This is How We Catch You Downloading
Written by enigmax on April 14, 2007All over Europe thousands of people are being threatened with court action for allegedly sharing games like Dream Pinball 3D on P2P networks. Now, documents obtained by TorrentFreak show details of the anti-piracy company’s techniques for identifying alleged file-sharers on the internet and the gathering of claimed ‘forensic quality’ evidence for use in court cases.
In March we reported in some detail about the case of 500 UK file-sharers being legally pursued following claims that they uploaded games from the German publisher ‘Zuxxez’ onto file-sharing networks.
Since then, many people have been in touch with the law firm who sent the threatening letters, demanding evidence that they actually did something. TorrentFreak has obtained copies of the latest letters and within the claimed evidence is a description of how the anti-piracy system used by Logistep AG (the company hired to track the alleged pirates) is supposed to work.
The cleverly named “File Sharing Monitor” is the system being used by Logistep to gather evidence against file-sharers. It is actually just a modified version of the Shareaza P2P application that is configured to search for infringing files, and collect the information from the hosts that share these files.
The “File Sharing Monitor” only targets Gnutella and eDonkey users, so it is still unclear how they track down BitTorrent users. Here is how it works:
1. The client connects to the P2P network, searches for sources of the infringing file, and collects the IP addresses that were gathered through the search.
2. The client requests to download (a piece of) the file from the host that was found through the search.
3. The filename, file size, IP-address, P2P protocol, P2P application, time, and the username are automatically inserted into a database, if the host permits the download.
4. This is the “best” part. The application does a WHOIS search for the ISP information and automatically sends an infringement letter to the ISP if needed.
The claim is that the “File Sharing Monitor” is totally foolproof and that it can provide forensic-quality information to a court in order that file-sharers be punished. The question remains whether an IP-address is sufficient evidence to sue a person for downloading copyrighted material. Recent cases suggest that the RIAA and the MPAA will need more evidence than that.
Here is the ‘evidence’ for the functioning of the Logistep system. You decide.
-Link to PDF.
Previously: Automatically Transcode and Import Downloaded Videos to iTunes
Next: Do P2P Blocklists Keep you Safe?
142 Responses
Pages: « 1 2 [3] 4 5 6 » Show All
[quote comment="85511"]This is crap. On the PDF, it said something like your responsible for what goes on your connection in whatever country this is. That said, the wifi option should be off and there should be a agreement that pops up when you choose to give access when enabling wifi.
This is crap, crap, and more crap![/quote]
Would you be responsible if you left your keys in the car and the door unlocked and someone stole your car and used it to kill someone else? The answer is no, so why would you be held responsible for someone stealing your bandwidth or your property such as your computer.
It is clearly simple, they can not clearly without a shadow of doubt, prove you are the person responsible for such an action, because in the end, they don’t know who the person is that is doing it at that time.
Heck, with the advanced rootkits of this age, they couldn’t even prove your system wasn’t compromised.
if you wipe you computer/logs that could be seen by the court as an attempt to destroy evidence.
“USENET ALREADY”
“um…there’s no such thing as usenet.”
“ummm……….better look again it is also called news groups”
Somebody is obviously forgetting the first rule…
What about something like Peerguardian (free IP masking tool)?
wouldn’t that avoid detection?
My guess is that none of the previous posters have any clue how awful the legal system is. It will not protect you if there is ANY evidence against you. It doesn’t matter if there is reasonable doubt. It’s all about human nature…if you’re in court, everyone thinks you must be guilty of something. Civil court is much worse, as they don’t even require reasonable doubt…look at what happened to OJ…of course…civil court doesn’t come with the penalty of jail time. IANAL, but I’ve had more than my fair share of experience and have gotten shafted every time. Stay out of the way of the law, or you will get screwed.
You’re right about that, the idea that you have a right to a trial judged by a jury of your peers, who coincidently have no understanding whatsoever about the execution of the judiciary process of the U.S. Legal system seems a bit counter intuitive. If, however, you choose the more sane option of having the judge be the sole decision maker over the preceedings, you make yourself victim to his desire to accurately interpret and uphold the law, based on the quality and validity of the evidence.
why Gnutella and eDonkey but not bittorrent . I think that now days people that getting sued are mostly bittorrent users .
since this article using Gnutella and eDonkey as example let go through some step.
if users using ipfilter/PW/PG (connection is block) then step 2 will be fail . this mean that step 3 & 4 will be skip.
will this be the same for bittorrent users?
