Forgot your password?
typodupeerror
Music Media

IFPI Employee Describes P2P Sabotage Activities 431

Posted by michael
from the no-tunes-for-you dept.
Maxwell'sSilverLART writes "From The Reg: Matt Warne, an employee of the international version of the RIAA, admitted that he helped the organization spread garbage and random noise on the P2P networks. Apparently, they used multiple DSL connections to present the appearance of separate users, disguising the origins of the files. His group has stopped, but he claims several of the big record companies are still doing it themselves. And here I thought all of their garbage came on CD."
This discussion has been archived. No new comments can be posted.

IFPI Employee Describes P2P Sabotage Activities

Comments Filter:
  • by Bowie J. Poag (16898) on Friday January 17, 2003 @12:08PM (#5102080) Homepage


    Garbage isn't so bad...their lead singer is hawt... Mee-yow!

    Cheers,
  • by Anonymous Coward on Friday January 17, 2003 @12:08PM (#5102084)
    Here is a list of P2P Unfriendly IP's you can block.

    OverPeer:65.174.255.255
    OverPeer:65.160.0.0-65. 160.127.255
    Ranger:216.122.0.0-216.122.255.255
    R anger:204.92.244.0-204.92.244.255
    MediaForce:65.1 92.0.0-65.192.0.255
    MediaForce:65.223.0.0-65.223. 255.255
    MediaForce:4.43.96.0-4.43.96.255
    MediaDe fender:66.79.0.0-66.79.255.255
    RIAA:208.225.90.0- 208.225.90.255
    RIAA:12.150.191.0-12.150.191.255
    MPAA:63.199.57.96-63.199.57.128
    MPAA:64.166.187.1 28-64.166.187.192
    MPAA:198.70.114.0-198.70.114.25 5
    MPAA:209.67.0.0-209.67.255.255
    NetPD:207.155.1 28.0-207.155.255.255
    NetPD:128.241.0.0-128.241.25 5.255
    UnknownC&DCop:64.106.170.128-64.106.170.192
    BayTSP:209.204.128.0-209.204.191.255
    Vidius:207 .155.128.0-207.155.255.255
    GAIN(spyware):64.94.89 .0-64.94.89.255
    GAINCME(spyware):66.35.247.0-66.3 5.247.255
    GAINCME(spyware):66.35.229.0-66.35.229. 255
    MediaDefender:64.225.292.0-64.225.292.127
    RI AA:208.192.0.0-208.192.255.255
    Xupiter.com:63.236 .32.50
    Xupiter.com(mirror):63.208.235.30

    I get dozens of hits to each IPchains rule everyday when I am using P2P.
    • by Uninvited Guest (237316) on Friday January 17, 2003 @12:20PM (#5102200)
      Where did this list come from? How can I verify its legitimacy? Even more important: how can I discover new addresses which should be blocked?
      • by don_carnage (145494) on Friday January 17, 2003 @12:50PM (#5102417) Homepage

        How can I verify its legitimacy?

        nslookup

      • by Anonymous Coward on Friday January 17, 2003 @12:50PM (#5102422)
        I got the list from http://www.shareaza.com 's security forums. Shareaza is a modern Gnutella client with integrated security features. I do not personally use the built in firewalling stuff though. I wrote Iptables rules to block them all. If you would like to verify the authenticity you can just use a tool like Sam Spade for your windows box. Although you will have to be warned that several of the above listed IP's are listed as belonging to some holding compay or another. I would not know where to begin in writing a tool to automate this, but if you have the skills than by all means please do so:) In the mean time you can just read shareaza's forum.
    • Sure, you can block those, but you can bet that 99.99% of the people using P2P apps won't, because they won't know how or won't care. Soon enough, they'll have all the bogus content, and then you'll have to start blocking idiot p2p users IPs as well. Then the RIAA wins.
    • by DrPsycho (13308) on Friday January 17, 2003 @12:40PM (#5102352) Homepage
      MediaDefender:64.225.292.0-64.225.292.127

      Um. 292?

      I presume that's a typographical error, but you might want to double check those numbers... especially with the hordes of people incorporating them into their IPChains/IPTables rulesets right now. :^)

    • by Grit (18830) on Friday January 17, 2003 @01:36PM (#5102718) Homepage

      Umm... isn't one of the "strengths" of P2P that this would only be effective if everybody refused to peer with these addresses? Even if it were effective, wouldn't the parties involved just call up the phone company and order a DSL line--- with an address from the phone company's IP address block?

      The same anonymity which P2P promises cuts both ways. Installing filters like this is a big waste of time. Now, accepting the connections but keeping them occupied via a fake "honeypot" network might at least be interesting...

