Tackling College Piracy: MPAA and RIAA’s Favorite
Written by Ben Jones on August 17, 2008In part one of our look into the anti-piracy efforts at universities, we saw that Missouri S&T used a simple home grown system, ignoring the favorites of the entertainment industry. In part two, we look at Ohio University, Texas A&M University, Tulane University and others that do use one of the methods preferred by the RIAA and MPAA.
Ohio University (OU) and 7 other universities decided that blocking the many legitimate uses for P2P is not the best idea. Instead they have decided to go the high-tech route instead. They went for the method touted by the music industry, and paraded by the RIAA around Capitol Hill in 2004. A ‘fingerprint’ recognition service called ‘Copysense‘.
Copysense works by listening in on ALL network traffic, and looking for data patterns that match signatures, or ‘fingerprints’ loaded on it. If it detects data packets matching one of its signatures, it terminates the connection by sending forged RST packets to both sides of the connection (Comcast anyone?).
Piracy detection services like Copysense are not cheap. Ohio University paid around $60,000 in 2007 for the system, and an additional $15,500 a year for updates and support. For this, they got a network monitoring box, and some questionable results that prompt more questions than answers, but we will discuss these another time.
There are more issues though, a system working in promiscuous mode is also a big security risk. Passwords, and user names, if transmitted unencrypted, are observable, as is any other traffic sent in the clear. When J. Brice Bible, the CIO at Ohio University, took up his post, it was in the wake of data security breaches. Now he has paid tens of thousands of dollars for a box that can potentially cause a similar breach. Of course, potentially any network client can do this, but only on their local network, not the entire university network.
Ohio University seems to be happy with the entertainment industry’s favorite anti-piracy system. Of course, the less skeptical amongst us would think that outgoing head of the WIPO being an alumni is pure coincidence, as is the CEO of Fox News. People with a strong pro-copyright agenda having contact with an early adopter of a technology pushed heavily by the MPAA and RIAA, is something that rose some eyebrows at the TorrentFreak office though.
Regardless, Ohio University claims the program has been a success. Speaking in the student newspaper, Bible said, “It works very well for today, (but) I don’t know if it will work well tomorrow or the next day or the year after. I want to hear from students … I think students should be engaged in this discussion—and faculty, too.”
If you’re a student at Ohio University, or one of the other universities that use Copysense, why not let him know, and get involved.
Previously: Usniff, Torrent Search Made Easy
Next: Most Downloaded DVDrips on BitTorrent (wk33)
62 Responses
torrentfreak has an office? lol
lol what was the point of #1??
Located next to the BREIN office with pictures of butts on all windows facing BREIN.
Anyway, good article.
So, what happened to student demonstrations?
wow so these students don’t mind this at all O_o
It a disaster.
And @3, please dont talk so nasty about BREIN, they regularly drop in on us when we phone them and tell them its been a tiring day so come on over and blow us…
if you do decide to order the same service make sure you ask for the “Tim Tuik” special, most of the time Tim Tuik himself comes over to perform this, i dont want to spoil the surprise about what the special is… but lets just say it involves NOT spitting…
Cheers!
http://www.ezee.se
good info to know
“It works very well for today”
It will stop working after a few hours
wow you could just buy a vpn service although truly you shouldnt need to if these companies would just stay out of it.
if you think about it its probably not that big of a deal.. yeah there complete assholes but whatever, its there connection, use your own.
VPN? We shouldn’t even be needing VPN. They should just stop trying sh*t like this.
VPN? We shouldn’t even be needing VPN. They should just stop trying sh-t like this.
I’m a student at OU, people do mind having the system in place. None of us are happy with it. In the last quarter of this past year there was a discussion open to all students and faculty to talk about the system in place. Unfortunately it took place in the middle of the day, during the time that most students schedule their classes, so I imagine attendance was mediocre at best. OU is one of those schools that *could* get a group of students together to protest the system, but no one seems willing or educated enough to do so.
@ 1 – “torrentfreak has an office? lol”
Thats what I was gona say! lol
Yeh, again if it’s a university sitaution, set up your own VPN with some mates and foward it back home or to a proper site.
plus if the torrent stream has encryption i doubt there pattern system works.
