×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

MediaDefender's BitTorrent-Based DOS Takes Down Revision3

timothy posted more than 5 years ago | from the well-that's-certainly-reasonable dept.

Media 426

Sandman1971 writes "Over the long Memorial Day weekend, Revision3 was the target of a malicious Denial Of Service Attack which brought R3 to its knees. After investigating the matter, it was discovered that the source of the attacks came from MediaDefender, the famed company hired by the MPAA and RIAA to try and stop the spread of illegal file sharing. The kicker? Revision3 was taken down for running a bittorent tracker to distribute its own legal content."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

426 comments

Criminal investigation? (5, Interesting)

mrbah (844007) | more than 5 years ago | (#23592117)

Looks to me like MediaDefender is in clear violation of at least two subsections of 18 USC 1030 [cornell.edu]. Where is the federal criminal investigation?

Re:Criminal investigation? (5, Insightful)

SpooForBrains (771537) | more than 5 years ago | (#23592171)

Exactly. If a normal member of the public did something like this, they'd be facing jail time.

May I be the first to say (1, Funny)

Anonymous Coward | more than 5 years ago | (#23592207)

Ha ha

Re:Criminal investigation? (5, Insightful)

HalAtWork (926717) | more than 5 years ago | (#23592213)

Corporations aren't normal members of the public. Except they're treated as such in court. So that the people who run them don't get treated like normal members of the public.

Re:Criminal investigation? (5, Funny)

jd (1658) | more than 5 years ago | (#23592347)

Your argument contains one common fallacy. Corporate executives aren't even remotely normal.

Re:Criminal investigation? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#23592537)

It still involves disruption of service and hefty fines can be pursued for loss of income within any given period when the site is down especially for malicious purposes.

Re:Criminal investigation? (5, Informative)

Em Adespoton (792954) | more than 5 years ago | (#23592217)

I take it you didn't RTFA; the FBI is currently investigating the issue with R3's assistance.

slashdotted (1)

Ungrounded Lightning (62228) | more than 5 years ago | (#23592253)

Can't RTFA. They're slashdotted.

(Mirrordot seems to have died and the wayback machine doesn't have it.)

Re:slashdotted (3, Funny)

Anonymous Coward | more than 5 years ago | (#23592349)

Can't RTFA. They're slashdotted.

Where is the federal criminal investigation?

Here's the blog post (5, Informative)

eddan (903540) | more than 5 years ago | (#23592613)

I was able to grab the blog post:

As many of you know, Revision3's servers were brought down over the Memorial Day weekend by a denial of service attack. It's an all too common occurrence these days. But this one wasn't your normal cybercrime - there's a chilling twist at the end. Here's what happened, and why we're even more concerned today, after it's over, than we were on Saturday when it started.

It all started with just a simple "hi". Now "hi" can be the sweetest word in the world, breathlessly whispered into your ear by a long-lost lover, or squealed out by your bouncy toddler at the end of the day. But taken to excess - like by a cranky 3-year old-it gets downright annoying. Now imagine a room full of hyperactive toddlers, hot off of a three hour Juicy-Juice bender, incessantly shrieking "hi" over and over again, and you begin to understand what our poor servers went through this past weekend.

On the internet, computers say hi with a special type of packet, called "SYN". A conversation between devices typically requires just one short SYN packet exchange, before moving on to larger messages containing real data. And most of the traffic cops on the internet - routers, firewalls and load balancers - are designed to mostly handle those larger messages. So a flood of SYN packets, just like a room full of hyperactive screaming toddlers, can cause all sorts of problems.

For adults, it's typically an inability to cope, followed either by quickly fleeing the room, or orchestrating a massive Teletubbies intervention. Since they lack both legs and a ready supply of plushies, internet devices usually just shut down.

That's what happened to us. Another device on the internet flooded one of our servers with an overdose of SYN packets, and it shut down - bringing the rest of Revision3 with it. In webspeak it's called a Denial of Service attack - aka DoS - and it happens when one machine overwhelms another with too many packets, or messages, too quickly. The receiving machine attempts to deal with all that traffic, but in the end just gives up. (Note the photo of our server equipment responding to the DoS Attack)

In its coverage Tuesday CNet asked the question, "Now who would want to attack Revision3?" Who indeed? So we set out to find out. Internet attacks leave lots of evidence. In this case it was pretty easy to see exactly what our shadowy attacker was so upset about. It turns out that those zillions of SYN packets were addressed to one particular port, or doorway, on one of our web servers: 20000. Interestingly enough, that's the port we use for our Bittorrent tracking server. It seems that someone was trying to destroy our bittorrent distribution network.

