon and logoff records from a network's system logs
must accompany any identification of a user by IP address. There must also be
evidence that the computers involved all had their clocks set to the same
network time, so that a timestamp can be regarded as accurate.
Saying an IP adress is unique is true, but this does not imply that a given user
will always have the same unique IP address.
In order to uniquely identify a user to a given unique IP address, a long chain
of evidence must be built. None of that guarauntees that someone didn't just
walk into another student's dorm room and use an already logged in computer to
download the music without the computer owner's permission.[ Reply to This | # ]
|
- 12. IP adresses - Authored by: Anonymous on Tuesday, July 03 2007 @ 09:56 AM EDT
|
Authored by: globularity on Tuesday, July 03 2007 @ 09:30 AM EDT |
21. First, every day that copyrighted material is disseminated
without the authorization of the copyright owner, the copyright owner is
economically harmed. Prompt identification of infringers is necessary in order
for copyright owners to take quick action to stop unlawful and dissemination of
their works and minimize their economic loss.
Where is the link
between the economic effects of authorised and unauthorised distribution. Much
authorised distribution is done freely to promote a musical work, how can there
be a distinction between the effects of authorised and unauthorised distribution
in this context.
The question to ask is whether there is any proof that the
mere act of authorisation of distribution has any material effect on the
recipient of the distributed work's desire to give the RIAA money for whatever
reason.
I suspect the author of the statement is talking out of his hat and
knows he will not get charged with perjury
--- Windows vista, a
marriage between operating system and trojan horse. [ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 10:04 AM EDT |
The Declaration has the word "piracy" all over the place.
According to
Black's Law Dictionary
(centennial edition, 1990) piracy is:
Those acts of robbery and depredation upon the high seas,
which if committed
on land, would have amounted to a
felony. Brigandage committed on the sea or
from the sea.
With this in mind, the declaration is mostly
gibberish.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 10:17 AM EDT |
5. The Internet is a vast collection of interconnected computers and computer
networks that communicate with each other.
Too vague and technically
incorrect. Type in google 'define: internet' and find answer like 'A global
network connecting millions of computers'. However, not all computers connected
can actual communicate with each other (whatever is meant by 'communicate') for
various reasons like incompatible OS'es or firewalls.
It allows hundreds
of millions of people around the world to communicate freely and easily and to
exchange ideas and information, including academic research, literary works,
financial data, music, movies, graphics, and an unending and ever-changing array
of other data.
I wonder what he means by freely. This is
incorrect in any definition of the word 'free' but also means that he admits
that you can exchange anything freely!
Once a sound recording has been
transformed into an unsecured digital format, it can be copied further and
distributed an unlimited of times over the Internet, without significant
degradation in sound quality.
I believe this is old technology. My
limited understanding is that it is the record companies that record in
digital format so there is no transformation. Further, what the consumer already
buys like a CD is already in a digital format. So if it is a wav format (the CD
format) or a lossless format (say Flac) there should not be any loss of sound
quality. Depending on the definition of 'significant', all other format do
noticeably lose quality. However that is irrelevant to the 'internet' as I can
do that on any device like a computer or disc-copier even personal backups or
transfer to an music player.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 10:24 AM EDT |
First off, IANaL... Heck, I am not even an American. As a result, my comment
likely does not have any value in court.
I will paste my point-by-point comments below, but in short there are three
things that may need to be proven:
- File lists don't mean anything.
It just shows that there are files that have names that sound familiar to the
RIAA. Even if a downloaded sample from an individual shows that the downloaded
files contain music that is in line with the file name, it by no means proves
that this is true for the entire file list of that individual.
- Is the material really infringing copyright?
AFAIK, the fact that one can download a music file and play it does not
automatically mean that the file is infringing copyright. There may have been
perfectly legal ways to obtain a file that contains the music, without there was
any requirement for the individual to abstain from distributing the file.
Examples that come to mind are recordings from (regional, maybe on-line) radio
stations. If such files were created domestically, I wonder if there's any law
preventing one from distributing it. What if the file was legally created and
distributed outside the US. If that file is downloaded in the US does it all of
a sudden become an infringed file?
- Time and dates RIAA has seen for activity may not be traceable to an
individual.
Only if the devices on the side of the university have been using authoritative
time servers to time stamp the logs, and the investigators have also ensured
that their logs are created using the time stamps of an authoritative time
server one can start to dig deeper into the university.
Even then (and assuming no spoofing of IP / MAC addresses has occurred), one can
only establish which PC was used to generate the traffic. Dependant on the
logging, one potentially can determine what OS user account was used for the
action. Then one still has to prove that this account was accessed by the
individual that is being charged. It could very well be that the user account
has become compromised without the knowledge of the individual (someone may have
looked over the shoulder to obtain uid/pw or someone may have copied the
security card, etc). This means that once a user ID has been established, one
needs to prove that person X was indeed using PC Y at time Z. Furthermore, one
has to prove that it was not done by someone else in the background from that
computer without the user knowing it.
FWIW, below are the details the points I think I can comment on below.
Point 5
Define “Unfortunately, the Internet also has afforded opportunities for the
wide-scale piracy”. The Internet is a global thing. How many songs (not
guesstimates, but proven numbers) are illegally distributed. Wide scale I
believe also needs to be put in perspective against a similar metric for legit
music sales (on- and off-line combined). This will allow a proper assessment of
the impact. That impact in turn could justify the use of wide-scale. Then... How
does that relate to these few individuals.
Point 6
Justify “Much of the unlawful distribution of copyrighted sound recordings over
the Internet occurs via P2P”. Wild statement. There are many other ways to
distribute illegal content. News groups, web sites, radio broadcast, podcast,
etc. By showing a breakdown of actual proven numbers (not guesstimates) are done
through P2P.
Point 8
“The major record companies generally have not authorized their copyrighted
sound recordings”. Prove that the music that is allegedly being distributed is
from an illegal source. A few ways of obtaining legal (or at least as far as the
consumer can tell legal) digital copies of music are a digitized radio recording
(in some countries there are no blanket rules in recording from the radio) or
podcasts that do not explicitly prohibit re-distribution of music. Once such a
recording has been made legally, it may be distributed legally as well. For a
consumer it is impossible to easily determine if the file transferred is illegal
(there’s no copyright notice). One cannot expect a consumer to assume all
content is illegal until it has been established legal.
Point 9
As mentioned in earlier point. Show verifiable numbers. Also, factor in extra
revenue generated by CDs being bought because someone was introduced to music
and liked what one has heard through allegedly illegal on-line sources.
Point 10
Prove that infringement is taking place. File names that the plaintiff observe
may not match the actual content of the file. Even if the content matches the
file name, prove that there has not been a way for the individual to legally
obtain the material. (See point 8)
Point 11
Does this not imply that MediaSentry has been distributing content with
permission from RIAA. MediaSentry has been logging on, downloading (and
apparently also distributing due to claimed functionality) content. This means
that copies of files without copyright notice have been distributed on behalf of
RIAA. As a result, the content has been made freely available by RIAA and
therefore these copies are legal to own
Point 12
Each IP that MediaSentry can see is only the external IP address of an
organization. The internal IP addresses are most likely not to be constant. The
only way to prove that a particular computer was used for something at a given
point in time requires one to know the exact time that that computer was used.
Point 13
MediaSentry is able to detect that from a certain network certain files are
shared. Still need to prove that content of the files shared is indeed copyright
protected and that the file could not be legally obtained through other sources
than RIAA controlled sources. If the file could be legally obtained through
other sources, prove that one is not allowed to redistribute it.
Point 14
Listings of files do not prove infringement. It is the content of the files that
may constitute infringement. Again, just as in previous points, prove that the
content of obtained files is really infringing.
Point 15
The fact that one can listen to certain music, does not mean it has been
obtained and (re-) distributed in an illegal fashion. Nor does it need to be
obvious to the user that the (re-) distribution of the file was illegal.
Again…. File lists do not constitute infringement.
Point 16
Though conceptually possible, one will have to prove that the hardware at the
ISP, university or other organization is running at exactly the same time as the
hardware that the investigator is using. Although time zones are less relevant
(easy to correct for that), two computers will not indicate exactly the same
time unless certain conditions are met (e.g. synchronization of local time with
an authoritative time server).
One will have to prove that the computers are indeed indicating the same time,
before times/dates become relevant variables.
Point 18
Prove that the music could not have been legally (or at least seemingly legally)
obtained through media that do not indicate that the material is copyright
protected and then re-distributed.
Point 19
File lists do not mean a thing. Even if files are of the type as indicated in
the file list (say .mp3), the actual content of the recording by no means has to
match the content indicated by file names or meta tags.
Point 20
Only if material indeed is infringing
Point 21
Please prove that every day that the content is shared is causing more harm. In
order to do this one would have to prove that not sharing the information would
lead to higher sales. Also one would have to prove that dipping sales are a
direct result of the material shared. One needs to prove that listening to the
material obtained on-line is not leading to sales. In short, show the economic
links. Last but not least… Prove that the content is indeed infringing.
Point 22
Unreleased material that is hitting the Internet can do so for two reasons:
1. It is actually an on-line release;
2. Theft has occurred in the chain that is under control by the copyright
owners. That is where the loss is generated.
Unless there are clear statements from these sources, individuals receiving that
material have no way of knowing that the material is actually copyright
protected. As a result one could argue that the individual, unless proven that
the material has gotten into the individuals hands through illegal ways (or with
the explicit notice that the material may not be redistributed), has the right
to distribute.