“peers” is one of those words that’s severely underdefined…let me clarify. “peers” means those people who were randomly selected for jury duty. Of those randomly selected, only the people who actually respond to the jury notice (who don’t come up with some excuse to get out of it) show up. Now who might those people be. Sure, maybe one or two are educated people, but those people have lives…they want to get home to their family members. The easiest way to do that is to convict you. The rest of your “peers” are lowlifes, who think jury duty is a high paying job, or hate their lives so much that they love the idea of jury duty because it gets them away from their family. These people are really really ignorant and just believe whatever the prosecution says. Now say you’re an educated computer engineer. How many of those jurors are going to be computer engineers? NONE, and if by some magic one was randomly selected, they would probably be excluded by the prosecution. I’m just pissing myself off now, so I’m going to stop…again, stay away from court, once you’re there you face a 95% conviction rate…good luck.
Its a civil case.
There is no jury.
:P
[quote comment="85263"]Is IP evidence really that concrete considering the number of ISP’s that work on a dynamic instead of static IP system for their customers? Not to mention the ability of IP spoofing. It just sounds too flawed to be foolproof. Besides, anytime something is foolproof, a bigger fool evolves from the soup.[/quote]
i can even change my IP at my own leisure. Without even having to inform my isp. Further, this guys right, their system wont yield any valid evidence when applied to dynamic ip systems
The dirty evil bastards
file sharing programs need alterations to combat this
[quote]
Its a civil case.
There is no jury.
[/quote]
There can be. See the 7th Amendment.
I’ve often wondered the same CJ, how likely is it that one would upload an enterire file to one peer ? it isn’t like dc, napster or irc. Hehe, the law is soo old, lame and restrictive seen in the light of p2p.
Something like this shows up in all whois results:
TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations
So this description of the program makes it sound like it is violating the usage agreement of whois data and the whois services that registrars run.
#59
good observation
so “sue the suers”
RIPE should demand from logistep detailed infos about what IPs have accessed the database how often and demand payment. And punitive damages too!
allegedly from 500 UK IP addresses the lawyers demanding 300 pounds each. they need to pay ISP ~18500 for the work they done in mahsing up IPs with subscriber data
That is a very lucrative net profit for them!
More then what “zuckers” (or how this company call itself) would make if they legaly sell the software.
That is a “preponderance of evidence” (sp?) that it was the game company himself that put up the file to cash in bigger profits then by selling game and then conspire with logistep and this british lawyer outfit!
Sue those corporate bastards their asses off!
Wouldn’t the company trying to locate infringement of copyright have to offer the program for download in order to offer the piece of the download and obtain the information of the requesting client?
The same email can be sent to their masters, the BSA/MPAA/RIAA. They hire firms to spam and DoS peer to peer networks with files just like the one mentioned above- with fake IP address. For all they know the file originated from their own hired thugs.
Here is the rub in the end. Nobody owns information. Nobody has ever owned information. Nobody can, in the physical God created world, owned information. And you Fuck with the word of God at your peril.
Information is either Secret, or it in Not. That is it. Period.
All this other BS are the death throws of a business that doesn’t want to change. Well fuck them and fuck you too for believing their crap.
The first rule of USENET is: you do not talk about USENET.
The second rule of USENET is: YOU DO NOT TALK ABOUT USENET.
There is no USENET. There is no Cabal. There is no us. You have never heard the words ‘alt.binaries.*’ and there is no way of downloading vast quantities of media at enormous speed from servers run by your own ISP, without any risk of detection by the MAFIAA.
That is all. There is no USENET.
I’m doing a lot of research. One of the areas I’m looking at is anonymizing networks as people I’m often are tracking down are using these methods. (I’m working as as security specailist for a Govt.) If people used networks such as RAT, it would be possible to know who did the download. (Yes there are researcha bout how to back track in these networks aswell but not many agencyes are able to and way beyond these people we are talking about here.) And if you are part of a network such as RAT, you can most likely use the argument “Not me, must have been someone using RAT”. In order for this to work, you must have traffic via RAT at the same time as you download or your ISP’s logs will show you “did not” use RAT. Why do I tell you this? I’m a big supporter of “Fairuse”. I’m sick of DRM that restrict what I can do with stuff I have bought. I’m sick of rootkits from vendors such as Sony. I’m sick of being told what I can do with MY stuff or not….
Have a look at:
http://en.wikipedia.org/wiki/Tor_(anonymity_network)
http://tor.eff.org/
5 references to this post
Pages: « 1 2 [3] 4 5 6 » Show All
Responses are closed
All remaining responses will continue to be archived. Thanks to all who made serious comments.