Let me take a step back and describe how Revision3 uses Bittorrent, aka BT. The BT protocol is a peer to peer scheme for sharing large files like music, programs and video. By harnessing the peer power of many computers, we can easily and cheaply distribute our huge HD-quality video shows for a lot less money. To get started, the person sharing that large file first creates a small file called a "torrent", which contains metadata, along with which server will act as the conductor, coordinating the sharing. That server is called the tracking server, or "tracker". You can read much more about Bittorrent at Wikipedia, if you really want to understand how it works.

Revision3 runs a tracker expressly designed to coordinate the sharing and downloading of our shows. It's a completely legitimate business practice, similar to how ESPN puts out a guide that tells viewers how to tune into its network on DirecTV, Dish, Comcast and Time Warner, or a mall might publish a map of its stores.

But someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?

Along with where it's bound, every internet packet has a return address. Often, particularly in cases like this, it's forged - or spoofed. But interestingly enough, whoever was sending these SYN packets wasn't shy. Far from it: it's as if they wanted us to know who they were.

A bit of address translation, and we'd discovered our nemesis. But instead of some shadowy underground criminal syndicate, the packets were coming from right in our home state of California. In fact, we traced the vast majority of those packets to a public company called Artistdirect (ARTD.OB). Once we were able to get their internet provider on the line, they verified that yes, indeed, that internet address belonged to a subsidiary of Artist Direct, called MediaDefender.

Now why would MediaDefender be trying to put Revision3 out of business? Heck, we're one of the biggest defenders of media around. So I stopped by their website and found that MediaDefender provides "anti-piracy solutions in the emerging Internet-Piracy-Prevention industry." The company aims to "stop the spread of illegally traded copyrighted material over the internet and peer-to-peer networks." Hmm. We use the internet and peer-to-peer networks to accelerate the spread of legally traded materials that we own. That's sort of directly opposite to what Media Defender is supposed to be doing.

Who pays MediaDefender to disrupt peer to peer networks? I don't know who's ponying up today, but in the past their clients have included Sony, Universal Music, and the central industry groups for both music and movies - the RIAA and MPAA. According to an article by Ars Technica, the company uses "its array of 2,000 servers and a 9GBps dedicated connection to propagate fake files and launch denial of service attacks against distributors." Another Ars Technica story claims that MediaDefender used a similar denial of service attack to bring down a group critical of its actions.

Hmm. Now this could have been just a huge misunderstanding. Someone could have incorrectly configured a server on Friday, and left it to flood us mercilessly with SYN packets over the long Memorial Day weekend. If so, luckily it was pointed at us, and not, say, at the intensive care unit at Northwest Hospital and Medical Center But Occam's razor leads to an entirely different conclusion.

So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, Vice President of Operations at Media Defender.

First, they willingly admitted to abusing Revision3's network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only - to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.

Second, and here's where the chain of events come into focus, although not the motive. We'd noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender's servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of "Hi"s brought down our network.

Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second.

"Media Defender did not do anything specific, targeted at Revision3â, claims Grodsky. "We didn't do anything to increase the traffic" - beyond what they'd normally be sending us due to the fact that Revision3 was hosting thousands of MediaDefender torrents improperly injected into our corporate server. His claim: that once we turned off MediaDefender's back-door access to the server, "traffic piled up (to Revision3 from MediaDefender servers because) it didn't get any acknowledgment back."

Putting aside the company's outrageous use of our servers for their own profit, and the large difference between one connection every three hours and 8,000 packets a second, I'm still left to wonder why they didn't just tell us our basement window was unlocked. A quick call or email and we'd have locked it up tighter than a drum.

It's as if McGruff the Crime Dog snuck into our basement, enlisted an army of cellar rats to eat up all of our cheese, and then burned the house down when we finally locked him out - instead of just knocking on the front door to tell us the window was open.

In the end, here's what I know:

* A torrential flood of SYN packets rained down on Revision3's network over Memorial Day weekend.

* Those packets - up to 8,000 a second - came primarily from computers controlled by MediaDefender, who is in the business of shutting down illegal torrent sites.

* Revision3 suffered measurable harm to its business due to that flood of packets, as the attacks on our legitimate and legal Torrent Tracking server spilled over into our entire internet infrastructure. Thus we were unable to serve videos and advertising through much of the weekend, and into Tuesday - and even our internal email servers were brought down.

* Denial of service attacks are illegal in the US under 12 different statutes, including the Economic Espionage Act and the Computer Fraud and Abuse Act.

Although I can only guess, here's what I think really happened. Media Defender was abusing one of Revision3's servers for their own purposes - quite without our approval. When we closed off their backdoor access, MediaDefender's servers freaked out, and went into attack mode - much like how a petulant toddler will throw an epic tantrum if you take away an ill-gotten Oreo.

That tantrum threw upwards of 8,000 SYN packets a second at our servers. And that was enough to bring down both our public facing site, our RSS server, and even our internal corporate email - basically the entire Revision3 business. Smashing the cookie jar, as it were, so that no one else could have any Oreos either.

