tag:blogger.com,1999:blog-15479871.post7428208752018617566..comments2024-03-22T03:28:24.897-04:00Comments on Recording Industry vs The People: Excellent article on Arizona cases in the Tucson Weeklyraybeckermanhttp://www.blogger.com/profile/11063235302436280455noreply@blogger.comBlogger10125tag:blogger.com,1999:blog-15479871.post-3139110031335988202008-03-05T13:31:00.000-05:002008-03-05T13:31:00.000-05:00KM, great post.I do various tech support for a liv...KM, great post.<BR/><BR/>I do various tech support for a living, but I specialize in network and computer security. There's one thing I have yet to see mentioned in these cases.<BR/><BR/>The average computer is infested with large amount of spyware, viruses, and most importantly in regards to RIAA cases, spambots. A spambot gets its instructions from someone else (a "hacker" or spammer of various sorts) and sends spam on their behalf, by making the computer a proxy - effectively using that computer as a NAT - and using that person's internet connection for their own use.<BR/><BR/>I don't specifically know that any of the botnets made up of infected computers are doing this, but it would be trivially easy to use a infected computer as a proxy to download _and_upload_ to a p2p network.<BR/><BR/>Even if the ISP's records are perfect and the MediaSentry information of what IP address they saw they were connected to is accurate, there can still be a significant amount of doubt that the computer identified was actually the one sharing the music.<BR/><BR/>-JoshAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-49749795116151673992008-03-03T00:11:00.000-05:002008-03-03T00:11:00.000-05:00>>I note that you didn't even get into NAT..Absolu...>>I note that you didn't even get into NAT..<BR/><BR/>Absolutely. A bit too in-depth. I would posit that the RIAA's investigators wouldn't even know if NAT was being used behind a router or cable modem with a DHCP assigned address. Identification gets even shakier when there are multiple internal systems being routed through the device which rec'd the ISP's DHCP assigned address. Uh, which one?<BR/><BR/>I believe that there are huge holes in the RIAA's attempts to identify offending/P2P sharing individuals, even with craven ISP assistance, using TCP/IP addresses and online noms-de-web. <BR/><BR/>After all, our system of justice says the burden of proof is on the accuser, and that there should be no conviction if there's any doubt.. there's enough logic holes in the RIAA's investigations to obviate any convictions whatsoever.<BR/><BR/>I'd love to be available to a defending attorney in one of these cases, either as a background researcher, feeding the attorney pointed questions for the ISP, or as an expert witness. If anyone wishes to contact me for this or related issues, enter a reply to this with your email address. <BR/><BR/>-KM<BR/>ArizonaAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-77462880119291567752008-03-02T02:37:00.000-05:002008-03-02T02:37:00.000-05:00KM,Very good summary of the state of Internet conn...KM,<BR/><BR/>Very good summary of the state of Internet connection in Arizona, and generally the nation as a whole.<BR/><BR/>I note that you didn't even get into NAT, which is (to use the flawed analogy) like a whole bunch of extension phones all on the same IP, er phone, number. Just another level of complication to this whole mess, but with the way IPv4 addresses are getting used up, and IPv6 is still not ready for prime time, may have the cable companies NATing entire cable loops of a couple hundred subscribers each. Solve that one, MediaSentry.<BR/><BR/>XK-EAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-51536216338781802282008-03-02T00:16:00.000-05:002008-03-02T00:16:00.000-05:00Following up on KM's analogies, instead of just po...Following up on KM's analogies, instead of just pointing out how hard it is to ID a specific IP address is compared to a telephone number, you can make this analogy: <B>A person is related to a telephone number</B> as is <B>an IP address is related to the number of a pay telephone that periodically moves to a different location at random intervals.</B> <BR/><BR/>I still feel the telephone number analogy fails at this: call my home number and accurately tell me which of the 4 persons who reside here will pick up the handset. They <I>still</I> haven't bothered to really identify the computer they claim infringed/distributed/whatever beyond the shaky tag of an IP address, which should be fairly simple if they claim to have enough evidence to prove their case.<BR/><BR/>ZHAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-36550244101470786002008-03-01T12:24:00.000-05:002008-03-01T12:24:00.000-05:00I am a musician, composer, and have been designing...I am a musician, composer, and have been designing computer networks since the late 1980’s. I was a top consultant for a major computer company, have worked as a network designer and implementer for a multinational, and have worked as technical support in an Internet Service Provider (ISP). I read this week’s article on the RIAA’s ongoing efforts to quash free use of the Internet. I see some technical holes in the way they are proceeding, and I hope some of the following is useful.<BR/><BR/>First, some background, Each computer connected to the Internet must have a unique TCP/IP address which identifies it . While it’s tempting to use the computer-as-telephone analogy, where the TCP/IP address is the equivalent of a telephone number, it breaks down almost immediately - because unlike a telephone number, an individual’s computer may have a different address every time they ‘make a call’ or connect to the Internet.<BR/><BR/>The RIAA’s watchdogs are dependent upon address discovery, and then pressure the ISP to provide the subscriber name and address based on the apparent TCP/IP address at the time of the alleged file-sharing offense. The onus is on the accuser to prove a specific subscriber had a specific TCP/IP address on a specific date or range of dates. This may prove to be difficult.