RE: DMCA letters (testing method)

["Lauro, John" <jlauro () umflint edu>]

Not to defend the RIAA, but remember that with peer-2-peer filesharing
you don't have to connect to the machine you want to download the
files from.  You are both connected to a database, and the database
can instruct the person with the file what machine to send it to.
Otherwise no one behind a NAT would be able to "share" their files...

So, you have to not only look at connection attempts to the IP
mentioned, but also connection attempts *FROM* the IP mentioned.
Peer-2-peer is not limitted to pulling, but can also push.
 

> -----Original Message-----
> From: full-disclosure-bounces () lists grok org uk 
> [mailto:full-disclosure-bounces () lists grok org uk] On Behalf 
> Of Harry Hoffman
> Sent: Wednesday, November 23, 2005 6:39 PM
> To: full-disclosure () lists grok org uk
> Subject: Re: [Full-disclosure] DMCA letters (testing method)
>
> We have this problem quite frequently. Get a DMCA notice... 
> start doing lookups for the violator only to find out that 
> there is no flow data for the IP and time period.
>
> Sometimes we will receive a letter a few days later to the 
> effect "Sorry, we made a mistake. The IP we wrote you about 
> doesn't seem to be sharing".
>
> Perhaps someone is actually checking, just not doing a very 
> good job of it?
>
> --Harry
>
> Michael Holstein wrote:
> > I'm not sure who is doing the data collection for the RIAA 
> these days, 
> > but after getting several DMCA notices in the last few days, I've 
> > noticed that there is never any connection attempts to the IP 
> > mentioned, during the time mentioned (and yes, I know how to do
the 
> > math on timezones).
> >
> > So I conclude the data collection process goes like this :
> >
> > 1) download something and listen to it.
> > 2) retrieve the hash value for the file
> > 3) search directory nodes for who offeres that hash
> > 4) collect the IP addresses
> > 5) provide list to monkeys in room with typewriters.
> >
> > So they never really *check* to see if the person accused is
really 
> > hosting file, they just trust what the directory server told them.
> >
> > This of course begs the question :
> >
> > How can they ask me to take down something they aren't sure 
> is there?
> > (nevermind that we're a 'provider' under the DMCA and ignore the 
> > requests unless it's on something we own rather than 
> provide transit 
> > to
> > -- since it's always residence hall IPs).
> >
> > When they actually go the distance and sue somebody, do 
> they at least 
> > check then?
> >
> > Cheers,
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/