Was it malicious? Intentional? Negligent? Spoofed? I can't say. But what I do know is that the FBI is looking into the matter - and it's far more serious than toddlers squabbling over broken toys and lost cookies.

MediaDefender claims that they have taken steps to ensure this won't happen again. "We've added a policy that will investigate open public trackers to see if they are associated with other companies", promised Grodsky, "and first will make a communication that says, hey are you aware of this."

In the end, I don't think Media Defender deliberately targeted Revision3 specifically. However, the company has a history of using their servers to, as Ars Technica said, "launch denial of service attacks against distributors." They saw us as a "distributor" - even though we were using Bittorrent for legitimate reasons. Once we shut them out, their vast network of servers were automatically programmed to implement a scorched earth policy, and shut us down in turn. The long Memorial Day weekend holiday made it impossible for us to contact either Media Defender or their ISP, which only exacerbated the problem.

All I want, for Revision3, is to get our weekend back - both the countless hours spent by our heroic tech staff attempting to unravel the mess, and the revenue, traffic and entertainment that we didn't deliver.

If it can happen to Revision3, it could happen to your business too. We're simply in the business of delivering entertainment and information - that's not life or death stuff. But what if MediaDefender discovers a tracker inside a hospital, fire department or 911 center? If it happened to us, it could happen to them too. In my opinion, Media Defender practices risky business, and needs to overhaul how it operates. Because in this country, as far as I know, we're still innocent until proven guilty - not drawn, quartered and executed simply because someone thinks you're an outlaw.

- Jim Louderback CEO - Revision3

Re:Criminal investigation? (2, Insightful)

jd (1658) | more than 5 years ago | (#23592317)

And what's the betting the FBI's interest is more in obtaining a copy of the DDoS attack software, rather than prosecuting? They have to sniff around, for the image of the thing, but savage levels of corporate brutality are widespread and Government-led prosecutions are not.

Re:Criminal investigation? (5, Interesting)

Penguinisto (415985) | more than 5 years ago | (#23592351)

Hella nice! (TFA is 404'd here too).


So... how long until we see MediaDefender's board get perp-walked? (too much to hope for seeing the RIAA board getting arrested, but hey...)


*sigh*... I know, I know. MediaDefender will likely claim that some poor (scapegoated) bastard employee of theirs did it without authorization, yadda yadda... then said poor bastard will get to watch in horror as his entire life goes down the toilet.


Then again, if it does go down like that, it would stand as a prime example of how one should always give priority to personal ethics before accepting a job offer...

/P

Re:Criminal investigation? (5, Insightful)

scubamage (727538) | more than 5 years ago | (#23592437)

Yup, just like every single contractor on the second death star - every mediadefender employee knows what they're doing. F*ck 'em.

Re:Criminal investigation? (2, Insightful)

Hatta (162192) | more than 5 years ago | (#23592757)

Agreed. "I was only doing my job" is never an excuse for immoral behavior. Cops who arrest pot smokers should be aware of this.

I can't RTFA (0)

Anonymous Coward | more than 5 years ago | (#23592597)

Not because it's Slashdotted, but because I'm 99% sure it'll get blocked by "Smart" Filter... :/

Re:Criminal investigation? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#23592299)

Not so fast, there. How do we know that the Revision3 content was legal? Because they (Revision3) say it was? I don't buy it. MediaDefender isn't stupid; they found illegal content and shut it down. The reason there will not be any investigation is because Revision3 cannot allow an investigation to occur, lest they be found guilty of hosting illegal torrents.

So expect Revision3 to waver on this, then they'll put out some strongly worded "you're lucky we're not pursuing this" press statements, and slink away to their corner. Much like Barry Bonds saying he would sue Jose Conseco...the accuser cannot withstand the scrutiny.

Re:Criminal investigation? (5, Informative)

Bourbonium (454366) | more than 5 years ago | (#23592371)

Again, please RTFA Coward. The torrents on Revision3's servers were their own content, but one R3 member found a torrent named something like RAMBO_axxo on their tracker on May 25 and reported it to the admins. They immediately took it down and then found the backdoor that MediaDefender had been using to post fake torrent hashes on their servers. Once the backdoor was closed, MediaDefender's servers began the DOS attack as an automatic response. Louderback says that the FBI is already investigating. I expect the EFF will get involved as well as this story develops.

Re:Criminal investigation? (5, Insightful)

zantolak (701554) | more than 5 years ago | (#23592381)

How do we know that the Revision3 content was legal? Because they (Revision3) say it was? I don't buy it. MediaDefender isn't stupid; they found illegal content and shut it down. The reason there will not be any investigation is because Revision3 cannot allow an investigation to occur, lest they be found guilty of hosting illegal torrents.
Here in the US we have one little legal principle known as "innocent until proven guilty". Perhaps you've heard of it, perhaps not. Essentially, it's what keeps the justice system from being a Jump to Conclusions mat.