@13
Here is an idea – if anyone is willing to be a martyr, perhaps get this person to distribute CDs in public, wait for this person to get caught, and then perhaps people will be more willing to protest after someone gets martyred.
@14
The problem with VPN is that people shouldn’t be needing VPN. Using VPN is a sign of admitting defeat, because it shows that one is not willing to combat the system. Besides, not everybody is “computer-savvy” enough to use VPN – the people who are not experienced computer-users are the ones at stake, not the geek groups.
Years ago kids protested being drafted into Vietnam or stationing nukes in Germany. Now they protest not being allowed to pirate music over the university’s network.
As an alumna of Ohio University, I am deeply embarrassed. Not by those student-seeders/leeches, but by the administration. And students’ inability to stop the stupid plan. That school doesn’t have a backbone. Never has. And never will.
To high schoolers in Ohio and West Virginia:
Don’t go to OU. There are a bunch, I mean, really, a bunch of schools in the area that are far better managed than OU.
@17: I know what you mean…
@17 Copyright is the oil of the 21st century…are you so surprised?
@ 16 – Anonymous
I’ll admit I feel the same way, but I’m off to uni soon and I already have began tests on a VPN for my own use and if there’s anyway I can i’ll look at helping others.
even if it means showing people good routers they can use and doing for set up for them for like £2. If not we should all look at making guides for bypassing these systems.
@17
No, copyright is a WAY bigger issue than just “downloading stuff for free.” It is about CONTROL, pure and simple. It is about the ability to have privacy, and the ability to have culture available in places other than just limited stores. It is about the ability to do whatever you want with what you buy without Gestapo-like control. It is about free culture, unlike meaningless and empty commercial culture. It is about having the ability to freely socialize and talk to others about it, to show things to others, without commercial interests to intervene. Most of all, it is the ability to share things with others, to enable people to see it from anywhere, so that there is no need to speak of money matters, taking the focus off of the commercial aspect, and more focus on the meaningfulness aspect, to have more of a focus on the important matters. For example, for a movie, to focus less on commercial mattes and more on matters like how the plot relates to life, the meaning of the plot, and its morals.
If you don’t see how copyright is a very big and important issue, then you must be blind. It isn’t something to be brushed off – if ignored, the situation can only get worse.
Saying that people are getting overexcited about protesting this is just plain stupid – for it is an issue that matters, a problem that MUST be resolved as soon as possible.
@21
The other problem is in stigmatization. Even if few get caught, the big problem is that people will be disparaged for doing something “against college policy.”
It is like in India, where homosexuality is illegal. Although few get caught, the law is used to harass and threaten homosexuals.
To have such a thing codified in policy is still a big problem.
What a waste of money. As soon as encrypted connections get popular I hope the system gets owned.
What the hell is the point of those colleges wasting that much a year on something they don’t need and no one will like?
@23
I don’t think owning the system will be enough. They’re just going to say that they’re fighting an “uphill battle” but still say that they’re on the good side. Nothing will change by owning the system. It require a COMBINATION of owning the system, and protesting the system outright.
@17
It’s not just about downloading. It’s about FREEDOM and DEMOCRACY in culture. Culture is as important as war. You may not know it, but culture has a big influence, and mainly a negative one because of all the commercialism going on in culture. If copyright were to include an exemption for non-profit activities, then there would be much less trash made for money.
So, so far OU has frittered away $75,000+ that could have been spent on something useful and beneficial to both students and school alike? If you’re an alumni of OU, the next time you get a letter asking for donations you know where to file it.
(The round file, aka the trash basket.)
As we all know, pirates ALWAYS win, some peeps will hax0r this box of doom. Someone could hax it and steal all the passwords flowing through it
Final statement: You idiots! That will get hacked and everyones passwords will get stolen.
I’m with 22.
It’s not about piracy to me. It’s about the privacy lost to a system that sniffs your unencrypted packets. A lot of personal information is transferred unencrypted atm. With all this information public to the controllers of the system and their pc’s (also any hacker that can hit an EDU root… which as history proves isn’t hard). This is a huge step in the wrong direction for internet privacy.
I understand it’s their system to do with as they will but imo it’s a university first. The privacy of it’s students should come before copyright protection. It’s not their job. There are plenty of non-educational organizations and gov. officials out there with plenty of funding doing that job.