Point 23
Is extra discovery allowed even if it has not been established that the material
made available online is really infringing?
Point 24
This is only relevant if one can prove that the ISP or organization is keeping
logs on a piece of hardware that is ensuring it is keeping time that is exactly
in line with the time that the hardware of the investigator uses. If there is a
chance that these two times are not in sync, the logs of the ISP or organization
are worthless to identify anyone.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 11:05 AM EDT |
I work at a mid-sized cable company on the business side of the Internet
division. As you will see, its better I remain anonymous
The discussion so-far has revolved around technical and legal analysis. There is
a far more important point that has to be considered. Each ISP has its own set
of policies and procedures for running the network. These vary based on the
different types of network hardware installed, software versions, legacy
constraints, contractual and regulatory peculiarities, maintenance budgets,
business strategy and the competence of the employees. No two ISPs run things
exactly the same way.
For example, my company is planning to charge customers for some types of usage.
Implementing has been a nightmare. We found in one area with 350k subscribers
that 18,000 had given themselves static IPs. 18,000! It wasn't supposed to be
possible, so we never looked for it. In another case, because accurate assigning
of use had never been an issue, we had no measures to prevent MAC spoofing. It
turned out there was a LOT of MAC spoofing going on. We turned on some
previously unused DOCSIS features that eliminated 99% of the spoofing. But the
point is we simply hadn't bothered because it was not a problem for us or the
customers. Until a recent update of a particular platform, the accuracy of the
IP to MAC match was so shaky we couldn't send anyone a bill.
My company is actually well run. It does 5,000 things right and 50 things wrong.
Its a big complicated business. You fix the problems that most impact the
customers. We do it well and can still turn up stupid things like I described.
Every ISP or big network has problems. Without specific knowledge of how a
particular ISP runs its business, there is no way to know how accurate a
particular bit of remotely captured information may be. The only experts are the
people who work at the ISP.
[ Reply to This | # ]
|
|
Authored by: Marc Mengel on Tuesday, July 03 2007 @ 11:09 AM EDT |
This is some serious propaganda here... Alas, he probably believes it.
So point by point...
5. He talks about "unsecured" digital formats, as if there were
"secure" ones -- there aren't, that's a myth.
He neglects that music CD's, published by the music companies, are
an unsecured digital format. In any case, secured versus unsecured has
nothing to do with this discussion.
6. While some distribution of copyrighted recordings does occur
using P2P software and protocols. How much of that distribution
is fair use under copyright law has not, to my knowlege, been
established, so the claim that such copying is "illegal" is not
established.
8. Once again, not all copying not authorized by the copyright holder
is illegal.
9. This is false on its face. Anything can be over- or under-estimated.
Also, people can easily disguise their identity from Internet Service
Providers, in many cases by illegally using other peoples computers
withouth their knowlege or consent. So claiming that ISP's neccesarily
know who is using their services is a fallacy.
11. MediaSentry is not a licensed investigator in most states, so retaining
them as a private investigator is not neccesarily a good plan. If P2P
software is illegally installed on a computer by a 3rd party without
the owner's knowlege or consent, then MediaSentry's use of that
installation is equally illegal.
12. IP addresses are only temporarily unique, and do not uniquely identify
either a computer nor the person or people using the computer. It is
NOT analagous to a person having a telephone number which is identified
with them personally. ISP's, universities, etc. cannot identify the
person or people who were using a given IP address at a given time, only
the person who initially registered or paid for that service. They cannot
tell for certain who is using the computer in question, or if it is even
the same computer that was used for the initial registration. They can
at best identify the MAC address of the piece of hardware (i.e. router
or network card) that was used. MAC addresses are configurable and
modifiable at any time. So for example, one can register for service
with a computer with a network card directly connected to a wired
connection, and then replace that computer hookup with a wireless
router, and configure that router to present the same MAC address
as the network card on the computer (so as not to have to re-register
with the ISP) That wireless router can use Network Address Translation
(NAT) to allow dozens of computers to share that ISP connection, and
the ISP will be unaware of this change, except possibly for an
increase in traffic.
13. The P2P software only identifies the IP address of the nearest
access point. Reusing the example above, the IP address gained would
be the one of the wireless router, which could be being used by
literally dozens (or even hundereds) of computers.
14. Once again, if the P2P software is installed without the owners knowlege
or consent, or is being used on a hijacked network connection without
the owner/renter's knowlege or consent, then MediaSentry is participating
in that illegal and unauthorized use. If someone taps into your
home telephone line, and uses that phone line to sell drugs, that
doesn't make you guilty of selling drugs, it's the person who tapped into
your phone line.
15. The fact that they verify that some person was infringing does not mean
they have the slightest clue who that person is.
16. The IP address cannot possibly have identified the INFRINGER. They are
obtaining IP-address-to-CUSTOMER data on the ASSUMPTION that the customer
who paid for the IP service is the infringer, or would reasonably know
who it is. This assumption is, in the current world, unfounded.
See for example:
http://www.ciphertrust.com/resources/statistics/zombie.php
which states that nearly 250,000 'zombie' computers are identified
EACH DAY. Huge numbers of computers are currently being used for
all manner of illegal activities without the owners being aware of it.
17. The RIAA has gotten the names, addresses, etc. of ISP customers who
may or may not have been infringers. They have no way of knowing
whether the people whose names, etc. they have obtained are the
infringers.
20. Once again, they have not obtained the identity of the infringer, only
of the customer who paid for the ISP service used by the infringer,
and even then they have obtained the identity of that customer only
assuming the clocks on their logging system are set correctly, etc.
23. Even once they have obtained the data they are asking for, they
STILL don't have the neccesary data to identify the infringer,
and they are often serving the complaint and summons to the wrong
person.
24. I am quite certain the ISP's do not vouch for the accuracy of those
logs that are subpoenaed to find customers, nor are they maintained with
the sort of evidenciary rules sufficient for a court of law.
Once again, they are not identifying the infringer, only the customer
paying for the ISP service used by the infringer.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 11:37 AM EDT |
IP, at its very best, points you to a single computer. UserID on P2P network at
best, only shows that someone is sharing something he is not suppose to. The key
here is that there is NO way it tells you who is the person sharing file. Both
evidence, whether individually or viewed together, does not pinpoint who is the
infringer.
Take as an analogy speed camera. It catch a car speeding. Old fashion speed
camera at times cannot capture a picture of the driver. Without the law
requiring the car owner to identify the driver or face the penalty himself, a
lot of driver did get away with speeding.
As far as I can tell, there is no such law in DMCA that is analogous to
requiring computer owner identifying the infringer. All I see is computer owner
served with "take down" notices.
To use a more sad example, one in the early days of internet and that was
featured in Reader Digest, a US Police Department had to show the court that the
pedophile is using a particular username on the net by the painstaking
surveillance work to demonstrate the computer is at the accused's home, and the
user is only active when the accused is at home and when he is not, the user is
not active as well.
I think this is important because all RIAA is able to prove is someone
infringing their rights, but they cannot actually pinpoint who.
----
Not really sure whether this amount to anything. On paragraph 18 it says that
RIAA's agent listen to a "representative" sample of the mp3 they
downloaded. Surely from an evident point-of-view, they can only litigate on
those mp3 files they actually downloaded as they do not have proof that the
other files they have on their "list" are infringing, however
representative their samples are.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 11:58 AM EDT |
No one has yet addressed the question of how RIAA can tell whether files on my
computer are licensed or unlicensed by listening.
Lineres' said *** The RIAA
also listens to the downloaded music files from these users in order to confirm
that they are, indeed, illegal copies of sound recordings whose copyrights are
owned RIAA members.*** (para. 15) and ***The RIAA downloaded and listened to a
representative sample of the music files being offered for download by each
Defendant and was able to confirm that the files each Defendant was offering for
distribution were illegal copies of sound recordings whose copyrights are owned
by RIAA members. *** (para. 18)
Is there anyone with technical credentials who
can say that Lineres was lying since it is impossible to distinguish between
licensed sound files and unlicensed ("illegal") copies by listening?[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 12:01 PM EDT |
Disclaimer: I'm a security analyst with forensic experience, but most of my
forensic work as been internal to my organization. I've worked with law
enforcement on a select few occasions but none of my work has ever gone to court
as evidence. Naturally I disagree with the RIAA's motivations and methods, but
I'll try to be as objective as possible.
The only way to reliably say "this computer right here is the one used for
infringing activity" is to do a forensic on the hard drive(s) of the
machine itself. However in order to justify a subpoena of that computer, the
RIAA will need to be able to cross reference several logs, as other posters have
pointed out. The declaration does not get into public and private addresses and
Network Address Translation, but these are technologies employed by most
enterprise organizations and ISP's. Using NAT, a private IP address, which is
not globally unique, is translated to a public address. A public address can be
an individual address or a range of addresses assigned to an organization. These
addresses are globally unique. Specifically, in a typical enterprise
environment, to tie a public IP logged by MediaSentry|SafeNet to a physical
location such as a dorm room, the RIAA would need:
1. Logs from the router, layer 3 switch, server, or firewall that performs
Network Address Translation. Specifically, those logs need to tie the public IP
recorded by MediaSentry to the private IP of the offending computer. It should
be noted that most devices that perform NAT don't log by default. Enterprise
grade firewalls will normally log translated addresses that send traffic out,
however some firewall admins (myself included) configure firewalls to refrain
from logging traffic from public segments for privacy purposes.