Re:Criminal investigation? (5, Insightful)

scubamage (727538) | more than 5 years ago | (#23592403)

Exactly. I highly doubt R3 would have contacted the FBI if they were hosting illegal content. They use bittorrent as a method of distrobution for legal content.

Re:Criminal investigation? (5, Insightful)

Tubal-Cain (1289912) | more than 5 years ago | (#23592457)

Here in the US we have one little legal principle known as "innocent until proven guilty".
You must be new here

Re:Criminal investigation? (5, Insightful)

jesdynf (42915) | more than 5 years ago | (#23592497)

You argued the lesser point with the troll and missed the greater one.

Why does the legality of Revision3's hosted content matter?

Is MediaDefender an agent of the federal government, granted extra-legal powers by Congress to commit these otherwise-illegal acts? Are they chartered by a state government? Has their operation been nationalized by the military, or perhaps they possess a letter of marque and reprisal?

No?

Re:Criminal investigation? (1)

mrbluze (1034940) | more than 5 years ago | (#23592557)

You argued the lesser point with the troll and missed the greater one.
This is slashdot. You must be new here too!

Re:Criminal investigation? (5, Funny)

Applekid (993327) | more than 5 years ago | (#23592619)

Why does the legality of Revision3's hosted content matter?
Your ideas intrigue me and I would like to subscribe to your newsletter.

Re:Criminal investigation? (0, Flamebait)

jamstar7 (694492) | more than 5 years ago | (#23592623)

Here in the US we have one little legal principle known as "innocent until proven guilty".

... which has been completely ignored by just about everybody in law enforcement and the courts system recently.

Re:Criminal investigation? (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#23592447)

Why is this modded troll?

Revision3 is an "internet TV" site. Or, in other words, a site were people upload copyrighted material with five seconds of commentary or something and claim "fair use" despite the blatant copying.

Sure, the FBI is going to investigate this for the five seconds it's worth before filing criminal charges against Revision3 for criminal copyright infringement.

There's a reason they were targeted.

Re:Criminal investigation? (2, Funny)

mrbluze (1034940) | more than 5 years ago | (#23592591)

Revision3 is an "internet TV" site. Or, in other words, a site were people upload copyrighted material with five seconds of commentary or something and claim "fair use" despite the blatant copying.
Damn, why doesn't someone tell us about these sites before they are taken down so at least we get a chance to see all the content!

Re:Criminal investigation? (4, Funny)

beef curtains (792692) | more than 5 years ago | (#23592607)

I salute for having the courage to voice your opposing viewpoint in the face of such adversity, O anonymous Totally-Not-A-MediaSentry-Employee contributer.

So tell me, how did you set up this DOS?

Did I say "you"? I meant to say "they", of course. Apologies.

Re:Criminal investigation? (1, Interesting)

Anonymous Coward | more than 5 years ago | (#23592673)

So the ends justify the means? It's perfectly fine for any organization to side-step the justice system and act of their own accord should they feel slighted?

Thank god you don't run the show around here.

Re:Criminal investigation? (5, Insightful)

Fastolfe (1470) | more than 5 years ago | (#23592463)

1. Copyright infringement isn't normally a crime. You're using the word "illegal" and "guilty" carelessly here.
2. Committing a crime to retaliate in response to another crime is still wrong, and committing a crime in retaliation for a mere civil infraction doubly so.

Re:Criminal investigation? (5, Interesting)

provigilman (1044114) | more than 5 years ago | (#23592505)

Even worse though, Media Defender allegedly committed a crime in response to a perfectly legal activity. The only thing on that torrent tracker, prior to Media Defender injecting all sorts of nastiness into it, was just their own videos and podcasts. Basically, it's no different than an RSS feed you'd get from some place like /., they just used BitTorrent to do it.

Re:Criminal investigation? (1)

DingerX (847589) | more than 5 years ago | (#23592583)

2. That's called "self-relief" and it's usually frowned upon in modern societies. Or can I just forego the writ and distrain someone of chattel on property he's already seised of?

Re:Criminal investigation? (5, Insightful)

s4m7 (519684) | more than 5 years ago | (#23592393)

This appears to fall under the definition of cyberterrorism under the same section, as proscribed by the USA PATRIOT ACT as well.

Re:Criminal investigation? (2, Insightful)

pha7boy (1242512) | more than 5 years ago | (#23592635)

R3 should sue the pants of them. Maybe EFF can provide some legal advice on the matter.

Re:Criminal investigation? (0, Troll)

DAldredge (2353) | more than 5 years ago | (#23592747)

I assume that you are also in favor of federal criminal investigations of those who are breaking the applicable federal copyright laws?

smells like... (-1, Redundant)

gEvil (beta) (945888) | more than 5 years ago | (#23592129)

I smell a lawsuit coming...

