backtop

Print E-mail del.icio.us 46 comment(s) - last by JimmyC.. on Jun 7 at 1:33 AM
Anti-piracy firm attributes Memorial Day DoS attack to an automatic misfire by its servers

MediaDefender CEO Randy Saaf, speaking in an interview with Wired’s Threat Level, explained his side of the story behind a Memorial Day weekend Denial-of-Service attack against legitimate TV site Revision3.

According to Saaf, MediaDefender wasn’t even aware that Revision3’s tracker saw legitimate use. BitTorrent site Fenopy.com used Revision3’s internal tracker – unintentionally left open to the world due to a security oversight – to distribute some 296,000 downloads consisting “most of unauthorized copyrighted movies.”

“Our systems were targeting a tracker not even knowing it was Revision3's tracker,” said Saaf. “They were using the tracker as the tracker for their legitimate content. It had been open for years.”

MediaDefender attributed the DoS attack to an automatic response to Revision3’s closing the hole that allowed outside use of its tracker.

“We saw an open BitTorrent tracker with a lot of pirated content on it. We had been posting fake files to their tracker. Over Memorial Day weekend, Revision3 changed some configurations,” said Saaf.

Louderback recalls similar circumstances; once the tracker’s configuration was fixed, “MediaDefender went into overdrive and started pummeling us.”

MediaDefender commands over 2,000 servers, backed up by 9 GB/sec of dedicated bandwidth.

“If a tracker was previously open and suddenly shut, their systems are automatically configured to put them out of business,” said Louderback.

The 296,000 downloads that MediaDefender observed is a number that appears far larger than figured implied by Revision3; Louderback, writing in a company blog post that announced the attack, acknowledged “some unauthorized use,” but said that it regularly took steps to “de-authorize” uploaded torrents that pointed to non-Revision3 content.

Regardless of the actual numbers, Louderback announced on the June 2 episode of the podcast TWiT that Revision3 would not be pursuing MediaDefender in court after all, cancelling previous threats of legal action. It appears that investigators for the FBI are still looking into the attack, despite bureau acknowledgements that DoS attacks existed in a “gray” area of U.S. computer security law.

MediaDefender promised to adjust its policies for the future, “We’ve added a policy that will investigate open public trackers to see if they are associated with other companies,” said MediaDefender executive Ben Grodsky. “[We will] first will make a communication that says, ‘hey are you aware of this?’”

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Ah, right, so that's ok then.
By MrPoletski on 6/4/2008 8:36:41 AM , Rating: 5
So not only are they a bunch of asshats, they are a bunch of retarded asshats to boot.

Wonderful.

What they are doing should be illegal. If it's not, then how come hackers DOS'ing microsoft etc IS illegal?




By MrPoletski on 6/4/2008 9:19:31 AM , Rating: 5
nothing more annoying than an ASSTARDâ„¢


RE: Ah, right, so that's ok then.
By Locutus465 on 6/4/2008 9:33:53 AM , Rating: 5
As far as I'm concerned what was done should be illegal regardless of whether the target was ligitimate or not... In the real world I don't have the right to wake up one morning and bludgen someone that I *beleive* to be a criminal for no reason at all, the same should apply in the cyber world. Leave law enforcement to law enforcement officials.


RE: Ah, right, so that's ok then.
By imperator3733 on 6/4/2008 10:20:56 AM , Rating: 4
DOS attacks are federal offenses, and should be prosecuted no matter what the target. I believe that Louderback did say that if the FBI asks if they want to press charges they will, but they might not do it otherwise. I haven't listened to the released version of TWiT (I watched that part live), so what I'm talking about might have been after the show ended (they keep talking after the "official" end).

MediaDefender needs to be stopped.

By the way, the correct capitalization is TWiT , not Twit, since it stands for "this WEEK in TECH".


By winterspan on 6/4/2008 11:41:38 PM , Rating: 4
Yea, what is this bullshit about the FBI saying DOS attacks "exist in a grey area"???
Let me tell you, If I purchased an entire data center and launched a massive SYN attack against Amazon.com, I CAN GUARANTEE THE FBI WOULDN'T SEE THAT AS A "GREY AREA"!!

This *obviously* falls under the Computer Fraud and Abuse Act, and these scumbags should be prosecuted to the fullest extent of the law. It doesn't even matter whether the tracker was legitimate or not. It's the same as saying that assaulting people is ok if they are assumed to be criminals...

Unfortunately, the stupid police/FBI are probably 10 years behind in understand technology, so can't even see a crime.


RE: Ah, right, so that's ok then.
By Polynikes on 6/4/2008 11:28:20 AM , Rating: 3
Good analogy, I completely agree. They have no right to do this.


RE: Ah, right, so that's ok then.
By gmw1082 on 6/4/2008 2:44:15 PM , Rating: 5
Agreed, It goes right up there with "Your honor, I didn't know she was under 18..."


RE: Ah, right, so that's ok then.
By phattyboombatty on 6/4/2008 9:41:20 AM , Rating: 1
quote:
If it's not, then how come hackers DOS'ing microsoft etc IS illegal?


Generally, those types of hacker attacks involve hijacking thousands of computers to carry out the DOS attack. MediaDefender owns an army of servers to carry out the DOS attack, so it doesn't have to hijack anybody else's computer.