  • Yeah (Score:4, Funny)

    by GigsVT (208848) on Friday January 17, 2003 @12:09PM (#5102089) Journal
    I've come across some of this stuff, mostly I got mp3s that were the right length, but just silence rather than what the file was named.

    They find their way into my playlist if I am not careful, and when I am using it for background music while intensively coding I usually don't notice when one comes up, but it scares the shit out of me if a really loud song comes on after it. :)
    • Re:Yeah (Score:3, Funny)

      by Anonymous Coward

      That's what you get for pirating John Cage!

      slowdowncowboyslowdowncowboyslowdowncowboyslowdo wncowboyslowdowncowboyslowdowncowboyslowdowncowboy slowdowncowboyslowdowncowboyslowdowncowboyslowdown cowboy

    • Re:Yeah (Score:2, Interesting)

      by MullerMn (526350)
      Erm, wouldn't an MP3 of silence (of any length) compress down to almost nothing? If not then it'd be a pretty shit compression algorythm....
    • Re:Yeah (Score:5, Funny)

      by jc42 (318812) on Friday January 17, 2003 @12:33PM (#5102310) Homepage Journal
      mostly I got mp3s that were the right length, but just silence

      They'd better be careful with this. Remember that last year John Batt got into trouble for including a silent track on his CD. John Cage's estate charged him with copyright infringement.

      If a recording company is responding to copyright violations by sending around unauthorized copies (or derived works) of John Cage's copyright on his famous 4'33" composition, they deserve to be punished to the maximum extent of the law.

      --
      • Re:Yeah (Score:3, Insightful)

        by Phil Wilkins (5921)
        It was Mike Batt, of Wombles fame, and he was stupid enough to give Cage a co-writer credit. The Cage estate sharks duely extracted their pound of flesh.

        Moral: Don't dick with the credits.
    • Re:Yeah (Score:3, Insightful)

      by buswolley (591500)
      What we need is an intelligent agent that scans our mp3's etc and gets rid of the junk.
      • Re:Yeah (Score:3, Insightful)

        by NineNine (235196)
        That's what the integrity ratings are an attempt at on the FastTrack network. The only problem with that is that the "intelligent" agents are the users.
        • Re:Yeah (Score:3, Insightful)

          Without a doubt, that is the biggest truth about this article. FastTrack has built in a moderation system of sorts, but do people use it? Hell no. Try this for starters, go search on FastTrack for the movie XXX. I bet one entry comes up saying it is a perfect copy with about 40 people who have it. That equates to 40 dumbasses, because that file is really Half Baked. What is the point of sharing when you are sharing shit? I think the general user on the system is more to blame than the incompetent folks over at the RIAA/MPAA.
    • Re:Yeah (Score:4, Interesting)

      by MikeFM (12491) on Friday January 17, 2003 @01:15PM (#5102575) Homepage Journal
      I think they'll find this gag runs out of steam as soon as P2P clients start using checksum techniques. Use trust boundries and individual checksum lists and you can keep the system from being poisoned. It just a little client support and requires that users take the 5 seconds to notice if a file is shit or dangerous and mark it as so in their client. Best of all you don't even have to keep a copy of the actual file to provide the checksum info so you can act as a P2P cop without being set up for feds raiding your basement. The trust boundries is as simple an idea as saying Jack is my friend and I trust his checklist and I trust Jack's friends friends 80% as much as I trust Jack and I trust a friend of Jack's friends 80% as much as I trust Jack's friends.. so that you form a large verification network that eventually peters out unless you raise one of those individuals to your own friend status. This would make it difficult for the RIAA to get into the average users 'friend' list to poison them from there.. and as soon as they did they would be removed from the list and have to start the whole tedious process over again.
  • by Chocolate Teapot (639869) on Friday January 17, 2003 @12:09PM (#5102091) Journal
    Matt Warne, an employee of the international version of the RIAA, admitted that he helped the organization spread garbage and random noise on the P2P networks
    He shared his Brittney Spears mp3s.
  • by aridhol (112307) <ka_lac@hotmail.com> on Friday January 17, 2003 @12:09PM (#5102100) Homepage Journal
    Why should the music industry be prohibited from putting junk on the network? If the user gets frustrated enough when trying to download music illegally (and yes, copyright infringement is illegal), maybe they'll actually spend money to buy music.

    Why is there no great uproar when a private user puts misnamed files on the network? Or when software goes online? Why do we save our complaints for when the legal owners do something against the spirit of the system, rather than when someone else does something against the law?

    • Maybe in your world, but in my world it isn't.
      This is called civil disobedience.

