This is How We Catch You Downloading
Written by enigmax on April 14, 2007All over Europe thousands of people are being threatened with court action for allegedly sharing games like Dream Pinball 3D on P2P networks. Now, documents obtained by TorrentFreak show details of the anti-piracy company’s techniques for identifying alleged file-sharers on the internet and the gathering of claimed ‘forensic quality’ evidence for use in court cases.
In March we reported in some detail about the case of 500 UK file-sharers being legally pursued following claims that they uploaded games from the German publisher ‘Zuxxez’ onto file-sharing networks.
Since then, many people have been in touch with the law firm who sent the threatening letters, demanding evidence that they actually did something. TorrentFreak has obtained copies of the latest letters and within the claimed evidence is a description of how the anti-piracy system used by Logistep AG (the company hired to track the alleged pirates) is supposed to work.
The cleverly named “File Sharing Monitor” is the system being used by Logistep to gather evidence against file-sharers. It is actually just a modified version of the Shareaza P2P application that is configured to search for infringing files, and collect the information from the hosts that share these files.
The “File Sharing Monitor” only targets Gnutella and eDonkey users, so it is still unclear how they track down BitTorrent users. Here is how it works:
1. The client connects to the P2P network, searches for sources of the infringing file, and collects the IP addresses that were gathered through the search.
2. The client requests to download (a piece of) the file from the host that was found through the search.
3. The filename, file size, IP-address, P2P protocol, P2P application, time, and the username are automatically inserted into a database, if the host permits the download.
4. This is the “best” part. The application does a WHOIS search for the ISP information and automatically sends an infringement letter to the ISP if needed.
The claim is that the “File Sharing Monitor” is totally foolproof and that it can provide forensic-quality information to a court in order that file-sharers be punished. The question remains whether an IP-address is sufficient evidence to sue a person for downloading copyrighted material. Recent cases suggest that the RIAA and the MPAA will need more evidence than that.
Here is the ‘evidence’ for the functioning of the Logistep system. You decide.
-Link to PDF.
Previously: Automatically Transcode and Import Downloaded Videos to iTunes
Next: Do P2P Blocklists Keep you Safe?
142 Responses
Pages: « 1 [2] 3 4 5 6 » Show All
You are never ‘completely’ anonymous on the internet.
All the data you request requires a return address, obviously in order for you to get it. Otherwise, you weould send requests, but never actually receive anything as there is no return address.
Even if you were to change your IP 2 seconds after, the requests by then have already been logged at some point on the internet, most likely at various places.
You can use proxy servers, again… ultimatley everything is traceable.
You can chain your proxies together and have your file go from Canada to NYC, over to a commie country such as china, then back to australia… This would make it extremely difficult and expensive for a firm to track you. You would have to do some pretty serious damage / theft and have the FBI / NSA on your azz.
Then again, after chaining so many procies your download speed will decrease significantly.
Apparently there is word of a black project that will allow complete anonymity, i forget the name atm, but anyways it all ultimately comes down to you, your pc, and your MAC address.
[quote comment="85378"]Aren’t there tools out there on the internet that are capable of changing your IP address ?! If they were to even catch “your” IP address, then U could easliy change it within seconds[/quote]
Yes, you don’t need a tool, you configure your IP in windows in your network config TCP/IP protocol properties.
This address is usually assigned by a DHCP server running over at your ISP.
The DHCP server’s job is to assign an address to your pc. This address has a lease time on it, so your pc might ‘lease’ an address for 2 weeks, release it, and get a new one.
You can cause this to take place yourself but not always by issuing commands and or rebooting your dsl modems.
You could also assign a ’static’ ip through network properties. But again the DHCP server i beleive must allow you to do so,.. or have that address first being not in use, and secondly in the allowable pool of leasable addreses.
technically you could change yoru MAC address which is what it ultimatley comes down to, and your IP address to that of someone elses.
obviously things i beleive would not always happen properly,. to say that packets would be routed to 2 pcs.. randomly? Does someone know? An interesting thought non the less.
Also, your DSL modems / cable modems have a MAC address. would require a change also.
All this of course would be seen in event logs etc ISP side. If someone was looking for it.
[quote comment="85388"]As someone mentioned before, I can rename any of my PERSONAL files as “insert the software title here” dot exe.
How can they prove that I’m sharing THEIR software and not mine? They can’t. The ISP can’t. F**k them.[/quote]
They prove it’s not actually just a renamed .exe or .jpg by analyzing the files HASH value. google it…
a renamed file will not have the same HASH cvalue as the real file.
“They” could actually be monitoring us now.
“They” work on the inside, that shady employee for torrentfreak, that double agent over at The Bay the quiet one who never says anything.
“They” figured they needed a Top Secret (not anymore) project similar in scope to the ones they run on Green Peace protestors and Freedom Rights activsts.
