OiNK Database Didn’t ‘Self Destruct’, Wasn’t Encrypted But Users Safe?
Written by enigmax on October 25, 2007Following the raid at OiNK, many of the 180,000 members are very concerned about what’s happening with their details. The rumor: The OiNK database was encrypted and self-destructed. The truth: It wasn’t and it didn’t but ex-users still might be safe. In the meantime, OiNK got fired from his job.
Yesterday, in the wake of the OiNK takedown, we made a report about possible action against Norwegian BitTorrent trackers. In it we revealed that a tipoff suggested that the OiNK database had been equipped with a ’self-destruct’ mechanism and was also encrypted.
‘OiNK’ himself participated in a short Q&A and the truth is that this is not the case. Here is a rundown of the salient points:
The raid was completely unexpected and came with no warning at all but steps had already been taken to protect the users. Although there was no ’self-destruct’ or encryption according to OiNK, “the logs we store aren’t enough to incriminate users.” This will come as a huge relief to ex-members of OiNK.
A Cleveland Police spokesman told The Telegraph: “It is too early to tell if we will go after individuals, it all depends on what we find.”
OiNK is accused of conspiracy to defraud and copyright infringements with police questioning OiNK for hours after which he was eventually released. It became apparent that the police had limited technical knowledge which, according to OiNK “made the interview quite amusing.”
OiNK’s father - who was also dragged into this, is fine - although the police took his laptop.
There was an implication that a backup of the site may exist, although this is unconfirmed and there is no news yet that the forums will be restored for the purposes of music discussion. Additionally, it’s unclear if OiNK remains the owner of the OiNK.CD domain.
Sites have been cropping up claiming to collect donations for legal defense but according to OiNK there aren’t any that potential donators should feel comfortable donating to right now.
Certain changes had been made to the OiNK site and IRC channel in recent weeks security-wise and there was a suggestion that this may have been because a raid was expected. OiNK has denied this and confirmed these changes were a coincidence.
In echoes of what happened to Alexander Hanff (admin of the BitTorrent tracker DVDR-Core) Alan Ellis aka OiNK has been fired from his IT Consultant job following the raid but has refused to elaborate on what grounds his employer - Virgin Media in Stockton-on-Tees - chose to dismiss him.
It’s hugely commendable that OiNK has taken the time to come out and give the community timely facts. Alan told The Daily Telegraph: “I haven’t done anything wrong. I don’t believe my website breaks the law. They don’t understand how it works.”
Stay Tuned
Update: Seems like someone involved in the takedown left an administrative message on the OiNK site (thanks for the tips DaanRiver and R10T):
Previously: University Raids Graduate Student Office for Using BitTorrent
Next: The Pirate Bay To Bring Back OiNK
172 Responses
Pages: « 1 [2] 3 4 5 6 7 » Show All
is anyone looking at why the hell it says Pedro ?? the way it is worded quite cearly shows it woudnt be one of their employes or computer experts that message is for… if its related to that shitty site admin that oh dear wtf has come of p2p
This was /not/ flacinhell’s doing: flacinhell actually liked OiNK fine, but actively went against Pedro (due to the fact it was a pay-to-leech site). Not sure I’d put it past Pedro though.
[quote comment="195447"]
It wouldn’t be that hard to create encrypted environment for a tracker. Even basic Debian installer offers encrypted LVM partitions and the performance hit is only few per cents of CPU time and if that is a concern you can always create temporary disk in memory and use the critical parts of the database from there and sync periodically to physical disk. Even better option is to buy faster processor because hardware is cheap compared to what you might have to pay once you are caught by the police.[/quote]
Encrypted LVMs haven’t been around very long in a stable, easy to setup and easy to use form. And at the moment an encrypted LVM needs to be setup before the installation of a system goes onto that partition. That means starting basicly from scratch. And I don’t think OiNK has had a system rebuild recently.
As for the Pedro thing. I wouldn’t be jumping to conclusions. Depending where you live in the world, and the type of people you associate with, ‘Pedro’ can have a number of meanings, even when used in the context that it was on that page. It could refer to a number of things from being a person’s actual name to just being a generic reference for a person. People shouldn’t just go jumping to conclusions based on very little to no evidence
FlacInHell….What a joke he is. Don’t agree with him and he will try to hackyou, threaten to turn you into authorities, and fail miserably at all his attempts. People used to be afraid of what he might do as far as getting people busted but after 3 years they now just laugh at him as all he can seem to do is make idle threats that he never backs up. It is kind of amusing to watch him though as it is hard to believe that someone who fails so miserably can be so persistent.
On the fly encryption has been around since 2.4.something.
I’m guessing oink knew enough to to use -loop ^^ you are right about the easy lvm setup part though… but we are not talking click’n go here. For someone with only a little knowledge linux encryption on kernel basis has been around longer than oink was.
I’ve never used it myself on something as big as oink though… but there are better/faster commercial ways to encrypt you stuff - its just a question if you’re willing to pay for it.
Also OiNK being from the UK he’d have to decrypt his stuff anyway or go to jail for not decrypting it… so it basically comes down to whats less ‘criminal’ the stuff that you encrypted or not decrypting it.
If an encrypted LVM volume wouldn’t work, the GELI with FreeBSD would. Encrypting harddrives really isn’t that difficult or demanding - the FreeBSD handbook even has a guide to encrypting your swap space.