2. Assuming dynamic addresses are in use, the logs from the DHCP (Dynamic Host
Configuration Protocol) server would be necessary to indicate what computer was
assigned the offending private address. A DHCP server can be a physical server
or it can be a network device. If configured for logging, the DHCP server will
log the IP address assigned to each computer on the network and the MAC (Media
Access Control) address of that computer. Some DHCP servers will also log the
hostname of the connecting machine. A MAC address is assigned to the network
card in a computer, however it is possible to change the address used by a
computer on a network. Also it should be noted that DHCP server logging
configurations vary. For example, a Windows DHCP server by default only retains
logs for seven days.
3. In order to tie the MAC address of a computer to a location, one would need
access to network equipment, specifically the LAN switch the offending computer
is plugged into, as well as wiring charts. It should be noted that most switches
do not log where a specific MAC address was at a given time, rather they show
where a MAC address is "right now".
So the flow of information would be:
1. Reference the public IP address acquired by MediaSentry in the NAT logs (if
any) to get the private IP address in use at the time the offending traffic
occurred.
2. Reference the private IP address with the DHCP server logs (again, if any) to
get the offending MAC address and/or hostname.
3. Reference the MAC address with the necessary LAN switch and wiring
schematics. Network admins will normally be able to determine the appropriate
switch, depending on the type of equipment used and its capabilities.
The following addtional items may come into play:
1. Some networks use authentication systems to check a library card, student
number, or username and password when a user connects to a network. Those logs
would come into play as well.
2. Some networks use a proxy server to handle certain types of traffic. Those
logs could also come into play.
The following "gotchas" could be used to impeach any of the above
items as evidence:
1. Time synchronization is a headache many network admins struggle with (or
ignore). You may be able to demonstrate that any of the above logs are out of
sync.
2. If a computer has been moved, that confuses the issue. Likewise, if multiple
people use one computer, whom do you prosecute? (IANAL)
3. Most of the log files involved are stored as plain text files, and therefore
can be edited. To do a forensically sound data acquisition of those files would
require either a backup restore (assuming the necessary logs are backed up) or
it would require the server to be powered down. In a Windows environment, just
clicking on a file, let alone actually opening it, modifies the date and time
stamps on that file. So if server admins on site have started looking to see who
the offending party is, they may have already contaminated the log files as
evidence.
4. Most computers running Windows that are used by a young adult, especially a
young adult male, have some type of spyware or malware on them. Chances are the
defendants' computers have managed to pick up some malware somewhere along the
line. While I don't personally approve of the "Hackers broke into my
machine and did eveil" defense if it doesn't apply, it is true that hacker
groups have been known to compromise a machine then use it to host copyrighted
material, and there are viruses that, upon infecting a computer, write data to
the share directories of common P2P programs.
Hope this helps.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 01:50 PM EDT |
I can fabricate a lot of evidence and the show it to a bunch of people with the
highest integrety. There is no objective conclusion possible about the validity
of the evidence if the means of gathering that evidence are not available for
review and testing. Since mediasentry does not want to let people see how their
software does what it does their evidence is worth nothing. I'm not from the US
but I seem to remember even you guys have laws against illegal gathering of
evidence. If you are not allowed to review the way the mediasentry software does
what it does.....how can anyone guarantee no illegal means were used?
The likelyhood of illegal measures here is higher than in any other case because
mediasentry relies in some way of communicating with other peoples computers. It
is not presenting itself as a company working for the riaa so they are not doing
this with the consent of the end user. If the software reads the contents of
peoples harddrives, I'm not saying it does but who knows, it might very well be
breaking the law because the owner never gave his consent and mediasentry did
not apply for a search warrant to do so.
That's speculating and I admit it. That's the point isn't it? If you do not know
what the software does and more importantly HOW it does it.....speculating is
all you can do about the evidence it gathered. [ Reply to This | # ]
|
|
Authored by: mtew on Tuesday, July 03 2007 @ 01:55 PM EDT |
It is quite difficult to synchronize clocks.
The difficulty increases when:
1) more accuracy is needed.
2) the distances involved increase.
Random errors contribute to the difficulty but not necessarily in a predictable
fashion. Some of these errors are:
1) Variations in transmition times for any of a large number of reasons.
2) Diligence of the people who keep up the end equipments' hardware and
software.
3) Diligence of the people who maintain the network hardware and software on all
the devices that connects the end points.
4) Environmental variations for all the above including but not limited to
supplied power quality, temperature, humidity and altitude.
This means that comparison of time values on different systems will be
inconsistant to some degree or another. Bacause of this inconsistancy, the size
of the inconsistancies is needed to establish the accuracy ot the comparision.
More precicely, the order of two events can only be stated with certainly when
the time-like seperation between the two is significantly larger than the
inconsistancy of the time measurements.
Note that this is the inconsistance of the measurements. There can also be
systematic errors in the measurements that have to corrected before any
comparision is meaningful.
So before you can establish the order of two or more events you have to:
1) Identify all sources of systematic measurement differences.
2) Correct for the systematic differences that you can.
3) Establish limits on the size of the systematic measurement differences you
can not correct for.
4) Establish the amount of measurement inconsistancy.
5) Assure that the differenc in the measured values is significantly larger than
(3) and (4) combined.
For example, if you do not correct for the difference due to different time
zones, the order of two events less than 26 hours appart (maybe more) can not be
specified. Other errors or inconsistancies would increase that margin.
---
MTEW[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 02:30 PM EDT |
From what I can see, MediaSentry was authorized by the RIAA to download the
files they downloaded.
They don't appear to provide any evidence that the files in question were
downloaded by anyone other than Mediasentry.
Hence, they provide no evidence of unauthorized downloading of these files at
all.
Of course they also mention some other files which they only know metadata for,
and they could be anything at all.
ISTR that "making available" is itself illegal in the US, but that
seems to me to be the *only* thing this statement could be used to indicate.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 02:45 PM EDT |
Not being a lawyer I'm always a bit curious as to why the RIAA is allowed to
list evidence received from Mediasentry/Safenet when the methods for
collection of such evidence are undisclosed? If there is no need to show the
methods of evidence collection then for all we know Mediasentry has only a
random number generator to name those to be accused and a set of reusable
screenshots of said transgressions.
The courts in a number of countries, including Canada's Federal Court of Appeal,
have found Mediasentry's investigations to be unacceptable by the courts so why
are US courts still accepting any documentation from these folks without and
inquiry as to the methods, if any, used?[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 02:53 PM EDT |
Yes, there are flaws in the affidavit. Both technical and legal.
But the facts presented, even allowing for the flaws, do present sufficient
evidence that people utilizing those IPs may have infringed, assuming the P is
correct about their cause of action and making available is infringment.
Whether or not NAT or a wireless router were used... even if a single IP was
shared by 400 people in one entire dorm, is not relevant at this point. The P
is not trying to make the account holder liable merely because they are the
account holder -- they just want to ID them so as to depose them to determine
who *is* liable. To find those people behind the IP (be they 1 person or 400)
in order to question them, and to find the devices behind that IP, the P is
entitled to the subpoena.
HOWEVER, they are only entitled to question them if the P has a cognizable case
as pled. *That's* where to attack.
Assume they are enforcing a valid copyright for song XX. Is having a copy of a
file called "XX" infringing? No. There are some explanations for
having file XX that are not infringing. There are some scenarios that having
file XX would be infringing. To quash the case, you must be able to show that
in all possible explanations for the existence of file XX, no infringement
exists. But the existence of the file may be enough (today) to allege possible
infringement (i.e. that the person possessing the file downloaded that file and
made an infringing copy).
But then again, in this day and age of a billion songs sold legally online, and
a resulting billion legal song files on consumers' hard drives, can the mere
presence of file XX be enough anymore to be sufficient evidence to get a
subpoena and invade privacy? 10 years ago, yes. 10 years from now, no. What
about today?
HOWEVER, the complaint does not claim the possession of file XX is infringing.
They make *no* claim that file XX is an illegal copy. The court must limit
itself to the theory of the case advanced by the party. The court must
therefore assume then that the copy on the computer is a legal copy, such as
purchased through iTunes.
Now the interesting part....
If I leave a copy of a retail-purchased legal CD on a public table in the park,
allowing anyone in the public to SEE it, am I guilty of infringement?
If I leave a copy of a retail-purchased legal CD on a public table in the park,
allowing anyone in the public to TAKE it, am I guilty of infringement?
If I leave a copy of a retail-purchased legal CD on a public table in the park,
but with some chain attached to it such that it can be inserted in a CD player
and played, but they can't TAKE it, am I guilty of infringement?
If I leave a copy of a retail-purchased legal CD on a public table in the park,
but with some chain attached to it such that it can be inserted in a computer
and COPIED, but they can't TAKE it, am I guilty of infringement?
If the answer to all is "no" then, as pled in this case by the P,
there is no case for infringement.
The P can re-plead, of course, to allege direct infringement, and then they
clearly CAN get the subpoena, IF MERE EXISTENCE OF FILE XX is still sufficient
in this day and age. Then the question will be whether the copy of song XX on
the computer is legitimate (legal) or not. If it is, then the above CD on the
table scenario should be dispositive. If legality turns on an affirmative
defense, then the P still gets the subpoena.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 03:53 PM EDT |
Comments are numbered, the same as the declaration is numbered.
6) the bittorrent thing: Bittorrent is explicitly designed to be agnostic, used
for anything. That there are illegal uses doesn't matter as the creator of
Bittorrent is very careful to never ever promote them. BT never tried to
"capitalize" on the illegal market created by Napster
8) "Major record companies" control only sound recordings. P2P
distributes far more than sound recordings. If, by P2P transfers, he meant
"transfers of sound recordings", then he would have a point. But he
seeks to equate using a network with violating recording industry copyrights,
which is a different matter.