“They” collect logs at the “root” of the dragons den. It does not matter if it is 12 year old johnny who mis-clicked his mouse while searching for the latest transformers website, or the Mother of six who is simply reading up on current events.
“They” are wathing
“They” know “We” know….
-blunted
Link to the PDF:
http://www.bundybovines.com/20070414093506062-1.pdf
Hello fellow downloaders
as long the lobbyist gangs have political ties that goes far up politicians block holes, ISP are being confronted with dictatorial law(enforcements) and citizens are being crimilized beyond belief, even in democractic countries, aquisations of copyright related events are handled with an inverted proof process( where you have the proof that you were not downloading sh*t instead the other way around)
The best advice is to keep your back straight up for whenever someone is haressing you aquising of doing something illegal, just remember that in high courts, citizens must be protected against companies; iaw p2p, usenet and torrenst are legal platforms. Copyright holders are forced to invent something that stops users to replicate and not just procecute them because they cant a better solution
btw: I own an usenet provider and an ISP so I know what I am talking about
Another scenario which makes the trail of evidence murkier.
How about spoofing an IP address and then sniffing the data sent to that address.
This would require you are on the same subnet. With cable you can sniff all your neighbours packets, just like a hub your modem recieves them but ‘chooses’ to ignore them.
I run a public proxy server on my pc… do I get into trouble if someone downloads copyright material through my proxy or shares material through my proxy?
Of course an IP is not enough!
I leave my wirless network open on purpose.
If one of my neighbours does something illegal, I can’t be blamed for that!
[quote comment="85396"][quote comment="85378"]Aren’t there tools out there on the internet that are capable of changing your IP address ?! If they were to even catch “your” IP address, then U could easliy change it within seconds[/quote]
Yes, you don’t need a tool, you configure your IP in windows in your network config TCP/IP protocol properties.
This address is usually assigned by a DHCP server running over at your ISP.
The DHCP server’s job is to assign an address to your pc. This address has a lease time on it, so your pc might ‘lease’ an address for 2 weeks, release it, and get a new one.
You can cause this to take place yourself but not always by issuing commands and or rebooting your dsl modems.
You could also assign a ’static’ ip through network properties. But again the DHCP server i beleive must allow you to do so,.. or have that address first being not in use, and secondly in the allowable pool of leasable addreses.
[/quote]
OMG stop stop stop, your bulls*t is hurting my ears. First sit Cisco exam, then talk.
[quote comment="85313"][quote comment="85301"]USENET ALREADY[/quote]
um…there’s no such thing as usenet.[/quote]
ummm……….better look again it is also called news groups
I googled this ‘dream pinball 3d’ according to the site (from zuxxez entertainment, not a duped name) the entire game is *free* anyway!
so this entire article just a viral marketing attempt? maybe the games full of ads to earn them cash?
[quote comment="85499"]oops, misinterpreted what I’d read, been a wear day, it’s not free, it just only used to have the trial version available[/quote]
re: comment “85499″
oops, misinterpreted what I’d read, been a wear day, it’s not free, it just only used to have the trial version available
One statement ends this whole argument:
IP ADDRESSES ARE NOT VALID AUTHENTICATION CREDENTIALS, PERIOD. You can not use an IP address to authenticate the user of a computer, and thus can not use it as the basis of a legal argument against anyone.
Hell, you can’t even prove that an IP address ever belonged to an individual machine.
There is absolutely no infallable method for making this correlation, as every intermediary device that logs network information, such as MAC addresses, is inherintly (and trivially), subvertable to provide false information.
Since the prosecuting attorneys can not prove beyond a reasonable doubt that none of the evidence has been tampered with, they have absolutely no case whatsoever. This point is irrefutable.
Well… I recieved a complaint from my ISP after they recieved one of these automated alerts, the problem is I don’t think they verify the file is what they think it is… closer examination of the file’s length and the files in my share….
To boil it down to a point, I got a copyright infringement notice from Synmantec for sharing and OpenOffice.org install file… I was pissed, but since my ISP took no action I couldn’t defend myself.
This is crap. On the PDF, it said something like your responsible for what goes on your connection in whatever country this is. That said, the wifi option should be off and there should be a agreement that pops up when you choose to give access when enabling wifi.
This is crap, crap, and more crap!
damn thats how i got cought 2 weeks ago
picklefuckers, it is copyRIGHT, not copywrite as in ad copy. get over yourselves already.
I got one of these emails from MGM for sharing movie releases. I have a static IP on the internet port of my router. This is a /30 subnet address so I its no use changing. they know whom the traffic belongs to.
I told them that I have an unencrypted wifi spot but they told me to apply proper mesaures to stop sharing or they will terminate my account. Under the evidence they had torrent files and emule stuff too. Does anyone have any useful advice for me? I dont want to stop sharing…
5 references to this post
Pages: « 1 [2] 3 4 5 6 » Show All
Responses are closed
All remaining responses will continue to be archived. Thanks to all who made serious comments.