Re:smells like... (2, Insightful)

jd (1658) | more than 5 years ago | (#23592259)

One can hope, but I doubt it. Revision3 might see it as bad publicity, even though they're not the ones who did anything wrong, and they'd risk further massive DDoS attacks in retaliation if they did file a lawsuit. Cases take a long time to come to court, and all MediaDefender needs to do is destroy their solvency before that happens. Dead companies tell no tales.

Re:smells like... (5, Insightful)

argent (18001) | more than 5 years ago | (#23592431)

they'd risk further massive DDoS attacks in retaliation if they did file a lawsuit.

That would be the best thing that could happen. Judges have absolutely no sense of humor about people who pull shit like that.

Re:smells like... (5, Insightful)

RingDev (879105) | more than 5 years ago | (#23592453)

Sure, R3 may disolve before it can file a civil suit, but I imagine the US goverment will hold together long enough to bring criminal charges against MediaDefender.

DOS attacks are a felony. People go to jail for committing felonies.

R3 can sue, in addition to the criminal charges brought forward by the state, in order to recoup any damages sustained by the attack, but even if they don't, MD still has to face the federal government for breaking the law.

-Rick

Re:smells like... (5, Interesting)

scubamage (727538) | more than 5 years ago | (#23592473)

Not to mention any discovery in this matter can and WILL be used by states who are currently investigating mediadefender for performing investigations without proper licensing.

Re:smells like... (1)

Gordonjcp (186804) | more than 5 years ago | (#23592587)

they'd risk further massive DDoS attacks in retaliation

So presumably, if it's okay for MediaDefender to DDoS a company in "retaliation" for reporting them to the Feds, then it's okay for me to roll up outside MediaDefender's offices and tear it down with a backhoe, in retaliation?

Re:smells like... (1)

jd (1658) | more than 5 years ago | (#23592767)

Depends. If the backhoe has Microsoft stickers, you're probably ok. If the backhoe is the JCB GT sports model (120MPH+), you'll be gone before the press - err, police get there.

Re:smells like... (1)

ILuvRamen (1026668) | more than 5 years ago | (#23592365)

Remember, not just a lawsuit! DOS is ILLEGAL and they can sue for damages. So that means a criminal case and a civil lawsuit. I bet they'll lose both. You know just once I'd like to see any presidential candidate comment on news like this and say they're going to put and end to the complete bullshit the RIAA and MPAA are pulling.
Btw in other news, Slashot DDOSes revision3.com apparently.

Re:smells like... (5, Funny)

Penguinisto (415985) | more than 5 years ago | (#23592491)

Dear Revision3: Nuke them from orbit. It's the only way to be sure.


signed,

The Rest Of The Planet

...and in other news.... (2, Funny)

UncleTogie (1004853) | more than 5 years ago | (#23592131)

Revision3 taken down by curious Slashdotters, and the popcorn you're eating has been pissed in. Film at 11....

I'm afraid you're wrong. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#23592617)

that was just me shitting down your mouth. you are clearly mistaken.

Late Breaking News.... (4, Funny)

Izabael_DaJinn (1231856) | more than 5 years ago | (#23592133)

THEINTERNETS (Reuters)- Following the DOS attack which brought Revision3 to its knees, the site was once against the target of a DOS attack by the popular news site "Slashdot" as thousands of nerds flooded the site at once hoping to find fodder to use against their arch-nemeses the MPAA and the RIAA.

Re:Late Breaking News.... (1, Interesting)

Anonymous Coward | more than 5 years ago | (#23592637)

... This method is becoming increasingly common, and unlike DOS's from a single source, Db/. (Death by Slashdot) cannot be fought with conventional methods, as it is indistinguishable from normal traffic. So far, Db/. is usually fought by taking down the targeted webserver until the story leaves the front page.

Re:Late Breaking News.... (3, Insightful)

value_added (719364) | more than 5 years ago | (#23592645)

THEINTERNETS (Reuters)- ...

Brilliant! Dunno if this is original, but it certainly qualifies for meme status.

TO paraphrase world of warcraft (4, Insightful)

scubamage (727538) | more than 5 years ago | (#23592169)

OMGLAWYERSUESUESUE!
Seriously, I hope they get even more crucified because of this. Performing a DOS is a clear violation of law in all states, and since it crosses the borders, its a clear felony.

Re:TO paraphrase world of warcraft (4, Insightful)

Anonymous Coward | more than 5 years ago | (#23592571)

Seems to me MediaDefender also violated their ISP's Terms Of Service. Why then are they still on the net? when a normal user is accused of violating the TOS they are taken off-line. Why/how should MD be any different? Also, law enforcement should be raiding MD offices where the attacks came from to collect evidence (ie PCs and servers).

I am looking forward to hearing that MD is off-line and without a significant portion of their computing infrustructure.