9) Several studies have found no appreciable impact on CD sales due to P2P file
exchanges -- that is, they appear to imply people buy what they would have
bought (or almost the same) -- then download EXTRA.
11) A search 'can be as simple as'? That's a totally inadequate description
coming from someone who's supposed to be an expert in antipiracy tactics. And
what "searches of the Internet, as well as file-copying services"?
Are there file-copying services that DON'T involve the Internet? (Yes, it's a
nitpick. He's supposed to be an expert, he's being far too sloppy with the
details.)
Further, how can MediaSentry possibly "gather evidence of copyright
infringement" by "using the same functionalities that are build into
P2P programs?" Simply seeing that so-and-so's computer comes up as
advertising "hey, I've got file XYZ" proves nothing -- you need to see
the contents of that file. Can MediaSentry tell that the defendant uploaded
that file to anyone OTHER than MediaSentry? As the agent of the copyright
holders, any copy the defendant gave to MediaSentry cannot possibly violate the
copyrights -- they were authorized to create that particular copy. Absent a
showing that the file was uploaded to *others* MediaSentry's shown nothing.
But they claimed to 'use only the same functionalities built into P2P
programs'. P2P programs don't let you monitor the activities of third parties.
Therefore this statement is either vague, or inaccurate.
12) Look up Network Address Translation. This is totally wrong. It is entirely
possible for >1 computer to use the same IP address at the same time. In
fact, it is possible to configure a wireless router to allow anyone who walks up
to it free access -- many come configured this way out of the box! If that is
the case, there may be no way to tell which individual machine was using the IP
address at the time the allegedly illegal activity was supposed to have
transpired.
14) "Additional data that track the movement of files through the
Internet"? Exactly what additional data? Why gloss over this particular
item?
14/15) I note that the RIAA never sees the evidence until after MediaSentry
turns it over. How have MediaSentry's procedures been validated? Have they
ever made a mistake? If so, how often? If they claim not -- how many thousands
of these cases have they run? It's inconceivable no mistakes were made,
especially if they won't talk about how it was gathered. Note they say the RIAA
"engages in a painstaking process to verify" but they don't mention
anything about how careful MediaSentry is.
But basically, there needs to be an examination of MediaSentry's methods and
some kind of chain of custody.
15) As Vice-President of Piracy, I'm sure this man is very busy. He has a lot
of stuff to do. It ought to be pretty trivial to prove that he has not got the
time to personally inspect *thousands* of these lists. And that's how many
there are, for that's how many of these suits they've filed. I would inquire as
to whether he is simply vouching on the basis that the people under him are
supposed to have checked it, or if he PERSONALLY verified anything -- and if so,
how he did this verification.
16) How many times has the ISP given mistaken information as to identity? As
the VP in charge of this effort, he ought to be able to give you a number. How
does he know they have accurate data? Would he even notice if they gave
inaccurate data?
18) They only checked a "representative sample"? Then they can't
claim damages for anything they didn't check.
19) They attached the P2P username "if available"? How could they
POSSIBLY have evidence someone had been on a P2P network -- and not have their
(alleged) username? Something smells fishy here. Which P2P network are they
alleging that this happened on? Most networks require usernames.
Some work directly off of IP addresses and don't need names, but the ones
MediaSentry seems to be tracking are the ones that DO require usernames. All of
the ones I am familiar with that let you "search" the way they're
describing require usernames. If they claim someone used a network that
requires a username -- but don't have that username -- that's HIGHLY suspect.
20) The only "infringing" activity they can prove happened isn't
actually infringing at all, because it is activity they themselves requested and
authorized. They have no evidence as to volume of any other kind of activity
perpetrated by the individual. Furthermore, on a larger scale, their efforts
have been shown by studies to have had exactly zero effect on the total volume
of illicit file trading. Therefore the 'expedited discovery is essential'
argument is specious -- they haven't even shown there's anything to stop (at
least for this particular individual).
21) Economic harm is disputed as noted above. Prompt identification or not,
their efforts at mitigation have been empirically demonstrated to be futile
anyway.
22) Have they alleged that happened in this case? If not then this is totally
irrelvant. If so, then they should have specifically included those works in
spite of their not wanting to "bury the court in paper". Prerelease
leaks are a drop in the bucket. First, much more stuff has been 'released' than
is 'unreleased'. Second, 'unreleased' stuff either a) isn't unreleased' for
long, or b) is never released -- and therefore cannot possibly cause economic
loss to the RIAA.
24) This is boilerplate. You aren't suing "people", you're suing
specific individuals. Given you have a list of IP addresses, you ought to know
exactly which ISP owns the IP addresses in question. You should therefore know
*exactly* what the time window for discovery is. This may turn out to be
extremely urgent -- or it may be a non-issue. Having failed to determine how
time-critical it is, you cannot now complain to the court that it's urgent.[ Reply to This | # ]
|
|
Authored by: GLJason on Tuesday, July 03 2007 @ 04:16 PM EDT |
Users of P2P networks can be identified by their IP addresses
because each computer or network device (such as a router) that connects to a
P2P network must have a unique IP address within the Internet to deliver
files from one computer or network device to another. Two computers cannot
effectively function if they are connected to the Internet with the same IP
address at the same time.
If computers are operating behind a
NAT, they will all appear to have the same IP address on the internet. For
instance, I have a static IP range on my home DSL. The DSL is connected to a
wireless router setup as a NAT (Linksys WRT54GL). My Cisco DSL modem plugs into
the 'internet' port on the Linksys and my gigabit switch plugs into one of the
ethernet ports. I have a range of IP addresses, but the router itself is
assigned to one in particular (let's say that it's 10.45.99.205, I don't want to
give it out). If I had a switch in between the DSL modem and the wireless
router, I could connect computers to it and assign them IP addresses from
10.45.99.192-10.45.99.204.
As it is, all of my computers are on the switch
inside my local network, and they have internal addresses assigned to them by
the Linksys router. These addresses are purposely reserved by the IANA for use
such as this. My Linksys router has an IP address of 192.168.0.2. I can assign
my computers static IP addresses between 192.168.0.3 and 192.168.0.99. DHCP is
enabled and will assign addresses from 192.168.0.100 to 192.168.0.254.
Typically I have my main computer connected as 192.168.0.90 and my wife's
computer connected as 192.168.0.91. When my laptop connects, it usually gets
assigned address 192.168.0.100.
All three of these computers appear to
be coming from IP address 10.45.99.205 when I connect to a site on the internet.
If a friend beings his laptop over, he'll get assigned IP address
192.168.0.101, but no site on the internet will ever see that, it will also look
like IP address 10.45.99.205 to anyone not on my local network.
What
enables this is that TCP and UDP protocols each have 65535 ports that can be
used. When one of my computers goes to groklaw.net for instance, it may be
coming from port 9600 on IP address 192.168.0.90. The wireless router sees that
this computer wants to make a connection on the internet to groklaw.net, so it
reserves an external port, let's say 25000, and changes the packet information
to show that it's coming from 10.45.99.205:25000 instead of 192.168.0.90:9600.
Groklaw sees only this address, 10.45.99.205:25000. When it sends a reply
packet back to 10.45.99.205:25000, my wireless router realizes that it has setup
this to go to the internal address and port 192.168.0.90:9600, so it changes the
information in the packet and sends it to my computer. This works much the same
with UDP and P2P networks. Either it detects an outgoing UDP packet and
reserves a port the same way, or Universal Plug-N-Play is used to reserve an
external port.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 04:39 PM EDT |
6.
Much of the unlawful distribution of copyrighted sound recordings
over the Internet occurs via "peer-to-peer" ("P2P") file copying or so-called
online media distribution systems. The most notorious example of such a system
was Napster
Napster was a p2p network but was in significant ways
different from most other p2p networks in that it was
serverbased.
12.
Users of P2P networks who distribute files
over a network can be identified by using Internet Protocol {"IP") addresses
because the unique IP address of the computer offering the files for
distribution can be captured by another user during a search or a file
transfer.
This statement is not correct.
1. If the user is
behind a NATing firewall/router, you will only see the ip address of the NATing
firewall/router. Since most routers for home use are NATing this is often the
case.
2. If the user is using a wireless lan with no or bad (WEP) security
anyone could use the network. Since most wireless home routers are also
NATing, this means that it is impossible to know the identity based on ip
address whithout inspecting the users network.
3. Anyone with access to the
network of the user, and especially with access to gateways etc, could use the
users ip address, without the user ever getting to know it.
Thus it is
not possible to connect the ip address to the computer end point for the
communication. The ip address in the header is only a tag for a path the
information flow in case a NATing firewall or router is used.
4. The
users computer could in some way be hijacked.
5. There could be multiple
users of the same computer.
Thus, EVEN if you could connect the ip
adress and the computer that is the end point for the communication, it is not
generally possible to know WHO is sitting at the computer and thus who is
commiting the crime.
Thus users of network can not NOT be identified by
the ip address.
The comparision with telephones is not correct. With a
NATing firewall, many users in a home, and even outsiders, can use the network
at the same time even though the ip-address seems to be the same for an outside
viewer.
14.
[...] such as metadata accompanying each file
being disseminated that demonstrates that the user is engaged in copyright
infringement.
Metadata can be changes independently from the
"media" content of the file. Metadata content is no proof of copyright
infringement.
16.