“There are more issues though, a system working in promiscuous mode is also a big security risk. Passwords, and user names, if transmitted unencrypted, are observable, as is any other traffic sent in the clear.”
Uhm..duh? That has nothing to do with a NIC operating in promiscuous mode.
A NIC has a fast lookup table in hardware that during normal operations consists of the MAC address of the host itself, broadcast MAC address and possibly some multicast MAC addresses.
A NIC operating in promiscuous simply bypass this table and delivers all frames to the operating system. Nothing more, nothing less. The table exists for performance reasons and not for security reasons.
Besides, in any switched network the box needs to be hooked up like a router for any traffic to be filtered (otherwise a static ARP entry to the real default router in your OS would bypass the system).
Unless you have dedicated hardware to move packets between NICs the data must pass through the OS, which means that you won’t even need promiscuous mode.
Just read this quote from an article I think it sums up music industry and a like perfectly.
“There should be effective mechanisms in place (to deter file-sharing) and as long as they are effective, we don’t mind what they are.”
So hey, there next tactics are, bullying, lying, breaking of all laws and spying on you 24/7… wait they do that already… not been very effective has it?
Why not just use the money they’re spending on the system for students’ legal fees if they get prosecuted? Taking measures to avoid litigation is admitting that copyright infringement is morally wrong. Instead, spending the money to support students reinforces the idea that the MAFIAA has a broken ideology, and the university will defend the ideas of its students.
Can’t one just encrypt the traffic? Easy to do in most clients..
Ive never seen fox news give a strong pro copyright agenda? Can anyone please give an example…
@35
But that does not address the issue of whether one accepts the policy or not. The symbolic meaning is as important as the practical one.
execute pirates!
i just talked to a sys admin at uni of portland and they use copysense. its a small private school and i dont agree with the excessive spending on questionable and irresponsible traffic monitoring.
@18
It isn’t about protesting any inability to download. It is about protesting copyright itself. Copyright nonsense is seriously hampering our culture. It is being used to seize control over other people. Right now, copyright is very ridiculous. It needs to go down.
@39
Perhaps the logical solution is to meet up with others and organize a small protest?
P2P have and will always be controversial. I think the next big buzz will be http://freelancenotes.com where students can p2p all their assignments from class notes to lab reports and even old exams. The internet has truly brought copyright to a new level.
@42
No, it will stop being controversial when copyright is relaxed, when it starts to legalize all non-commercial P2P of copyrighted materials. This is what must, and will happen.
“he has paid tens of thousands of dollars for a box that can potentially cause a similar breach”
That is a statement that needs some qualifiers. Firstly, it’s no more dangerous security wise than the routers/switches that operate the network.
Secondly, you can actually mitigate risks by not giving the monitoring box an IP address and placing it on a segment of the network that can’t go outbound. Then the only way to root the box would be to buffer overflow the sensor, but even if you did that you wouldn’t be able to get any data off the box.
Who needs their shitty music and its audio fingerprint, everything else is still ok.. right? Right?!
I go to OU and I’m really sick of what they are doing to us with this P2P crap. They raise our tuition every year in order to pay for this “security” and because of that we have the one of the highest tuitions in the state but with some of the poorest facilities(dorms, classrooms). I know a couple of people who had their connections terminated by the university and in order to get their connection back they have to take their computers to the tech center and have everything they downloaded wiped from it. The system doesn’t work that well either because I download things on almost a daily basis and my connection has never been terminated. Its a waist of our tuition.
The box is basically blood money to the RIAA, they [the RIAA] can’t accuse the campus of not being pro-active about copyright infringers if the campus is paying them $75,000 to ’stop’ it.
i am from ou and had a friend who got caught in a round of riaa captures. ou gave out all of their names, and afforded no support to them. my friend had to dropout of college and is now in deep debt. ou is a dictatorship campus, which is why little change happens. the board of directors that lives in columbus ohio, 2 hours away, pretty much runs the campus through a black president who got a vote of no confidence voted on him from students AND staff. board of directors responded with a raise and contract extension :/
@44
You’re missing the point. Routers and switches are a necessity to operate the network. The Copysense box isn’t.
@44
Except that routers and switches don’t monitor things.