<BR/><BR/>Each Internet Service Provider is assigned a range of addresses for their user base, and is responsible for assigning them. Keeping in mind that each system must have a unique address, there are two ways to assign TCP/IP addresses - ‘fixed’ and ‘DHCP’. <BR/><BR/>‘Fixed’ addresses are permanently assigned to the end user computer, as long as they are with that ISP. A fixed address is generally an extra-cost option. Because of this, each ISP keeps this information as part of a subscriber’s customer record. Only a tiny minority of ISP subscribers ever get a fixed or permanent TCP/IP address.<BR/><BR/>‘DHCP’ stands for ‘dynamic host configuration protocol’, and is a scheme where an end user system requests a TCP/IP address from a DHCP server computer, operated by the ISP. The ‘dynamic’ part of the name is where the RIAA’s identification process breaks down - because while DHCP addresses putatively have a ‘lease’, or period of time, such as 30 days, on the same system, this lease may be broken at any time, and the address reassigned.<BR/><BR/>Most end users these days are utilizing DHCP assigned addresses.<BR/><BR/>Dialup customers<BR/>While their bandwidth is too low for them to truly participate in any kind of P2P networking, their computers can receive a different TCP/IP address literally every time they dial into their ISP’s phone bank. These ephemeral address assignments are not generally stored by an ISP, in that they change constantly. So if a person accused by the RIAA is on dialup, it would be nearly impossible to prove they had a specific TCP/IP address on any specific date.<BR/><BR/>Cable <BR/>The two Arizona cable companies I am familiar with are Comcast and Cox. Neither of them offer fixed addresses, so all are DHCP assigned. It is possible to force a new address request assignment by simply powering one’s cable modem off and on. So it would be a simple challenge to the IT management of the cable company to prove a a specific subscriber had a specific TCP/IP address on a specific date or range of dates. Unless their record-keeping is superb, they will not be able to attest this.<BR/><BR/>DSL<BR/>In Tucson, Qwest offers DSL service over telephone lines. It is possible to have an ISP who leases DSL bandwidth from Qwest, such as Nationwide Internet (www.theriver.com). In this case Nationwide does the assignment, and again, fixed addresses are an extra cost option, used by a tiny minority of subscribers. So most users have dynamic addresses. As with a cable modem, it is possible to trigger a new DHCP address assignment by simply powering the DSL modem off and on again.<BR/><BR/>Wireless<BR/>There are two types of Wi-Fi hot spots - in the home or office, and in public locations. In the home, even if a (portable) computer is wirelessly connected, it is obtaining its TCP/IP address dynamically from the locale’s WiFi transponder (connected to cable or DSL) using an address range provided by their ISP. Standard DHCP.<BR/><BR/>Away from home, in public WiFi hotspots, the portable computer requests and receives a temporary address assigned from that locale’s range of TCP/IP addresses, and loses that assignment as soon as it is powered off or moved out of range of the WiFi transponder(s).<BR/><BR/>.....<BR/><BR/>In summary, the vast majority of individual computers connected to the Internet are using temporary or dynamic addresses. While these dynamic assignments have ‘leases’, or spans of time, we’ve seen that it’s possible to get a different dynamic address at almost any time. <BR/><BR/>Since the RIAA depends upon connecting a specific address to a specific person, the obvious tactic would be to query the accused’s ISP closely regarding their policies and audit trail of these assignments. Even if the RIAA’s investigators (illegally?) break into a computer, guided solely by the TCP/IP address, and DO find shared music or movie directories, unless the computer is taken and contents examined as evidence, the connection between the computer and the person is provided solely by the ISP’s possibly-faulty audit archives. In most cases I believe the ISP will finally state that they have no way of really knowing if a specific individual happened to be using a specific DHCP assigned TCP/IP address on any specific date.<BR/><BR/>-KM<BR/>Tucson AZAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-30261641549530617572008-02-28T16:01:00.000-05:002008-02-28T16:01:00.000-05:00MediaSentry searches America's hard drives for mus...<B>MediaSentry searches America's hard drives for music files being shared via the Internet.</B><BR/><BR/>I would call that statement into question. MediaSentry searches for music files <I>available for any reason</I> via the Internet. There's a difference.<BR/><BR/>-DMAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-86823377348975465832008-02-28T15:25:00.000-05:002008-02-28T15:25:00.000-05:00jquilty:they don't care who you are or what your f...jquilty:<BR/><BR/><I>they don't care who you are or what your financial situation is.</I><BR/><BR/>Not true at all. If you're the son of a record company president, you'll get a strong talking-to in lieu of a lawsuit.<BR/><BR/>-DMAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-86935425196897521302008-02-27T22:36:00.000-05:002008-02-27T22:36:00.000-05:00cranky guy -- I laughed too, but in context, it's ...cranky guy -- I laughed too, but in context, it's just saying that they don't care who you are or what your financial situation is. <BR/><BR/>I also laughed at how MediaSentry unsurprisingly refused to return their calls over being a licensed investigator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-85273685424518774842008-02-27T22:31:00.000-05:002008-02-27T22:31:00.000-05:00That is truly an interesting thing for an RIAA fla...That is truly an interesting thing for an RIAA flak to say, isnt it?<BR/><BR/>-CrusherAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-15479871.post-68526056569215728212008-02-27T22:11:00.000-05:002008-02-27T22:11:00.000-05:00My favorite part of the article is this quote:"We ...My favorite part of the article is this quote:<BR/><BR/>"We have no way of knowing who is behind an IP address...." - Cara Duckworth, a spokesperson for the RIAAAnonymousnoreply@blogger.com