That'll teach 'em (4, Funny)

Nerdposeur (910128) | more than 5 years ago | (#23592191)

Looks like they're also the target of a vicious Slashdotting. ;)

Re:That'll teach 'em (0)

Anonymous Coward | more than 5 years ago | (#23592413)

I like to download content from the web in triplicate for this very reason. As the load on the server increases, so do the chances of receiving incomplete or corrupt data. To that end, I have written a Grease Monkey script that automatically downloads the entire site I visit 3 times, and compares an MD5 and SHA512 hash of each copy to each other to verify data integrity. If 2 out of the 3 hashes match, the that copy is the one I see.

Everyone should practice good web-surfing habits. I would gladly share this script with you.

Re:That'll teach 'em (0)

Anonymous Coward | more than 5 years ago | (#23592751)

Post it then, or at least put it on greasemonkey and tell us where it is.

Re:That'll teach 'em (1)

Pinkfud (781828) | more than 5 years ago | (#23592559)

Yes, I started to follow the link, then hit "stop" when I realized we're also clobbering them. MD I hope will get their ass kicked for this. They better!

Really? Lucky We Have Laws (4, Insightful)

jesdynf (42915) | more than 5 years ago | (#23592193)

I look forward to the indictment, conviction, and imprisonment of the executives of their operation.

Failure to achieve these things will not reflect well on the fitness of the rulers to rule.

Re:Really? Lucky We Have Laws (1)

scubamage (727538) | more than 5 years ago | (#23592231)

The rulers themselves do not reflect well on the fitness of the rulers to rule.

Re:Really? Lucky We Have Laws (4, Insightful)

Wandering Wombat (531833) | more than 5 years ago | (#23592281)

Or the people who elected them.

Re:Really? Lucky We Have Laws (1)

scubamage (727538) | more than 5 years ago | (#23592293)

Agreed, it is a true testament to the power of stupid people in large numbers - or at least their ability to keep their heads in the sand.

Please bear in mind... (4, Funny)

jd (1658) | more than 5 years ago | (#23592369)

...the rulers are vampires and therefore do not reflect at all.

Re:Really? Lucky We Have Laws (1)

mckorr (1274964) | more than 5 years ago | (#23592255)

Um, the last 8 years have not reflected well on the fitness of the rulers to rule....

Re:Really? Lucky We Have Laws (5, Insightful)

Pedrito (94783) | more than 5 years ago | (#23592271)

I look forward to the indictment, conviction, and imprisonment of the executives of their operation.

Failure to achieve these things will not reflect well on the fitness of the rulers to rule.


ROFL... You must be new here. Allow me to welcome you to planet Earth. Expect no useful action against Media Defender. And again, welcome to our humble planet...

Re:Really? Lucky We Have Laws (1, Interesting)

Anonymous Coward | more than 5 years ago | (#23592373)

heh. I first read that as "...conviction, imprisonment, and execution..."

Re:Really? Lucky We Have Laws (0)

Anonymous Coward | more than 5 years ago | (#23592433)

Hey! Aren't executives supposed to be executed?

Re:Really? Lucky We Have Laws (1)

bill_kress (99356) | more than 5 years ago | (#23592519)

Who do you think "The Rulers" are?

If you think it's the people you vote for and not the people that pay them to buy your votes, you're pretty naive.

"The Rulers" are actually doing a fantastic job at making money for their companies.

GTG, my tin-foil hat fell off and the xrays are gettig s*(@&NO CARRIER

Shouldn't have publicized it on their blog (4, Insightful)

elrous0 (869638) | more than 5 years ago | (#23592237)

Revision 3 should have just sued, and sued BIG. By discussing it so glibly, and in such detail, on their blog they're jeopardizing their case. A huge financial hit would hurt the RIAA's cronies a LOT more than a little negative publicity from a blogger.

Re:Shouldn't have publicized it on their blog (5, Insightful)

RichMan (8097) | more than 5 years ago | (#23592319)

>>Revision 3 should have just sued, and sued BIG. By discussing it so glibly, and in such detail, on their blog they're jeopardizing their case. A huge financial hit would hurt the RIAA's cronies a LOT more than a little negative publicity from a blogger

Except then RIAA could have just paid up and fixed their scripts and moved on.

The FBI investigation is going to turn up more dirt and likely will lead to lots of discovery. Imagine the connections between organizations proper discovery could come up with. Also imagine the work needed to comply. "Ok, RIAA turn over all correspondence you have had concerning enforcement for the last 3 years".

This does not mean Revision 3 can't sue for damages. But letting the FBI get the ball rolling is the first step. And if the FBI do lay charges then the money part gets a lot easier.

Re:Shouldn't have publicized it on their blog (3, Interesting)

Frosty Piss (770223) | more than 5 years ago | (#23592481)

Revision 3 should have just sued, and sued BIG. By discussing it so glibly, and in such detail, on their blog they're jeopardizing their case...
How so? The facts have not changed just because they've talked about it in a blog. If it was illegal before, it's still illegal. IANAL, but I can't imagine a law that says you can't talk about it when someone commits a crime such as this against you...

