Full Disclosure mailing list archives
RE: DMCA letters (testing method)
From: "Lauro, John" <jlauro () umflint edu>
Date: Wed, 23 Nov 2005 18:59:26 -0500
Not to defend the RIAA, but remember that with peer-2-peer filesharing you don't have to connect to the machine you want to download the files from. You are both connected to a database, and the database can instruct the person with the file what machine to send it to. Otherwise no one behind a NAT would be able to "share" their files... So, you have to not only look at connection attempts to the IP mentioned, but also connection attempts *FROM* the IP mentioned. Peer-2-peer is not limitted to pulling, but can also push.
-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Harry Hoffman Sent: Wednesday, November 23, 2005 6:39 PM To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] DMCA letters (testing method) We have this problem quite frequently. Get a DMCA notice... start doing lookups for the violator only to find out that there is no flow data for the IP and time period. Sometimes we will receive a letter a few days later to the effect "Sorry, we made a mistake. The IP we wrote you about doesn't seem to be sharing". Perhaps someone is actually checking, just not doing a very good job of it? --Harry Michael Holstein wrote:I'm not sure who is doing the data collection for the RIAAthese days,but after getting several DMCA notices in the last few days, I've noticed that there is never any connection attempts to the IP mentioned, during the time mentioned (and yes, I know how to do
the
math on timezones). So I conclude the data collection process goes like this : 1) download something and listen to it. 2) retrieve the hash value for the file 3) search directory nodes for who offeres that hash 4) collect the IP addresses 5) provide list to monkeys in room with typewriters. So they never really *check* to see if the person accused is
really
hosting file, they just trust what the directory server told them. This of course begs the question : How can they ask me to take down something they aren't sureis there?(nevermind that we're a 'provider' under the DMCA and ignore the requests unless it's on something we own rather thanprovide transitto -- since it's always residence hall IPs). When they actually go the distance and sue somebody, dothey at leastcheck then? Cheers,_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- DMCA letters (testing method) Michael Holstein (Nov 23)
- Re: DMCA letters (testing method) Harry Hoffman (Nov 23)
- <Possible follow-ups>
- RE: DMCA letters (testing method) Lauro, John (Nov 24)
- Re: DMCA letters (testing method) Michel Zobel (Nov 24)
- RE: DMCA letters (testing method) Jeroen van Meeuwen (Nov 24)