In some instances, providing the IP
address alone to the ISP has been enough to enable the ISP to identify the
infringer.
As stated above, the IP address does not identify an
infringer. Firstly, it is possible for an outsider to use an other computers ip
address. Secondly, if there is a NATing firewall it is not possible to know
which computer is the endpoint for the communication. Thirdly, if there is a
wireless access point, with low security, used behind the firewall anyone could
use the network and the for an outside viewer the endpoint would seem to be that
ip address. Even if no NATing firewalls was used, the ip address is only
identifying a computer, and not a person. Thus the ip address ca not identify an
infringer.
The argument that the ip can be used to identify an
infringer is used several times, and in all cases it is
wrong.
19.
These lists often show thousands of files, many
of which are sound recording (MP3) files that are owned by, or exclusively
licensed to, Plaintiffs.
I don't know american copright law and i'm not
lawyer, but I know that in other countries the copyright owner doesn't own for
example a record you buy. The copyright owner however has other rights to the
material, and those rights are regulated by copyright
law.
21.
First, every day that copyrighted material is
disseminated without the authorization of the copyright owner, the copyright
owner is economically harmed.
My comment to this is not of
technical nature . But the statement is plainly a lie. The copyright owner is
only economically harmed by an illegal download if 1) the downloader doesn't buy
the product *because* of the download, and 2) the copyright owner, if the
downloader had bought the material, would have recieved economically
compensation. The number of downloads are ofcourse of significance as well. If
all other factors favor an economically loss for the copyright owner, then a
limited number of downloads will incur the copyright owner with only a limited
loss.
[ Reply to This | # ]
|
|
Authored by: lunkwill on Tuesday, July 03 2007 @ 04:45 PM EDT |
Executive summary: Ties between IP address and humans are very uncertain.
Proving economic harm is tricky. Speaking of "unsecured digital
format"s is largely meaningless.
Paragraph 5: "Once a sound recording has been transformed into an unsecured
digital format, it can be copied further and distributed an unlimited of times
over the Internet, without significant degradation in sound quality."
The notion of an "unsecured digital format" is problematic and
requires careful definition. Consider CSS, the DVD scrambling format, which
went to court as a "technological measure which effectively controls access
to a copyrighted work" per the DMCA. Here's the important bit: even if CSS
hadn't been broken in numerous ways, a bit-for-bit copy of any DVD will still
work in any DVD player. CSS encrypts video data using an (insecure) cipher,
using keys intended to be kept secret in every DVD player. Part of the
information necessary for decryption is recorded on the disk in a nonstandard
way, and *that* might make it slightly more difficult for the average user to
make a complete copy of a DVD. But that nonstandard part is what makes copying
inconvenient (though not at all impossible) -- software can't help you
distinguish 2 DVDs with the same bits on them.
Likewise, all other tricks for creating "secure" digital formats,
"trusted computing" included, are just that -- tricks. They don't
have a solid theoretical basis; they're just stumbling blocks companies use to
try to slow copiers down. But it's a fundamentally losing battle.
Paragraph 8: "vast majority" needs backing up. Lots of people
download Linux CD images via, say, BitTorrent, perfectly legally.
Paragraph 9: "lose significant revenues on an annual basis due to the
millions of unauthorized downloads". That's a 'what if' and thus
impossible to prove.
Paragraph 12/13: "Mediasentry finds individuals". False, due to NAT.
(Have others already pointed out that people who run open wireless networks may
not even know who's using their IP address?)
Paragraph 14: "engaged in copyright infringement". Tricky to prove:
Mediasentry receives the files, but they're a special case. What if the only
other computer which receives the file is owned by the same user? (Eg., I
download a song to my work computer from my home computer via a P2P network).
Paragraph 17: the computer(s) that own an IP address do not uniquely identify a
human guilty of infringement. Who was at the keyboard (and which keyboard)?
And the keyboard may not even be attached to the computer owning the IP address.
I can use Remote Desktop (VLC, etc.) to control a P2P client from across the
world.
Paragraph 18: verifying they were "illegal copies" is very difficult
and not what they actually did.
Paragraph 19: "number of audio files being shared": irrelevant. Many
audio files are perfectly legal to share.
Paragraph 20: "critical to stopping... piracy". Stopping piracy is
essentially impossible, and not all means in attempting to stop it are
justified.
Paragraph 22: "inflicts great harm". Again, very difficult to prove.
It might actually increase demand.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 05:03 PM EDT |
One item that just occurred to me - In Mr. Linares' declaration he is testifying
as a lay witness based on personal knowledge. However, if I understand lay
witness testimony correctly, he doesn't have personal knowledge of the files
that were identified with MediaSentry and reviewed by staff members. (Keep in
mind, this is coming from a tech, not a lawyer) According to paragraph 15:
"The RIAA also listens to the downloaded music files from these users in
order to confirm that they are, indeed, illegal copies of sound recordings whose
copyrights are owned RIAA members. Exhibit A to the Complaint lists the details
of these downloaded music files. In my role as Vice President, Anti-Piracy, I
provide oversight over the review of the lists contained in Exhibit A to the
Complaint and hereby attest to the veracity of those lists."
So, unless I misunderstand the rules of expert vs. lay witnesses, the following
should be the case:
1. Mr. Linares does not have personal knowledge that the files identified on the
Does' computers were in fact downloaded at the dates and times specified in
Exhibit A. Nor does he have personal knowledge that an RIAA employee in fact
listened to the audio files and determined them to be infringing.
2. Mr. Linares does have personal knowledge of his and/or the RIAA's internal
procedures for using MediaSentry to identify infringing material and for RIAA
staff downloading the songs and confirming that they're infringing. However, if
they're written procedures then it would be interesting to see if the published
written procedures match what Mr. Linares says in his declaration. If there are
no written procedures, and he verbally instructs his staff on how to do their
jobs, then how can we be certain that they followed his instructions to the
letter? Considering that the RIAA's record has a few blemishes when it comes to
correctly identifying offenders, their track record plus either discrepancies in
the written procedure, or the lack of a written procedure, could work against
them.
3. Unless MediaSentry is already recognized as a forensically sound tool in the
case's jurisdiction, Mr. Linares' declaration should be accompanied by testimony
from an expert witness affirming that the methods used by MediaSentry and the
RIAA are sound. (Considering the stringent requirements for a forensically sound
analysis tool, I highly doubt this is the case... examples of forensically sound
analysis tools are Encase and Forensic Tool Kit, and both of those had to
undergo rigorous testing before they were admitted in many of the jurisdictions
that recognize them.)
4. In either case, Mr. Linares' declaration should also be accompanied by lay
testimony from the actual RIAA staff member who operated MediaSentry and
downloaded the material, listened to it, and is declaring "Yes, I
downloaded this song and played it, and recognized it to be infringing."
Unless I'm mistaken, Mr. Linares can't claim personal knowledge of the actions
taken by his staff unless he was present and observed the actions taken. That
lay testimony should include the procedures used, down to "I clicked on the
icon for application X, then I downloaded file Y, then I opened file Y using
audio player Z, and I heard the same song as the one referenced by file Y."
Anything less (as far as I know) is not considered personal knowledge, and any
conclusions presented without that personal knowledge would be considered expert
testimony (see above).
Hope this helps...[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 06:34 PM EDT |
Also consider the lack of talent by current artist. This is a direct result of
the music idustry practice of not touching an artist till they have had a
certain amount of airplay. The artist have to pay for this airplay and so
talented poor artist don't get record deals cause they can't afford to buy the
airplay. This has drastically reduce the talent pool in record industy. The drop
in quaility of music has caused a drop in sales. The music industry itself is
cause of decreased sales.[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 09:11 PM EDT |
Point 3
Piracy is the crime of robbery of ships or boats. It has no context in law to
copyright. It would also appear that intellectual property does not feature as
a legal term and is therefore ambiguous.
Law.com …
piracy
n. the crime of robbery of ships or boats on the oceans. Accusation, trial and
punishment of pirates may be under international agreement applicable anywhere,
or under the laws of the particular nation where the accused has been captured.
Point 5
“opportunities for the wide-scale piracy of copyrighted sound recordings”
Very few boats are involved in the Internet. And Piracy is again is not related
to copyright law.
“Once a sound recording has been transformed into an unsecured digital format,
it can be copied further and distributed an unlimited of times over the
Internet, without significant degradation in sound quality.”
Since most recordings are sold on Compact Discs which are already an unsecured
digital format… this sentence seems redundant.
Point 6
“or so-called online media distribution systems.”
So-called seems redundant as the systems distribute media online.
“These included KaZaA, eDonkey, iMesh, Ares, BitTorrent, DirectConnect, and
Gnutella, among others.”
BitTorrent, eDonky and Gnutella are all protocols not networks. An analogy
would be language in comparison to a book.
“At any given moment, millions of people illegally use online media distribution
systems to upload or download copyrighted material.”
No proof given.
Point 8
“The major record companies generally have not authorized their copyrighted
sound recordings to be copied or distributed in unsecured formats … ”
However the major record companies distribute their copyrighted sound
recordings to in unsecured formats.
Point 9
“Online Piracy”
No boats involved.
“The RIAA member companies lose significant revenues on an annual basis due to
the millions of unauthorized downloads and uploads of well-known recordings that
are distributed on P2P networks by infringers”
No evidence given of loss of revenue as a direct result.
Point 11
“…combating copyright piracy, the RIAA retained …”
No boats involved.
