[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-disclosure] DMCA letters (testing method)

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: RE: [Full-disclosure] DMCA letters (testing method)
From: "Lauro, John" <jlauro@xxxxxxxxxxx>
Date: Wed, 23 Nov 2005 18:59:26 -0500

Not to defend the RIAA, but remember that with peer-2-peer filesharing
you don't have to connect to the machine you want to download the
files from.  You are both connected to a database, and the database
can instruct the person with the file what machine to send it to.
Otherwise no one behind a NAT would be able to "share" their files...

So, you have to not only look at connection attempts to the IP
mentioned, but also connection attempts *FROM* the IP mentioned.
Peer-2-peer is not limitted to pulling, but can also push.
 

> -----Original Message-----
> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx 
> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf 
> Of Harry Hoffman
> Sent: Wednesday, November 23, 2005 6:39 PM
> To: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: Re: [Full-disclosure] DMCA letters (testing method)
> 
> We have this problem quite frequently. Get a DMCA notice... 
> start doing lookups for the violator only to find out that 
> there is no flow data for the IP and time period.
> 
> Sometimes we will receive a letter a few days later to the 
> effect "Sorry, we made a mistake. The IP we wrote you about 
> doesn't seem to be sharing".
> 
> Perhaps someone is actually checking, just not doing a very 
> good job of it?
> 
> --Harry
> 
> Michael Holstein wrote:
> > I'm not sure who is doing the data collection for the RIAA 
> these days, 
> > but after getting several DMCA notices in the last few days, I've 
> > noticed that there is never any connection attempts to the IP 
> > mentioned, during the time mentioned (and yes, I know how to do
the 
> > math on timezones).
> > 
> > So I conclude the data collection process goes like this :
> > 
> > 1) download something and listen to it.
> > 2) retrieve the hash value for the file
> > 3) search directory nodes for who offeres that hash
> > 4) collect the IP addresses
> > 5) provide list to monkeys in room with typewriters.
> > 
> > So they never really *check* to see if the person accused is
really 
> > hosting file, they just trust what the directory server told them.
> > 
> > This of course begs the question :
> > 
> > How can they ask me to take down something they aren't sure 
> is there?
> > 
> > (nevermind that we're a 'provider' under the DMCA and ignore the 
> > requests unless it's on something we own rather than 
> provide transit 
> > to
> > -- since it's always residence hall IPs).
> > 
> > When they actually go the distance and sue somebody, do 
> they at least 
> > check then?
> > 
> > Cheers,
> > 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] DMCA letters (testing method)
  - From: Michel Zobel
- RE: [Full-disclosure] DMCA letters (testing method)
  - From: Jeroen van Meeuwen

Prev by Date: Re: [Full-disclosure] VHCS 2.x HTTP Error Cross Site Scripting
Next by Date: Re: [Full-disclosure] Return of the Phrack High Council
Previous by thread: Re: [Full-disclosure] DMCA letters (testing method)
Next by thread: Re: [Full-disclosure] DMCA letters (testing method)
Index(es):
- Date
- Thread