Can you expand your comments on this to include a reason such a thing as you propose would be true?

Re:Shouldn't have publicized it on their blog (2, Interesting)

Beardo the Bearded (321478) | more than 5 years ago | (#23592677)

Revision 3 should have just sued, and sued BIG. By discussing it so glibly, and in such detail, on their blog they're jeopardizing their case...
How so? The facts have not changed just because they've talked about it in a blog. If it was illegal before, it's still illegal. IANAL, but I can't imagine a law that says you can't talk about it when someone commits a crime such as this against you...

Can you expand your comments on this to include a reason such a thing as you propose would be true?

The most important thing in legal matters is that you don't discuss a damned thing without talking to your lawyer first.

Let's use a hypothetical example: I've been injured by, let's say, "Mike Dammit!" (MD for short). Let's say MD stabs me in the arm.

I usually carry a small aid kit, so let's also assume that I manage to give myself First Aid and stop the bleeding. In the meantime, MD had stabbed four other people and run off before the cops arrive.

Someone then asks me how I'm doing. I say, "I'm fine."

Later, MD's lawyer will do their damned best to find anyone, anywhere, where I've said, "I'm fine." The goal is to make it look like I've suffered less than I actually have.

"After all, Mr. Beardo, if that IS your real name, if you were suffering so greatly, why did you tell the Paramedic that you were, in your words, 'fine'.?

"In fact, your injuries were so light that you were able to treat them yourself, isn't that right? So why should my client be forced to pay you more than an hour's last wages and the reimbursement for your first aid kit?"

It's not logic, it's the law.

I have a great real life example that, under the advice of my legal councel, I cannot share.

Re:Shouldn't have publicized it on their blog (2, Insightful)

Frosty Piss (770223) | more than 5 years ago | (#23592759)

The most important thing in legal matters is that you don't discuss a damned thing without talking to your lawyer first.
A useful anecdote when you are accused of a crime. But Revision3 isn't being accused of a crime, they are the victim. They have no liability by discussing the issue because they have committed no crime and it can not change the legality of MediaDefender's behavior.

Re:Shouldn't have publicized it on their blog (4, Interesting)

NotBornYesterday (1093817) | more than 5 years ago | (#23592527)

That 'huge financial hit' would be years off at best. R3 is trying to hurt them now while they can. They know that with deep enough pockets, the RIAA & friends can keep justice at bay almost forever. Contrary to their public boo-hooing over the cost of "piracy", the RIAA and MPAA are full of money.

What they need is public opinion. In order for them to be successful in curtailing "piracy", they need to convince a large percentage of the public of 2 things - 1) that they are in a morally superior position compared to those sharing files, and 2) that bad things happen to those who share files.

R3 is taking this opportunity to show that 1) the RIAA is a morally bankrupt group of thugs in 3-piece suits, and 2) the RIAA makes bad things happen to good and bad people indiscriminately.

I'd be surprised if a whopping big lawsuit didn't follow this, but I haven't been able to RTFA.

Thanks Slashdot... (0)

Anonymous Coward | more than 5 years ago | (#23592367)

for joining our efforts.
Together we can smythe the evil filesharers.

kind regards, MediaDefender

Where did they get the firepower? (2, Interesting)

joeflies (529536) | more than 5 years ago | (#23592375)

How did mediadefender get enough computing resources/bandwidth to launch a DOS? Did they launch it out of their own datacenter/domain, or do they have a network of locations?

No, I haven't read the article because the link is not coming up right now.

Re:Where did they get the firepower? (5, Informative)

mrbah (844007) | more than 5 years ago | (#23592475)

They have a 9 gigabit connection dedicated to launching illegal DoS attacks. I wish I was joking.

Re:Where did they get the firepower? (4, Interesting)

DragonWriter (970822) | more than 5 years ago | (#23592717)

They have a 9 gigabit connection dedicated to launching illegal DoS attacks.


Its going to be hard to blame that on a rogue employee.

A deliberate decision to acquire the instrumentality of a crime is frequently fairly convincing evidence of intent.

Re:Where did they get the firepower? (5, Informative)

Bourbonium (454366) | more than 5 years ago | (#23592503)

The story is all over the place now. You can read about it at CNET at http://news.cnet.com/coops-corner/?tag=cnetfd.blogs [cnet.com]
as well as Valleywag http://valleywag.com/393955/revision3-ceo-antipiracy-group-attacked-our-network [valleywag.com]

Re:Where did they get the firepower? (1)

scubamage (727538) | more than 5 years ago | (#23592585)

Hopefully this garners enough attention for something to be done. Its doubtful, but I really, really hope so. Mediadefender == pinkerton thugs of the new millenia.