“Users of P2P networks can be identified by their IP addresses because each
computer or network device (such as a router) that connects to a P2P network
must have a unique IP address within the Internet to deliver files from one
computer or network device to another. Two computers cannot effectively function
if they are connected to the Internet with the same IP address at the same
time.”
Does not take into consideration technologies such as IP spoofing and Network
address translation where a single IP address can have multiple computers
attached and Computers from the Internet side cannot determine which computer
behind the NAT device they are talking to.
Point 14
“ For each suspected infringer, MediaSentry downloads a number of the music
files that the individual is offering to other users on the P2P network.”
Isn’t that creating an unauthorised copy of a coyrighted work, and therefore
Illegal? Even if MediaSentry have provisions from the recording companys to do
this, can they guarentee that the file is not owned by another copyright holder
who they do not have permission from? Thus a search conducted in this manner,
may violate other entity’s copyrights.
Point 16
“Once provided with the IP address, plus the date and time of the infringing
activity, the infringer's ISP quickly and easily can identify the computer from
which the infringement occurred (and the name and address of the subscriber that
controls that computer), sometimes within matter of minutes.”
This will only identify the first device attached to the internet. Using NAT
any number of other devices could be using this device.
Point 18
“e RIAA downloaded and listened to a representative sample of the music files
being offered for download by each Defendant and was able to confirm that the
files each Defendant was offering for distribution were illegal copies of sound
recordings whose copyrights are owned by RIAA members.”
What happens to the files that are not owned by the plantiff?
Point 20
“critical to stopping the piracy of the RIAA members' copyrighted works.”
No boats involved.
Point 21
“First, every day that copyrighted material is disseminated without the
authorization of the copyright owner, the copyright owner is economically
harmed. Prompt identification of infringers is necessary in order for copyright
owners to take quick action to stop unlawful and dissemination of their works
and minimize their economic loss.”
No evidence of economic loss.
Point 22
“New recordings generally earn a significant portion of their revenue when they
are first released, and copyright piracy during a recording's pre-release or
early release period deprives copyright owners of an important opportunity to
reap the benefits of their labor.”
No boats involved.
If a document has not been released publicly then this is not a copyright issue,
but one of trade secrets. Please use the correct laws.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Tuesday, July 03 2007 @ 09:35 PM EDT |
8.What method did you use to the reach the conclusion that the vast majority of
content that is copied and distributed on P2P networks is unauthorized? What
percentage total data exchange is a vast majority?
What percentage of
the total data exchange via P2p is valid content such as Ubuntu, RedHat and
other major Linux vendors using P2P or other legal content such as home movies
for distribution?
How did you measure the total amount of data
exchanged on P2P networks? How did you measure the total number of copyright
violating distributions?
How can you tell that a file is illegal
copies of your clients works, or other legal files with the similar
names?
Has the RIAA or it's investigators posted files named like they
are copyrighted music files that are in fact just noise and are not copyrighted
works?
How much "fake" content has been distributed into the P2P
networks by the RIAA, it's member companies and it's agents?
What
percentage of the total exchange of works on the P2P systems is made up of these
"fake" files?
That was a hell of an assertion he made in saying that
"the vast majority of P2P content is unauthorized". In fact it an out and out
lie.
11.What method does your investigator use to verify that ALL the
files names listed are in fact copyrighted works for which your member companies
are the copyright holder and not files with similar names or in fact bogus
files?
Does the RIAA conduct quality assurance checks of their
independent investigator to ensure they are validating every file claimed as
infringing?
What kind of failure rate has the RIAA had in identifying
the correct individuals?
How many times has the RIAA admitted in court
or in settlement discussions that the wrong person was identified?
How
many suits has the RIAA dropped before a verdict could be reached.
In
these cases what was the reason the case was dropped?
12.In fact two
computers with the same IP can connect to the internet, traffic routing will be
essentially random as to which computer receives with response and lots of lost
packets will be transmitted but in fact the internet doesn't break or crash or
refuse to function if two people with the same IP are connected at the same
time. This doesn't even take into account hacking measures like IP
spoofing.
It's also possible to use someone else's IP address that is
not currently using their assigned address without any of the network problems
two simultaneous users will encounter. In fact without direct and hard coded
assignment of IP address (and routers that won't route improperly assigned IP
addresses) to a single fixed hardware point the IP is easy to spoof and
instructions for doing so are contained on numerous public websites and are a
weakness of TCP/IP protocol that is likely documented in the RFC's (detailed
technical publications on the specifications of the internet so that different
programs/os's can communicate).
Two computers cannot effectively
function if they are connected to the Internet with the same IP address at the
same time.
This would depend on your definition of effective, but
if both computers are trying to exchange large amounts of network traffic while
having the same IP the result would make it nearly impossible to receive
anything or might not even be noticed as it depends on the network configuration
and routing tables in between. If one computer is exchanging very little data
the problem would be almost unnoticed to both individuals operating the
computers.
This is analogous to the telephone system where each
location has a unique number.
Except that the telephone number can
change at almost any time without the user or the person the user is serving
noticing. That the user can hard code a different IP address into their system
unless the operator of the network hard-codes IP addresses to physical ports on
the network. And the fact that if the owner of the IP is in fact operating an
open wireless network access point that anyone can connect to, he is in essence
sharing his phone number (intentionally or unintentionally, because most routers
come configured to be open) with everyone who wants to use it.
The
network provider may or may not log allocation of IP addresses, but assuming
they do, if they don't have a central time server, that is synced to an atomic
clock or other reliable source of time information, that ensures that the DHCP
servers are operating on the same time as every other server then the logs would
be inaccurate and essentially worthless in identifying the correct account
holder of the IP.
Does the RIAA or it's investigators verify that the
organization they are subpoenaing is in fact running a central time server that
maintains accurate time/date stamps on all transactions, and that the time
server is verified periodically and was in fact guaranteed accurate during the
time the RIAA logged their alleged instance of violation?
13.This is
providing that they actually verified the files by means other than name (as the
are assert initially), and that the IP address being used is being used by the
actual person the network provider says is using it (ie someone else isn't using
the IP address and that the owner of the IP has not been hacked, or had their
computer compromised, or is not running an open wireless network). Otherwise the
infringer is someone other than the owner of the IP.
14.In essence they
are saying they downloaded only a couple, so in fact they only have proof of at
most a couple of files and claim the rest of the list is owned by them (based
only on title). This is completely unethical and likely a violation of federal
civil procedures as the RIAA cannot attest other than by circumstantial evidence
to ownership of the rest of the file names.
16.As with above, how are
they verifying that the IP address wasn't occupied by another user on the
network or that there weren't two people using the same IP? Although an ISP may
log the DHCP transactions, the logs are meaningless if the user hard codes an IP
in or the time/date stamp is wrong. This also makes their "investigation" rely
totally on the input of an outsider that the RIAA cannot verify and for which
the RIAA cannot assert is correct as it was provided by a third party. They
would in fact need a sworn affidavit from someone at the ISP that can affirm
that no one else could have been using the IP and that their system doesn't
allow the user to change their IP to something else and it automatically
prevents open wireless routers (ie. if they borrow the neighbors IP while they
are on vacation it won't work). This proof has to be 100% in my opinion (the
court might not agree) and an IP address isn't a divers license number or a
telephone number. It can be dynamically changed, shared and compromised and
because of that no evidence based on IP alone should be admissible without much
much more tangible evidence (such as inspection of the computer in question that
provides real proof). Maybe the suit provides that opportunity to analyze the
computer, but without that analysis their evidence is at best hearsay, at worst
openly false.
17. What Verizon agrees to isn't necessarily what is
legal and sets no legal precedent without a court ruling (which I don't believe
occurred in the Verizon suit).
19. The number of SUSPECTED files, not
the number of actual files in violation. And once owner information is obtained
they seek to sue an individual based on hearsay (unless the ISP or network
provider swears that no other PERSON could have possibly been using the IP
address other than the on record account holder. This is impossible for the
network provider to assert as they are not aware of the status of the computer
of the user in question (or even if they have an open wireless access point,
compromised system, etc..)
20. Considering this campaign has been
ongoing for over 3 years there appears to be no expediency otherwise everyone
would have been sued at the same time, in fact the legal action that could
result would be far more damaging to the individual rather than the RIAA and
would in fact be so highly prejudicial as in fact to make it impossible for the
defendant to mount an adequate defense. To avoid prejudicial damage to the
individuals the court must be certain that information obtained will in fact
confirm with 100% certainty that the individual that is identified was in fact
the individual that the RIAA's independent investigator purportedly
identified.
22. What files are newly released are contained in the list
of files? They don't provide the list but make the blanket claim that they need
expediency to ensure new works don't lose money. So the question is what are the
new works, what is the artist, title and release date, and did the independent
investigator verify these new releases are accurate with the file names on the
computer or is it just a list of names that might be, or might not be owned by
the copyright holder? I don't see how they claim this requires expediency
without identifying actual songs they feel are threatened especially when they
claim so many people are involved.
23. As said above, the potential
defendants are registered students at a public University, and whether the
information is provided now or a year from now it's not going to change the
knowledge that the university has about the person using the IP address. To make
a point, the university is almost unique in it's ability to identify an
individual right down to their social security number, such that even if a
student graduates they will be easy to locate. And as I said it's all hearsay
anyway without a means to verify that the exact computer offering files is the
one owned by the person allegedly assigned the IP address in
question.