Yup, those idiots love picking on college kids! Would be nice if college kids would suddenly STOP buying anything under their control! CDs, Movies etc..etc.. Hit em where it hurts.
RT
http://www.Ultimate-Anonymity.net
So does this system block encrypted torrent traffic? It seems like that would be too simple a way around a 60k system.
A couple of my friends are starting at OU this year and they asked me to help them get bittorrent to work. I guess they made a big deal about this system at orientation, I heard they made it sound like you have no hope against this system.
Everyone there should just tick “force encrypted connections”. Problem solved.
@53
But that’s not the entire problem. There is also a symbolic problem. The symbolic importance is that the College wants to stigmatize file-sharing, saying that it is “unacceptable.” This is a very big problem, and must be changed.
@50
They do when they come from Adzilla, Front Porch, Kindsight, NebuAd or Phorm.
@40
“Copyright nonsense is seriously hampering our culture. It is being used to seize control over other people.”
Dude, get a f**king grip! People have a choice over whether they buy or steal stuff you idiot. Explain exactly how copyright controls people please. Exactly how is it hampering culture – are you actually naive enough to think that people will make stuff costing 100’s of millions of dollars – and NOT get rewarded for it. FFS!
AFAIC, it’s OU network, so they have the right to try to control what goes on, like any other entity. For people considering this institution this is an issue. There’ll always be a way around it.
As always I try not to delude myself: I’m a thief, it’s up to them to try to stop me and me to keep stealing whilst I can.
Haha, wow @48. Sounds like most colleges though – completely disconnected from the student body and obsessed with their own little world of petty power and money-spending (all at the cost of fleecing the students of course). Can’t forget sports either, a very nice side business for many schools. Oh America: where education and your health are big business (a leading cause of debt and *the* leading cause of bankruptcy, respectively).
Wow, yet another censored post courtesy of TorrentFreak. I didn’t even swear in this one, wonder what set off their EXTREMELY STRICT FILTER this time? Feels like I’m five years old trying to get a post in at this site.
Hopeless, when the hell will they learn!? some one needs to exterminate the MAFIAA out of existence they are a freaking nuisance really
As a University SysAdmin we are under pressure to have data on all users all the time. It’s also our responsibility to enforce the Univ. policies. We don’t block P2P, torrent or otherwise, but we do monitor all traffic (all the way to layer 7) and can pull your data streams for any given period of time and can tell you the name of files you’ve downloaded and all other traffic coming out of your box. (See: http://www.consentry.com/products_lss.html) This way if we get a RIAA or MPAA discovery letter we can turn over the user and meet our policy-based obligations. So, the onus is on the user to self-police and we don’t look like big brother by blocking all P2P apps.
Either way, there is “fair-use” involved in the usage of copyrighted material on a college campus. As long as faculty and students use the material in an academic fashion and not just “steal” it then they have a strong defense against the RIAA or MPAA. This is why they haven’t been overly aggressive with suing students at Universities nationwide and have selectively gone after obvious offenders downloading any and everything they can get their hands on.
In the end I think the RIAA and their minions will fade into oblivion but until that time beware of their deep pockets and false sense of victimization.
Seems fine to me, they are monitoring a network they own. Completely within their rights. If you’re transmitting your password in plain text, you need to stop using FTP.
“This way if we get a RIAA or MPAA discovery letter we can turn over the user….”
Sounds a bit more than just “are monitoring a network they own. Completely within their rights.”
I call bullshit. Since when is it a university’s policy to let a private corporate lobby group dictate policy and invade the privacy of students? The universities to support are the ones that have had the backbone to tell the RIAA/MPAA to stick it and defend the privacy rights of their students. Obviously OU has forgotten who they work for; the people who pay the tuition that pays their salaries and paid for their damn network in the first place.
And to UniversitySysAdmin, I would suggest you choose wisely before joining an enemy that is slowly but surely being defeated both in the public eye and, more importantly, in the courts. Don’t be so high and mighty either regarding the monitoring capability of your network. I guarantee you that if I was on your network, my data streams would NOT be available to your prying little eyes. The only thing you’d be pulling is your pud.
What you should be pulling is your head out of your ass and start doing your job, not what some corporate goon tells you is your job.
Responses are closed
All remaining responses will continue to be archived. Use the TorrentFreak forums if you want to discuss something.