If OiNK knew what he was doing, and I personally think he did, then everything’s set up just fine, self-destructing databases or not.
[quote comment="195404"]i’m thinking about selling my 2 computers i’ve used to download and get me 2 new ones…[/quote]
Remove the harddrives and when the police show up you burn them. Put on a steak and ask if they want’t some ^^.
Goddam! the feds are bent. The law can be shaped around you
OiNK have changed my life. Opening up such many new doors to new music showed me that there are more possibilities in life than just the mainstream one.
Also; since I joined OiNK, I’ve bought like more than ten albums on lp and cd.
Before that, I never bought anything else than perhaps “Absolute Music” once in a while.
I wish OiNK all best, you fucking ROCK! You know you’re right.
Very good article, thanks man.
”They don’t understand how it works.”
-I thought the same when OiNK was taken down.
Hmmm, MTV picked this story up as well: http://www.mtv.com/news/articles/1572693/20071024/index.jhtml#
Would have been nicer if MTV was still MusicTelevision, and not Reality-Show-Crap-House….But still it is read rather nice, and not like the BBC report…
how will this affect my ratio?
from irc chat with OiNK:
[quote]
smartface> did they actually question you?
OiNK> of course, for hours
OiNK> the police had very limited technical knowledge, which made the interview quite amusing actually.
OiNK> i wasn’t willing to teach them how to use a computer
OiNK> they actually wanted me to teach them how to set up a website
OiNK> i just told them to google it.
[/quote]
If the powers that be haved figured out a way to attack and dismantle the current torrent-structure and community then its simply a matter of evolving.
If we end up losing the fight then what’s needed is a new method, approach to P2P that doesn’t require trackers or utilizes them in a different manner. The technology is there its just a matter of revising our thinking.
[quote comment="195435"]oinkybank seems to be getting a lot of donations
[/quote]
oinkybank.com has to be a scam. Owner is myspace.com/revolustream …
what’s wrong with a dm-crypt encrypted partition and the db on it? it’s not hard to setup at all.
surely if they didn’t log IP’s, and diddnt take your name and adress, then it would be totaly safe, as theres nothing else personally identifiable on the system that i can think of
[quote comment="195544"]from irc chat with OiNK:
[quote]
smartface> did they actually question you?
OiNK> of course, for hours
OiNK> the police had very limited technical knowledge, which made the interview quite amusing actually.
OiNK> i wasn’t willing to teach them how to use a computer
OiNK> they actually wanted me to teach them how to set up a website
OiNK> i just told them to google it.
[/quote][/quote]
HAHA hilarious :D
[quote comment="195404"]just thinking about something… I know they can’t get at me for donating to OiNK, but couldn’t they find out my name, realise that I’ve been using OiNK, come to my house, seize my computers and find out that I have indeed uploaded music illegaly to other people?
i’m thinking about selling my 2 computers i’ve used to download and get me 2 new ones…[/quote]
If you or anyone else is worried about them seizing your shit and checking the hard drives, DBAN boot and Nuke, wipes the hard disk seven times, the govt won’t be able to find your shit guaranteed
The key things that would leave users in trouble are:
logging IP addresses
logging torrents downloaded
logging torrents uploaded
As far as I remember, oink did all three of those. They have to log IPs so they can ban cheaters, right? And I’m pretty sure I saw the IP address I was using (my neighbor’s wireless) in my profile (with an “only visible to you” notice, but still recorded in there.)
They also had a list of torrents you snatched, as well as what you uploaded. I didn’t notice any of the recent changes, so maybe they wiped some of that information from the database? That would be great, if they have your IP but don’t know what you were doing on the site, there’s not much they can get you for. They can’t accuse you of downloading music, since you might just have been downloading fonts, for example. Still illegal, but I don’t think they can get away with, “well, your honor, we don’t know what he was downloading, but we’re pretty sure it was something illegal!” And there was some legally redistributable content on oink, the only restriction was that it couldn’t easily be freely found on the Internet. That means that your 500 GB you downloaded *could* have all been legal.
I think an important tip for any private tracker would be to allow freely available, legal content, and not log who downloads what (e.g., make Linux distributions available, or something like that.) That way getting a copy of the user database wouldn’t be incriminating.
But I wouldn’t be surprised here if the police didn’t know what was going on. The media companies told them “people are paying for pre-release music and here’s how to stop it” (either out of malice or ignorance) and the police took the servers and took Allen into custody to investigate. Actually, it would be funny if they intentionally lied to the police and Allen sues them. Maybe I’m just deluding myself, though.
I made millions off you losers and the feds got nothing on me. get a life and stop jockin my nuts.
-OiNK
You can put self destruct stuff in any app but I don’t see the point.
Just don’t log anything that’s all.
If there is a login the only thing on the server are a bunch of password and user name. That’s all.
Beside anything can go wrong trigering the self destruct for no reason.
honestly i dont think he should be antagonizing and poking fun, tempting the authorities to “dig deeper” just yet….
If your looking for alternatives to Oink, try;
http://blog.buttermouth.com/2006/10/undiscovered-ways-to-get-free-music.html
god bless this site, thanks for keeping me updated.
Pages: « 1 [2] 3 4 5 6 7 » Show All
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.