24. A much less prejudicial ruling to the defendants would be
to order the university to retain the information until the RIAA can prove that
the information they will obtain will be 100% accurate in identification. As a
large civil lawsuit against a college student with limited financial resources
could in fact force the student to drop out of school and ruin their earning
potential for the rest of their lives. At the very least it has the potential to
delay graduation and cost the student upwards of 100's of thousands of dollars
of lost earning potential. The judge could also order the suspension of the
internet access to the person's identified, which if they are in fact hosting
the files would eliminate the problem while the suit is settled (but I
personally believe that action is also highly prejudicial against the students.
The only reason to provide the information without proper verification would be
to catch the students while they are still financially vulnerable and more
likely to settle to avoid an expensive trial.
"I declare under
penalty of perjury under the laws of the United States that the foregoing is
true and correct.
Executed on April 26, 2007 in Washington,
D.C.
__[signature]___
Carlos Linares"
He perjured himself
with his statements about IP addresses only working on one computer, either that
or her perjured himself by swearing he has the technical expertise to manage
this campaign.[ Reply to This | # ]
|
|
Authored by: LaurenceTux on Tuesday, July 03 2007 @ 09:42 PM EDT |
what i would like to see is them doing an RDNS on the ips WHEN THEY HAVE A
"VIOLATION" (of course this assumes the RDNS info would map to a
person/computer)[ Reply to This | # ]
|
|
Authored by: LaurenceTux on Tuesday, July 03 2007 @ 10:00 PM EDT |
oh a trick with RDNS
cpe-xxx-xxx-xxx-xxx.triad.res.rr.com this is (my btw) an RDNS showing a home
cable modem (note the CPE part that = Customer Premises Equipment and the
res-idental bit) bonus points if you can figure out where and what company
(side note the xxx parts are actually the ip address)[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 12:59 AM EDT |
Unless Mr. Linares is 1) a lawyer and 2) an expert in most of the technical
subjects he discusses, the entire document should be challenged (and stricken),
piece by piece, as hearsay. Why is it not Media Sentry that is describing their
techniques [ah, there it is, hide the questionable techniques behind
hearsay]? Why is not a real networking/Internet expert describing the
technical details used for the Media Sentry "investigations" [oh, probably
the techniques are known to be questionable at best, maybe]? Why is Mr.
Linares justifying the legal aspects of the approach [Anything is worth a try
when you might lose]?
The arguments, thinly veiled as narrative,
proceed from a number of questionable technical statements, that are not backed
up by (any) sufficiently accurate facts, to a description of a second party's
"methods" for investigation, and then to a justification of those methods --
based on allegedly similar approaches with wiretaps and other fixed-address
investigative techniques. The analogies between phone numbers and IP addresses
are a false basis for the remainder of the arguments, er, narrative. This also
goes for the description of the Internet and P2P technology.
In short,
this is not direct knowledge on the part of Mr. Linares, and any sufficiently
qualified (read: real) technical expert will tell you that the narration of the
technical details is over-simplified and just plain inaccurate. In reality,
this doesn't even qualify as good quality second-hand narration of
technical details, it appears to border on intentional obfuscation. As I
understand it, narration by a non expert, such as Mr. Linares, does not qualify
as anything but second-hand mumblings put to paper and filed with the court (are
you listening MOG?). This particular set of second-hand mumblings should not
qualify under FRCP as evidence for anything but the desperation of the mumblers,
and an attempt at justifying the psuedo-technical basis for the investigative
methods, the details of which they are trying to hide.
Honestly, this
RIAA stuff is a little slicker than the "normal" tSCOG pleadings (stallings?),
but not by much -- but they are just as evil. Do these guys go to the same
dark-side tactical law classes, where they learn to play fast-and-loose with
selective shadings of near truth? I personally would subpoena Media Sentry,
their "experts", and their "methods" and have them examined by real experts
first hand. Drag the whole faulty, intellectually dishonest mess into the
light of day, and beat it repeatedly with expert clue sticks until it succumbs.
Don't accept Mr. Linares' word for anything -- and certainly avoid letting him
and his lawyers get this load of tripe onto the record.
To summarize:
this is just a poorly disguised attempt to enter psuedo-legal and
psuedo-technical psuedo-expert testimony onto the real court record, no doubt to
be used later in support of the allegedly valid investigative techniques used by
Media Sentry [without needing to disclose those methods or address real
technical issues with them]. Get it stricken before it is (improperly) used
against you and your clients. In the alternative, it might be fun to preserve
minimal portions of the document, in order to put Mr. Linares on the stand and
dissect his technical and legal qualifications in front of a jury --
particularly if the defendant is an out-of-work, disabled, single mother or a 10
year-old emotionally handicapped child.
I am not now, nor have I ever
been a lawyer. I am, however, sick to death of seeing legal and standards
processes subverted by people who would better serve society by finding another
career at the local used car lot or at the local dump (apologies to good
used-car sales professionals and sanitary engineers). This kind of stuff just
frosts my cookies. Remember, my advice is worth what you paid for it. .
.(-;]>
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 01:52 AM EDT |
Application-level multicast, like BitTorrent, is increasingly used to distribute
files in HPC clusters.
See this
paper on the "Rocks Avalanche Installer" and
the OSCAR Installation Manual as two examples.
-- dnl
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 04:56 AM EDT |
<blockquote>9. The scope of online piracy of copyrighted works cannot be
underestimated.</blockquote>
True. It seems very easy to overestimate it. The RIAA has in fact vastly
overestimated the scope of online piracy. They said the opposite of what they
meant. :-)
<blockquote>The RIAA member companies lose significant revenues on an
annual basis</blockquote>
Conclusory and false. Papers have been written showing that that most downloads
do not replace sales by the RIAA.
<blockquote> due to the millions of unauthorized downloads and uploads of
well-known recordings that are distributed on P2P networks by infringers who, in
virtually all cases, have the ability to maintain their anonymity to all but the
Internet Service Provider ("ISP") they use to supply them with access
to the Internet.</blockquote>
[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 10:15 AM EDT |
http://www.zeropaid.com/ne
ws/story.php?id=8877
"MediaDefender Inc, the 'leading provider of
anti-piracy solutions in the emerging Internet-Piracy-Prevention (IPP) industry'
has launched a website called 'MiiVi' dedicated to busting those who both like
to download copyrighted content as well as those who already have." [ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 11:04 AM EDT |
Here's another thought: if the campus residential network had more than one
student machine exchanging data with MediaSentry at the same time, it would be
difficult (at best) for someone to determine which machine was which, even if
they had the necessary logs. Say you have StudentA and StudentB, both using
Gnutella as their peer to peer software. The RIAA has communication going on
with both students, but infringing material is only downloaded from StudentA.
The logs would show both students communicating with MEdiaSentry, but they
wouldn't show which one was involved in the data transfer.[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 03:43 PM EDT |
8...The RIAA downloadedand listened to a representative sample of
the music files being offered for download by each
Defendant...
With regard to sampling, consider the 1936 US
Presidential election. In a "poll" of a magazine's subscribers - that same
group who had accurately predicted the 1932 election - the result was predicted
as Landon 370, Roosevelt 161. However, Roosevelt was elected US
President![1][2]
What means was used to ensure it is a
representative sample and what confidence level is given to the sample
results?
[1] "How to lie with Statistics" by Darrell Huff, ISBN
0-14-021300-7. An excellent book for making anyone weary of any statistic that
isn't properly stated.
[2] The reasons behind that error are not applicable
here, but it is an example that shows that a sample may not be all it's cracked
up to be.[3]
[3] Elsewhere in the book a possible example is given whereby
"A recent trial of ..." means "We did the trial repeatedly until we got a result
we could show to be true and was the result we wanted; all the previous,
non-fitting, trials were discarded"[ Reply to This | # ]
|
|
Authored by: Anonymous on Wednesday, July 04 2007 @ 08:44 PM EDT |
The lack of ability to prove a particular person was using a computer is
probably not relevant. Has anybody actually read the fine print in their
contract with their ISP? It almost certainly contains wording such as "the
account holder is responsible for all use and misuse of the facility".
Period. Doesn't matter if your kid or neighbor did it -- you almost certainly
signed something that says you are legally responsible.
I agree that ISP logs may not be in time sync, but they all have to keep them
for the DHS (spying on americans by americans).
[ Reply to This | # ]
|
|
Authored by: BitOBear on Friday, July 06 2007 @ 07:46 PM EDT |
The key to understanding why all the _technical_ assertions of this declaration
is bunk can be summed up in one word. "Addresses". Internet Protocol
_Addresses_ are _Addresses_ and are not analogous to phone numbers nor
identities, because computers are _originations_ and _destinations_ for data as
far as the internet is concerned.
Lets do the exercise till it makes sense...
Item: How many pieces of mail out in the world may simultaneously be en-route to
my home _address_? My business _address_? The number of simultaneous, discrete
operations on "my address" in the postal system, and the legal system,
are largely bounded by the ability of the paper manufacturers to make paper.
No. In practice, at any given moment, it is unlikely that more that a couple of
hundred pieces of mail are coming my way at any one time, and the system works
because even if hundreds of things are coming, they will likely not arrive all
at once, so my mailbox and mail carrier is/are typically sufficient.
Item: is every piece of mail that has my address as the source (return) address
actually coming from my house? No. Anybody can put my address in the return
address spot on an envelope and send it. I can also put my address on an
envelope but then mail it from my car or office. So the "source
address" of any one item isn't necessarily an honest indication of the
actual point where the item entered the system.
Item: Does an _address_ map to a person? No. There may be more than one person
at an address and I constantly get mail for people who previously had my
address, and I regularly get mail for people who have _never_ had my address.
The LAW _already_ knows that addresses do not map to people, which is why
lawyers pay out hefty sums to process servers and such.