Is there any reason... (0)

Anonymous Coward | more than 5 years ago | (#23592449)

Really wondering why the headquarters of the MPAA and the RIAA are still standing; and the offices of their lawyers as well. The power of millions of pissed-off nerds - enough to fill a few pages with comments but not enough to start blowing shit up..

Media Defender is going to get shitcanned. (5, Insightful)

Anonymous Coward | more than 5 years ago | (#23592483)

Hard.

"Move it's own media files" means they were probably using it for jamming operations against other trackers. Meaning they hacked the server, went to other bittorent sites, said "hey, we've got tasty files here, but only 91% of complete garbage", used revision3 as their server so everyone thought it was kosher instead of, say, Media defenders IP range, and when revision3 kicked them off their servers decided to reconnect and DDOS'd them. Because the input bandwidth was intense for the fubar'd uploads and they had just been cut off of their primary source, they used all available bandwidth to reconnect and DDOS'd.

What's going to happen here is a combination between defamation of character suites and hacking lawsuits. Those are the kinds of suites that put people out of business and in jail.

The RIAA and MPAA just shot themselves in the head on this one and their shell company is going to go tits up due to it. That's going to have a concussive effect on the other shell companies which will have a bad effect on their anti-piracy campaign.

god save their souls (1)

unity100 (970058) | more than 5 years ago | (#23592545)

did they EVER think about what the reaction to this stupid move might be in the underground scene ? hm ? a stupid shill company dosing some cultural element (p2p) that belongs mainly to underground culture. do i need to remind you, that underground crowd houses many elements that can take down, hack into, play with cia, nsa, whatever-big-agency sites, servers, services ?

what kind of utter stupidity is this ?

Re:god save their souls (5, Interesting)

scubamage (727538) | more than 5 years ago | (#23592667)

Its doubtful that anyone will hack into any of those closed systems for the most part. However, I wouldn't be surprised to see mediadefender start getting nailed VERY hard bandwidth wise. I wonder how many syn packets or christmas tree packets it takes to fill up a 9gbps pipe?

In other news... (1, Redundant)

liegeofmelkor (978577) | more than 5 years ago | (#23592551)

After recovering from a malicious DOS attack over the weekend by Media Defender, R3 is again under the DOS siege from the infamous slashdot effect.

And what about other trackers...? (3, Interesting)

Anonymous Coward | more than 5 years ago | (#23592575)

It wouldn't be too big of a stretch of one's imagination to believe they use the same tactic against other trackers.

Maybe if the likes of PirateBay, Mininova and others looked more closely at their traffic patterns and found some "common problems" (such as web traffic from MediaDefender), there would be grounds for civil if not criminal proceedings against MediaDefender.

What IP#'s or subnets or networks does MediaDefender use?

Or better yet...

Maybe we should all run trackers with fake movies being shared and watch for MediaDefender DOS'ing us and create an ever larger case against these twits?

Mail to MediaDefender (3, Funny)

WereCatf (1263464) | more than 5 years ago | (#23592577)

I just absolutely felt compelled to send email to MediaDefender, I so much hate MPAA/RIAA using illegal tactics. So, anyway, here is the email I sent them: Hi there! I just wanted to congratulate you on your brilliant stunt of a highly illegal DOS (Denial of service) attack on Revision3. Perhaps you should have checked earlier that they were seeding their own legal products? Then again, DOS attacks are illegal even against illegal trackers so this could be a bit unfortunate for you. If FBI can link you to DOS attacks on other trackers then you could face serious legal issues. So, I just want to congratulate you once more, this was such a brilliant move by you and I hope you'll do something equally stupid again in the near future! ;) Yours truly, -Nita

In a reality next door... (1)

Rihahn (879725) | more than 5 years ago | (#23592643)

APNewsWire: "Hired thugs for the notorious RIAA gang mistakenly run down innocent businessman."

"In another RIAA sponsored incident, the owner of a small hardware store was injured in a hit-and-run yesterday by a car load of the RIAA's mercenary thugs. Going by the name 'MediaDefender' these so-called vigilantes mistook Mr. Revision3 for one of the business owners along Internet Way that don't pay protection money to the RIAA. One of the thugs was reported as saying 'Well, he had a store front so we just assumed he was on the hit list.' A full investigation is underway."

I liked this story when I read it on Digg first. (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#23592731)

Fuck Slashdot.

PUT THEM IN JAIL. (0)

Anonymous Coward | more than 5 years ago | (#23592749)

If any individual did any of this they would be facing jail time and fines.

Lets put the people who work for media defender in jail.

Theft of services.. network abuse... call it whatever...

Just put these bastards in jail already.

misuse of Revision3 servers? (2, Interesting)

belmolis (702863) | more than 5 years ago | (#23592761)

Revision3 refers to longstanding misuse of its severs by MediaDefender, before the current DOS attack. What exactly they were doing isn't clear to me. Anybody know? And is it a crime?

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...