Comments on: The best defense is a good offense

The best defense is a good offense

mullingitover — Thu, 29 May 2008 12:05:12 -0800

Internet television host Revision3 was the victim of a denial of service attack this weekend. The source of the attack? None other than RIAA and MPAA-funded MediaDefender.

By: prunes

prunes — Thu, 29 May 2008 12:17:50 -0800

IMO calling it a denial of service "attack" signifies intent and is somewhat misleading. It's pretty clear that their software glitched.

By: mfbridges

mfbridges — Thu, 29 May 2008 12:22:34 -0800

It's also pretty clear that the software that "glitched" was doing not-so-nice things in the first place.

By: Malor

Malor — Thu, 29 May 2008 12:22:44 -0800

But their software glitched because they were illicitly using Revision3's servers for their own nefarious purposes to begin with, and only "accidentally" launched the DOS when Revision3 kicked them off their server. The DOS might have been an accident, but the deliberate hijacking most certainly wasn't.

By: rooftop secrets

rooftop secrets — Thu, 29 May 2008 12:22:49 -0800

MediaDefender has always been scum. See here.

By: Thorzdad

Thorzdad — Thu, 29 May 2008 12:23:13 -0800

...It's pretty clear that their software glitched. No. It's pretty clear that the executives at MediaDefender are claiming their software glitched. And, in the same breath, they freely admit to planting unauthorized files on Rev3's servers. This action alone seems to be enough to discount their claim that it was all a big mistake.

By: jabberjaw

jabberjaw — Thu, 29 May 2008 12:24:25 -0800

As Revision3 says in its own article: "In the end, I don't think Media Defender deliberately targeted Revision3 specifically." Not that Media Defender isn't evil, but not necessarily in this case.

By: Large Marge

Large Marge — Thu, 29 May 2008 12:24:37 -0800

their software that 'glitched' was already performing unauthorized operations on someone else's network, and regardless of intentions a DOS attack was initiated.

By: DU

DU — Thu, 29 May 2008 12:28:44 -0800

It's like those magazine subscriptions that are easy to make but hard to get out of. There doesn't have to be a specific policy decreeing that you screw the customer over, you just have to not try very hard to be helpful. Likewise, to create an DoS you don't need to code up deliberately-malware, you just need to not avoid "glitches" like this very hard.

By: davejay

davejay — Thu, 29 May 2008 12:29:47 -0800

IMO calling it a denial of service "attack" signifies intent and is somewhat misleading. It's pretty clear that their software glitched. You're right. Let's call it a denial of service "surge".

By: shmegegge

shmegegge — Thu, 29 May 2008 12:32:34 -0800

It's pretty clear that their software glitched. I'm interested in seeing the documentation for this glitch. Is it a glitch in fedora? If you could point me to the documentation for the glitch "send 8000 SYN packets a second to Revision3's tracker," I'd greatly appreciate it.

By: jmd82

jmd82 — Thu, 29 May 2008 12:32:35 -0800

Uh, yea, software "glitching" (a claim I find dubious. I think the Revision3 guy was just being diplomatic) should not be any defense. If anything, it could have easily been planned. "Hey, I got an idea! Instead of doing a direct DOS, let's set up a connection to their servers so a DOS will be initiated when they do x, y, and z. That way we can claim it was a glitch!" If I DOSd the RIAA or the gov't under the same conditions, you really think I'd be off the hook because it was a "glitch"? Hell no. It's only because the attack was initiated by an arm of the *IAA that they'll avoid litigation.

By: krautland

krautland — Thu, 29 May 2008 12:52:09 -0800

they certainly put some considerable effort in writing their wikipedia entry (come on, anyone really think *that* was written by anyone else?). first time they seemed to have been mentioned on mefi though and first time I had heard of them beyond a brief blip on the radar when the digg thing was news. I wonder what the outcome will be for them... if their traffic because of this will be the best promotion for them they could have had... anyway. has anyone watched their podcasts? are they worth trying?

By: Tacodog

Tacodog — Thu, 29 May 2008 13:03:46 -0800

Even if it was a glitch it still doesn't absolve MediaDefender of responsibility. Malice or negligence: choose one.

By: sotonohito

sotonohito — Thu, 29 May 2008 13:04:13 -0800

Also, considering that MediaDefender has a history of initiating DoS attacks, I'm not really willing to give them much benefit of the doubt. I hope Revision3 sues them bankrupt.

