DoS attacks on P2P networks by copyright holders is a go...
June 26, 2002 8:11 AM Subscribe
DoS attacks on P2P networks by copyright holders is a go... Well not yet, but Rep. Howard Berman (D- Calif.) has submitted a bill for review that would in effect provide the RIAA with a legal path to "hack" file sharing networks via DoS attacks.
The article says absolutely nothing about legalizing DoS attacks. A direct quote: "His bill would allow copyright holders to set up decoy files and use other techno-tricks like file-blocking and redirection to throw P2P pirates off the trail..."
With or without this legislation, copyright owners have no legal right to affect a filesharing network in any way other than to protect their copyrights. To DoS an entire server would mean shutting down access to materials in the public domain and materials copyright owners have volunteered to share. Ergo, I seriously doubt DoS attacks will be legalized, as indicated by the information you've manufactured for the sake of sensationalizing your post.
posted by Danelope at 8:26 AM on June 26, 2002
With or without this legislation, copyright owners have no legal right to affect a filesharing network in any way other than to protect their copyrights. To DoS an entire server would mean shutting down access to materials in the public domain and materials copyright owners have volunteered to share. Ergo, I seriously doubt DoS attacks will be legalized, as indicated by the information you've manufactured for the sake of sensationalizing your post.
posted by Danelope at 8:26 AM on June 26, 2002
The decoy problem is easily solved. Rather than returning "Yes, I have it" or "No, I don't", a 'peer' should return the file CRC or "No, I don't". Then the CRCs can be compared and sorted.
If, for instance, there is one version of "A Little Less Conversation" that is 'most desired' (ie, it's the real song at 128k bitrate), then most people will probably have it, because if they've gotten something else, a static track spoofed by a RIAA server or something, then as soon as they get around to listening to it, they will delete it.
I speculate that the network would end up showing about 95% 'valid' CRC, and 5% miscellaneous spoofs, low bitrate recordings, etc. Normally an early version would propagate through this system, whether it's ideal or not, but over time people would delete versions that are less desirable than the version they presently have.
The flaw in the system is people's 'tidiness' in listening to the MP3's they serve and download, and deleting the crap.
Ash.
posted by aeschenkarnos at 8:43 AM on June 26, 2002
If, for instance, there is one version of "A Little Less Conversation" that is 'most desired' (ie, it's the real song at 128k bitrate), then most people will probably have it, because if they've gotten something else, a static track spoofed by a RIAA server or something, then as soon as they get around to listening to it, they will delete it.
I speculate that the network would end up showing about 95% 'valid' CRC, and 5% miscellaneous spoofs, low bitrate recordings, etc. Normally an early version would propagate through this system, whether it's ideal or not, but over time people would delete versions that are less desirable than the version they presently have.
The flaw in the system is people's 'tidiness' in listening to the MP3's they serve and download, and deleting the crap.
Ash.
posted by aeschenkarnos at 8:43 AM on June 26, 2002
Yah, this has nothing to do with DoS attacks as far as I can tell. True p2p networks (like gnutella) simply can't be DoS'd -- you could, I guess, attack every individual machine you find on there, but I promise you that would make for some VERY angry ISPs, and you'd have to have a LOT of bandwidth available.
Decoys are already pretty common on p2p networks, aspiring bands giving their mp3s names of popular searches, virus vectors coded to use searches for their names, etc. Seems like its worth a shot for the RIAA to try, tho' I doubt it will work.
posted by malphigian at 8:56 AM on June 26, 2002
Decoys are already pretty common on p2p networks, aspiring bands giving their mp3s names of popular searches, virus vectors coded to use searches for their names, etc. Seems like its worth a shot for the RIAA to try, tho' I doubt it will work.
posted by malphigian at 8:56 AM on June 26, 2002
Yah, this has nothing to do with DoS attacks as far as I can tell. True p2p networks (like gnutella) simply can't be DoS'd
Are you sure? I remember trying to log onto gnutella the day after they closed down napster, and it was nearly impossible to download files. Since then a lot of people left for other programs and the network code was improved so it works now.
Yet, theoretically, what if a large company gave a few thousand of it's employees a program that they could run at home that would spam gnutella with bad search requests and results and share dummy files? Gnutella might become unusable again.
CRC's would help, but it would only stop me from downloading from people who are accidently trading spoofed files. What's to prevent a malicious client from sending out incorrect CRC's?
posted by bobo123 at 10:42 AM on June 26, 2002
Are you sure? I remember trying to log onto gnutella the day after they closed down napster, and it was nearly impossible to download files. Since then a lot of people left for other programs and the network code was improved so it works now.
Yet, theoretically, what if a large company gave a few thousand of it's employees a program that they could run at home that would spam gnutella with bad search requests and results and share dummy files? Gnutella might become unusable again.
CRC's would help, but it would only stop me from downloading from people who are accidently trading spoofed files. What's to prevent a malicious client from sending out incorrect CRC's?
posted by bobo123 at 10:42 AM on June 26, 2002
Wouldn't a bill like this open the door for a future law that makes it legal for angry mobs to kill drug dealers and prostitutes?
posted by Fahrenheit at 2:22 PM on June 26, 2002
posted by Fahrenheit at 2:22 PM on June 26, 2002
Are you sure? I remember trying to log onto gnutella the day after they closed down napster, and it was nearly impossible to download files.
Have you considered the possibility that this was a result of so many people, left without their Napster-based filesharing service, attempting to log onto gnutella as a replacement? (Personally, I've never been able to successfully download more than a handful of files from gnutella.)
posted by Danelope at 3:34 PM on June 26, 2002
Have you considered the possibility that this was a result of so many people, left without their Napster-based filesharing service, attempting to log onto gnutella as a replacement? (Personally, I've never been able to successfully download more than a handful of files from gnutella.)
posted by Danelope at 3:34 PM on June 26, 2002
Maybe this will let drug companies sell pills that are poison on the black market, only criminals would buy them..
posted by Iax at 9:40 PM on June 26, 2002
posted by Iax at 9:40 PM on June 26, 2002
This thread has been archived and is closed to new comments
posted by mcsweetie at 8:19 AM on June 26, 2002