Educause Security Discussion mailing list archives
HBO and DMCA, and peer2peer directory mining
From: James Moore <jhmiso () RIT EDU>
Date: Mon, 30 Apr 2007 15:57:12 -0400
This brings up an interesting policy (for our student judicial proceeding) and law issue (in terms of response), which is why I also included the Educause ICPL group. If what HBO (and ???) is reading is directory information from peer to peer services, then what validity does that have to legal complaints. Isn't this like hearsay (if not, please explain the differences -- HBO doesn't have direct knowledge, do they)? (Note: I am not an attorney, just a security professional interested in stating responses accurately). Has anyone analyzed the directory protocols of peer to peer file sharing for elements of non-repudiation. And from our campus judicial system perspective, we operate on the basis of preponderance of evidence. Is this something that with a lack of non-repudiation, and issues with currency of data, that we have preponderance of evidence? Jim -----Original Message----- From: Lovaas,Steven [mailto:Steven.Lovaas () COLOSTATE EDU] Sent: Monday, April 30, 2007 2:28 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] HOB and DMCA We've had a lot of these, and we think we've figure out what's going on: HBO's notice is based on detecting a particular address' presence in a cache - basically, a server publishes a list of addresses that will provide the desired content. When HBO sees their content on one of those lists, they grab all the addresses in the list. But the problem is, this is not a live list - it lives on the server for a certain length of time until an inactive address times out. On our wired network, where addresses tend to be re-used by the same device over a long period of time, an HBO complaint based on this tactic usually captures something real. But when it's a wireless address (in our case, through our VPN), we cycle through the address pool fairly quickly. So by the time we get the complaint, a simple time stamp for when HBO saw the cache list no longer gives us enough information to track down the offender. So the problem is not that HBO is giving us bogus information; it's that they're not giving us ENOUGH information. They give us an address that has been used *at some point in the past defined by the caching time*, without giving an indication of when the address was ACTUALLY used. So we can't really find the culprit. And that's basically how we've been replying to them... Meanwhile, we're altering our policies to simply prevent bittorrent, etc. on our wireless/VPN. Legitimate users can use the wired network. Steve ============================================== Steven Lovaas, MSIA, CISSP Network Security Manager Academic Computing & Network Services Colorado State University 970-297-3707 Steven.Lovaas () ColoState EDU ============================================ -----Original Message----- From: Pace, Guy [mailto:gpace () CIS CTC EDU] Sent: Monday, April 30, 2007 12:13 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] HOB and DMCA We have had similar notices from HBO over the last month or so. Most have indicated activity more than 9 days and as long as 15 days old. My responses haven't bounced, but I did tell them that chances of finding anything of value from data that old was negligible. I have yet to see anything like a reply to email or returned phone call from any of the senders of these notices--not just from the HBO outfit. I wonder about the validity of these notices ... enough so that I'm tempted to recommend they be added to the spam filter. Guy L. Pace, CISSP Security Administrator Center for Information Services (CIS) 3101 Northup Way, Suite 100 Bellevue, WA 98004 425-803-9724 gpace () cis ctc edu -----Original Message----- From: Bob Bayn [mailto:Bob.Bayn () USU EDU] Sent: Monday, April 30, 2007 10:49 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] HOB and DMCA
----- Original Message ----- From: Dick Jacobson <Dick.Jacobson () NDSU NODAK EDU> There is apparently discussion on the REN-ISAC list about invlaid DMCA
notices from HBO.
I just reviewed our DMCA complaints. We haven't been bothered by HBO much at all, but just got a complaint recently. It was sent 10 days after the alleged infringement and implicated our proxy server for which we don't keep logs that long. The delivery headers of the complaint didn't look suspicious, and my reply didn't bounce. Bob Utah State University
Current thread:
- HBO and DMCA, and peer2peer directory mining James Moore (Apr 30)
- <Possible follow-ups>
- Re: HBO and DMCA, and peer2peer directory mining Lovaas,Steven (Apr 30)