By: TheOnlyCoolTim

TheOnlyCoolTim — Thu, 29 May 2008 13:23:09 -0800

But what I do know is that the FBI is looking into the matter In the end, I think I know exactly what matters will be looked into at least in terms of criminal charges. Hopefully these guys can at least get something in a civil suit. "We've added a policy that will investigate open public trackers to see if they are associated with other companies" Which means even by their own admission they were targeting trackers willy-nilly, without even looking to see if there were copyright violations. I wonder how many other trackers distributing Linux and shit they attacked with whatever they were doing. And speaking of that, what the hell were they doing with "injecting files?" It's not clear. I know they like to put fake files on trackers, but that doesn't even make sense to do without being able to upload a .torrent file for people to download the file. There's a silver lining to MediaDefender, though, as the leaked emails reveal that their attacks generally don't accomplish much and accomplish nil on any of the half-decent torrent sites.

By: P.o.B.

P.o.B. — Thu, 29 May 2008 13:29:45 -0800

has anyone watched their podcasts? are they worth trying? I enjoy Diggnation and Totally Rad Show. Some of the others are humorous but nothing that I was interested in keeping up with.

By: TheOnlyCoolTim

TheOnlyCoolTim — Thu, 29 May 2008 13:34:06 -0800

On the left we have Randy Saaf, President of MediaDefender, and on the right we have Octavio Herrera, VP. In front of my monitor we have me laughing that they look like a pack of douchebags, too.

By: East Manitoba Regional Junior Kabaddi Champion '94

East Manitoba Regional Junior Kabaddi Champion '94 — Thu, 29 May 2008 13:43:35 -0800

previously

By: aerotive

aerotive — Thu, 29 May 2008 13:49:07 -0800

krautland: "they certainly put some considerable effort in writing their wikipedia entry (come on, anyone really think *that* was written by anyone else?). first time they seemed to have been mentioned on mefi though and first time I had heard of them beyond a brief blip on the radar when the digg thing was news. I wonder what the outcome will be for them... if their traffic because of this will be the best promotion for them they could have had... anyway. has anyone watched their podcasts? are they worth trying?" I like Systm and Tekzilla. There aren't many independent companies making well-produced shows in HD; Revision3 is one of them.

By: Sys Rq

Sys Rq — Thu, 29 May 2008 13:51:07 -0800

Isn't the criminal on the hook for all damages resulting from the criminal act, regardless of intent?

By: e40

e40 — Thu, 29 May 2008 14:03:35 -0800

IMO calling it a denial of service "attack" signifies intent and is somewhat misleading. It's pretty clear that their software glitched. Prunes, what are you, an apologist for MD? They were illegally using Revision3's servers. When Revision3 cut them off, their software when into "scorched earth" mode. Who do you think programmed that mode? This is bullshit of the highest order. MD deserve to lose big time for this.

By: SweetJesus

SweetJesus — Thu, 29 May 2008 14:25:45 -0800

When Revision3 cut them off, their software when into "scorched earth" mode. Who do you think programmed that mode? How on earth do you know that the software has a "scorched earth" policy? Considering MediaDefender had moles in their system collecting internal emails and voice mails for between 6 to 9 months and the source code to TrapperKeeper (MediaDefender's decoy software) was leaked a year ago, I think if they had such a system we would know about it. Plenty of strange things can happen in software when you make incorrect assumptions, its not necessarily malicious. But you certainly can't say for certain.

By: mullingitover

mullingitover — Thu, 29 May 2008 14:32:56 -0800

Aaaaaand Revision3 is down again. cobracommander:~> date Thu May 29 14:29:59 PDT 2008 cobracommander:~> ping revision3.com Pinging revision3.com [209.237.233.179] with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 209.237.233.179: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), cobracommander:~> MediaDefender strikes again?

By: quin

quin — Thu, 29 May 2008 14:43:28 -0800

If I DOSd the RIAA or the gov't under the same conditions, you really think I'd be off the hook because it was a "glitch"? There is really only one way to be completely sure...

By: pompomtom

pompomtom — Thu, 29 May 2008 16:31:07 -0800

>MediaDefender strikes again? Nah, it's just you and 40,000 other people checking if they're OK.

By: Pastabagel

Pastabagel — Thu, 29 May 2008 20:41:30 -0800

The easiest way to deal with this is to perform a denial of service attack on MediaDefender using sledgehammers and oily rags.

By: Ynoxas

Ynoxas — Fri, 30 May 2008 08:56:15 -0800

Doesn't this run afoul of one of those digital acts the government has been blustering about for a while now? How do we know for sure MD isn't a front for a terrorist organization? I'm being flip, yes, but isn't this EXACTLY what those digital acts are for??