RE: Ah, right, so that's ok then.
By Icelight on 6/4/2008 11:08:41 AM , Rating: 2
quote:
MediaDefender owns an army of servers to carry out the DOS attack, so it doesn't have to hijack anybody else's computer.


Neat! So as long as I purchase my own set of servers I can go wild and DoS sites I don't like all day long!

I'd like to know why the *hell* they aren't pursuing legal action...if it is the cost that is a concern, okay, that's legitimate...but if they're "trying to be the better person" because MediaDefender fessed up I have to ask "why?" MediaDefender isn't going to stop doing this jsut because you don't pursue legal action, you know.


RE: Ah, right, so that's ok then.
By kkwst2 on 6/4/2008 12:05:26 PM , Rating: 2
Well, reading between the lines, I'm guessing that MediaAggressor implied they might counter with allegations that Revision3 was hosting infringing torrents.

Whether they knew about it or not, it could be a sticky situation if brought to court. The potential exposure to an expensive lawsuit is enough to scare most small businesses away.


RE: Ah, right, so that's ok then.
By imperator3733 on 6/4/2008 12:56:13 PM , Rating: 2
Well, once Revision3 learned that their tracker was opened (from someone on their forum), they closed it right away. Louderback said that having the tracker was dumb and possibly negligent, but open trackers are not illegal. Also, from the description on TWiT, they weren't holding the torrent files, the tracker was just saying where they were.


RE: Ah, right, so that's ok then.
By Anosh on 6/4/2008 1:51:42 PM , Rating: 2
quote:
Also, from the description on TWiT, they weren't holding the torrent files, the tracker was just saying where they were.


That's usually the case and yet TBG is being prosecuted for doing just that (helping to commit copyright infringement).
TBG is in Sweden and is being prosecuted in Sweden but I'm sure it's worse in US.


RE: Ah, right, so that's ok then.
By Anosh on 6/4/2008 1:51:43 PM , Rating: 2
quote:
Also, from the description on TWiT, they weren't holding the torrent files, the tracker was just saying where they were.


That's usually the case and yet TBG is being prosecuted for doing just that (helping to commit copyright infringement).
TBG is in Sweden and is being prosecuted in Sweden but I'm sure it's worse in US.


By djkrypplephite on 6/5/2008 7:45:34 AM , Rating: 2
Because the RIAA and the MPAA own the government.


DoS - Grey Area.
By choadenstein on 6/4/2008 9:10:44 AM , Rating: 5
I think the funniest thing about this is MediaDefender's openness about the attack. Eventhough the FBI is mentioned in this article as saying that DoS attacks are a grey area of the law, MediaDefender's cavalier comments are still absurd.

Ever heard two wrongs don't make a right? If I stole your dvd collection, you don't get to come over to my house and destroy my TV, you don't get to punch me in the face... You get to sue me, that's it. You redress wrongs done against you in the courts, not through vigilantism.

This is a perfect example of WHY we have this system of redressing wrongs too. A public entity or citizen does not get to play judge and jury on who or what is lawful. MediaDefender can't just say, oh, it was our computer system that spotted something illegal and went after it... Not our fault...

It IS still your fault, it's analogous to saying, oh I have this guard dog who is trained to attack trespassers and he attacked the mailman who had a lawful purpose on our property... Not my fault. Wrong, it IS your fault.

I find it extremely humorous that these guys have been allowed to do what they do for so long as it is. They're like a digital Gestapo. Whatever your side is about the use of p2p, torrents, etc... It doesn't factor into this. This isn't about the legitamacy of p2p systems, this is about public entities acting as if they have the authority to prosecute crimes.

what MediaDefender is doing is playing vigilante for corporate intellectual property holders.




RE: DoS - Grey Area.
By Squuiid on 6/4/2008 10:17:47 AM , Rating: 5
Excellent post. I couldn't agree with you more.


RE: DoS - Grey Area.
By emboss on 6/4/08, Rating: -1
RE: DoS - Grey Area.
By LyCannon on 6/4/2008 11:36:27 AM , Rating: 5
This is exactly what happens when there are special interest groups in DC making sure our lawmakers don't make it illegal for a company to do something like this. DOS attacks are illegal. If a normal person where to do a DOS attack against the government with his own systems, you bet your ass he'd be in jail. But if a RIAA sponsored company does it, then it's fair game....just keep those campaign donations coming...


RE: DoS - Grey Area.
By PandaBear on 6/4/2008 12:35:22 PM , Rating: 5
Exactly. The media companies' lobbist told the federal government to delay the investigation, and tie terrorism charges to piracy (Terrorism funded by pirate software/movies, WTF is that argument about?)

Our government is corrupted.


RE: DoS - Grey Area.
By Scabies on 6/4/2008 12:31:32 PM , Rating: 4
quote:
It IS still your fault, it's analogous to saying, oh I have this guard dog who is trained to attack trespassers and he attacked the mailman who had a lawful purpose on our property... Not my fault. Wrong, it IS your fault.

Exactly. They cant call "whoopsies" and "my bad" when someone configured their bots to perform as we have seen in the R3 incident.