Item: does the address on a package uniquely identify the real world location of
a recipient? No. Again, the law knows this already, but let us complete the
exercise. If you send something to "BitOBear, His Employer,Some Building,
Renton, WA" it _could_ land right in my lap if I pick up the mail. More
likely it will land in the lap of His Employer's mail room staff at Some
Building. They will recognize BitOBear and internally re-address the item to me
even though I may be in another building or even another state, but at that
point the burden of getting the item to me is on the Employer and not the postal
service. The item may even be put in a box with other items and re-mailed to
the other building.
It's even more clear if my address is obviously a P.O.Box where _nobody_
possibly could be, and so on.
So in your head, forgetting computers completely, the idea of what can and
cannot be known from "an address" is a complete idea.
Now put "internet protocol" back in front of "address".
Nothing about "address" inherently changes. This is why the word
"address" was chosen in the first place. It accurately describes the
transaction.
Each Internet Protocol Address uniquely defines a logical point of presence on
(or a connection to) the internet. Because of the way things are organized by
"network and subnetwork" (a la state and zip/postal-code etc) the
outer bits tell where the item is going "in general" and as you work
your way in through the bits you get more and more specific. An IP address like
10.24.118.6 might as well (by imperfect analogy) be
"USA.Washington.Third_Avenue.2600". It is more correct to use
business names like
MCI_Worldcom.East_Coast_Businesses.Some_Customer.Some_Apparent_Device".
(I'm still over-simplifying there, but it is close enough for this analysis.)
Its even messier than that because the address of Some_Device may not be the
_only_ address of Some_Device. Any one device may have multiple addresses.
Further, any address may be fronting for a number of different devices. That
sounds wrong, but it isn't, nor is it that confusing. This is _exactly_ like
the corporate mail room. One mail room may serve to reprocess mail for many
entities. In the case of something like a Mailboxes Etc store, that address and
service may service large numbers of wholly unrelated entities (which is part of
how some Internet Service Providers operate).
Concrete example: My singular IP address, which may change at any time in
theory, but which tends to stay the same because of the "always on"
nature of my broadband connection, services four other permenantly connected
desktop computers representing myself and my four tenants (two of whom are
married and share one computer). It also services my wireless network which is
used near-full-time by two laptops (my living room laptop and the
"spare" computer used by the married couple), it also services two
SlimDevices media players (the main stereo in the common room and my bedroom
speakers). It also semi-regularly services guests to my home. I havent seen
any drive-bys but they are possible too.
This multi-use is facilitated by my firewall device. My mail room. It
_rewrites_ the packets going through it to replace the "private
addresses" (e.g. internal addresses) with the "public address" as
packets leave, and reverses that action as recognizable responses return. So
one IP address is servicing many people and devices. This isn't magic because,
as you use a name like BitOBear to find me at my company, you use "port
numbers" along with source and destination addresses on the internet to
tell which thing/conversation/whatever the data is _really_ for. So the
firewall/router/gateway thing that answers to my Internet Protocol Address
_deliberately_ _lies_ to the internet so that data can flow to and from it as if
it were one machine, but only it knows what the real machine is behind the lie,
and it doesn't _save_ that information after the conversation is over. The
thing is designed to work that way.
Additionally, one of my room mates wants us to get another IP address so he can
put up a web site for his World Of Warcraft clan. (I know, someone kill me...
8-) If I were to assent to that my very same firewall would use both addresses
at the same time, but it would "know" to send incoming web requests
(e.g. those asking for that address and port 80) directly to his computer. It
would still be one public device on the internet, but it would be doing its
lying for two IP addresses in front and still the 9+ computers on the back
side.
It's all very mix and match, since that is part of how the internet "routes
around damage and censorship by design".
====
All the stuff about "lots of phones but only one call at a time" are
insufferably and unaddressably wrong. Every time you are using your computer
with more than one browser open (or when outlook or whatever checks for new mail
while you are on the web or whatever) you put the obvious lie to that clueless
assertion. In fact, web pages with more than simple text on them (like Groklaw
here) typically cause a whole bunch of discrete simultaneous connections between
the server and client. To see this use slow dialup to surf the web. You will
see your browser "slowly but simultaneously filling" graphics and
buttons as complex pages load. This happens because your computer, in response
to your one click, will make several "simultaneous calls" to the web
server.
Really, the declaration is _that_ wrong in its technical analysis.
====
So, the internet works by ports at addresses, the same way the postal mail works
by names at addresses. All the same foibles and possibilities. If the
assertions made about "analizing a packet" wouldn't work for
"analyzing an envelope" then they are just as false. Names and
Addresses only identify people in the abstract but not to any legal certainty,
and _anyone_ can send a packet/envelope that claims to be from me, and _anyone_
can send unsolicited packets to me without my knowledge or consent.
In the land of computers we have put together Public Key Signing for the same
reason that in the land of paper we have Signed Documents and Notary Publics.
Just because a packet appears to be to or from someone doesn't mean it
legitimately is. Hackers spoof and lie and people just plain screw up, just
like in life.
When a school says "at such and such a time, according to our records, we
_meant_ to map external IP address this-or-that to the internal address we
normally give to student Bob" doesn't mean that at the actual moment of
event, Bob's computer (which _still_ isn't Bob) was the one using the internal
address. Achieving that level of certainty on a nontrivial internal network is
prohibitively expensive, and even if you do it, Bob might _still_ be using his
internal address with a wireless router with it's own set of more-internal
addresses that his friend from across the hall might then be using (and so
forth).
The deposition is bunk.
Just focus on the word address, and what you know about addresses in the real
world, and it will all remain clear.
[ Reply to This | # ]
|
|
Authored by: Anonymous on Saturday, July 07 2007 @ 02:49 PM EDT |
A much better analogy to computers and IP address is cars and license plates.
Basically what we have here is testimony that MediaSentry pointed a radar gun at
a car, recorded the speed of the car along with the time, date and license
plate, and claim it was speeding. Even if we assume that their methods are
accurate (the radar gun is calibrated, they pointed it at the right car, they
didn't mess up copying down the license plate, etc) it only establishes that the
car they saw was speeding. It's a much bigger step to claim that the owner of
the car actually registered with that plate was speeding. Maybe a friend or
family member was using the car at the time (friends and family use your
computer too). Maybe the car was stolen (Trojans and worms). Maybe the plates
were stolen (insecure wifi). Maybe the DMV screwed up and issued 2 cars the
same plates (DHCP issues perhaps, rather unlikely I admit). Maybe someone made
fake plates to cover up their real ones (IP spoofing). Maybe it's a company car
that many people use regularly (NAT). Maybe the plates were issued from another
state/country and just happened to have the same number (Some countries don't
honor how the current IPv4 address space is assigned). In short, while it may
be likely that it was indeed the owner who was speeding, it is certainly not
definitive proof.[ Reply to This | # ]
|
|
Authored by: afruss on Monday, July 09 2007 @ 07:44 AM EDT |
Others have already pointed out some of the flaws in Paragraph 16, but I want to
emphasise some of the points.
The ISP may be able to identify the subscriber to
the IP address that was used, but:
All traffic passes through a number of
routers in the literal 'web' of the internet, Every one of those routers may
corrupt and lie about where those packets came from (a common instance of this
lying is the NAT technology identified in Paragraph 12, another is the secure
Virtual Private Network technology).
The endpoint computer that holds the
files identified is not necessarily on the subscribers premises, the internet
can route the packets to another location using the same internet that brought
the data in the first place.
For instance in a chapter of the book
Stealin
g The Network: How To Own The Box the author, FX a security researcher tells
the story of how the protagonist hacked a HP printer and used the printer to
re-route the networks traffic to the internet before returning it and forwarding
it onwards to the correct destination. This is a technically feasible, although
explaining it in a courtroom would take courage ;). Do you own a HP printer, do
you have anti-virus software on it?
An important scenario as mentioned in
comments above is that the subscriber could have a 'freeloader' using their
internet connection over a 'Wi-Fi Router' shared insecurely to the neighbours.
This could even be a voluntary and legal choice by the subscriber, there are
even networks that specialise in it. All of these WiFi Routers automatically
make allowance for multiple computers behind their NAT software and can easily
allow 2 or more computers to share independently and in parallel via P2P
software.
A cracker/hacker/bot-herder may be controlling the computer for
the purposes of this P2P software such that the owner may not know what software
is installed and what their internet connection is being used for.
As others
have mentioned, Mesia-sentry's and ISPs logs must be accurate, especially for
time and date recording. Their routers must not be compromised, ask if there was
any identified hacks into *any* of their systems especially routers during the
time involved. Also ask if anyone could hijack an IP address without the ISP
knowledge, some networks might not detect an IP address that isn't oficially
allocated, but is sort of stolen by another person on the network. Although it
is 5yr or more since I have heard of that problem.
So succinctly, the IP
address and time is only a tenuous indication of where the packets were routed.
Only a guess of the endpoint computer, which may not be owned by the subscriber,
controlled by the subscriber even if it was notionally in the subscribers
possession.
It also seems as if they cannot prove copyright infringement
from only file-names of mp3's. There is an implication that they listen to some
of them, but I would think that unless each file is verified by ear or
sophisticated music comparer with a copy of the actual file (or start thereof)
stored for evidentiary purposes, the claim of copyright infringement should be
impossible.
Song names have lots of ambiguity, and it is conceivable that a
legitimate derivative work such as satire might use the same song names.
[ Reply to This | # ]
|
|
|
|
|