      Though I'd rather take from people willing to give.
      • by aridhol (112307) <ka_lac@hotmail.com> on Friday January 17, 2003 @12:26PM (#5102250) Homepage Journal
        Hmm...I just looked at the definition of civil disobedience [63.240.197.92]:
        [R]efusal to obey governmental demands or commands
        OK, so you're refusing to obey the law (meaning that yes, you admit that it's illegal but you don't think it should be).
        [...]
        means of forcing concessions from the government
        Here's where I don't beleive that you're practicing civil disobedience. See, you're breaking the law from the privacy of your own home. This means that the government doesn't see that you're doing it, so you're not making much of a statement. You're not going to acheive anything doing it this way, and you know it. This makes it not civil disobedience, but regular lawbreaking.

        If you really feel that it's civil disobedience, get a bunch of people together, set up a network in a public place (rented hall, maybe), and download there. Make sure the media is there, and hand out pamphlets telling what you're doing. Get your message out there. Face the risks of being arrested.

        Until you do something like this, I say you are not practicing civil disobedience, but plain old lawbreaking.

        • by Ann Coulter (614889) on Friday January 17, 2003 @12:55PM (#5102456) Journal
          Prohibition ended because of plain old lawbreaking (resulting in some corpses and blind people to boot). Sometimes civil disobedience does not send the message clearly. The most effective message is direct action and if it takes money from RIAA members and indirectly their political pawns then it is more just than parades.
        • by Cokelee (585232) on Friday January 17, 2003 @01:29PM (#5102677)
          If you really feel that it's civil disobedience, get a bunch of people together, set up a network in a public place (rented hall, maybe), and download there. Make sure the media is there, and hand out pamphlets telling what you're doing. Get your message out there. Face the risks of being arrested.

          Hmmm, not quite. When it comes to those who care more people use P2P than don't.


          See this is the internet and everything is distributed (not the hippie generation where your approach might actually work). Millions upon millions of people disobeying the law is infinitely more formidable than getting a couple hundred to take a fall for millions.

          You see, if the civil disobedience came only from a few people in this situation they would be squashed and become an example, not a martyr for the cause.

          By effectively eluding the government and **AA people are out rightly defying the law in masses. Meaning, if the government does not change its policies it will be forced to imprison its population. Because this cannot occur and have the government still exist, the masses will win over the few.


          It's only a matter of time and determination.

    • by thelexx (237096) on Friday January 17, 2003 @12:18PM (#5102185)
      "Why do we save our complaints for when the legal owners do something against the spirit of the system, rather than when someone else does something against the law?"

      Simple. In all cases of them being deceptive, it's just that, pure deception. With the assumption of guilt on the part of everyone who might download. Not all cases of downloads are illegal however.

      • by aridhol (112307)
        Not all cases of downloads are illegal however.
        Explain this to me. If I recorded music and sold it, without any provision for download, when would it be legal for you to download it? Why should I not be allowed to make fakes of my own music and put them online?
        • Simple. In all cases of them being deceptive, it's just that, pure deception. With the assumption of guilt on the part of everyone who might download. Not all cases of downloads are illegal however.

        Not all deceptions are illegal or actionable. Using a P2P network for receipt of material lacks several necessary conditions to establish a contract.

        Even if it was deemed actionable, what would one do? They are using P2P networks exactly the way they were intended, they are hiding the identity of the source of the transmissions.

        When you are using black market channels for distribution, it's difficult to make accountable those who might make misrepresentations.

    • Who's complaining? (Score:5, Insightful)

      by Sloppy (14984) on Friday January 17, 2003 @12:19PM (#5102191) Homepage Journal
      Why should the music industry be prohibited from putting junk on the network?
      No reason they should be prohibited, and I haven't seen a single poster suggest that they should be. This is news (sort of) because it's moderately interesting, not because it's some horrible atrocity.
    • by echucker (570962) on Friday January 17, 2003 @12:31PM (#5102290) Homepage
      If they're going to mess with files, at least be clever about it. Take a lesson from the Barenaked Ladies' book - Take a legit file, and implant funny ads for upcoming releases in them. "Pinch Me" off of their Maroon album is a perfect example of this. Do a search for the track on your favorite P2P network, and you're sure to notice that some people note "no ads" in the title.

      I actually prefer listening to those versions now over the stock ones.
    • Enigma (Score:2, Insightful)

      If the user gets frustrated enough when trying to download music illegally maybe they'll actually spend money to buy music.

      And the money spent on this music funds the company putting random noise on this medium instead of producing more, better music.
      What happends when more money is spent on protecting the music than actually producing music?

      Just random thought noise.
      • While I can't get through to the RIAA website right now, I beleive that it probably is the RIAA's job to protect the music. The individual companies are in the business of making music, while the Association is there to protect its members, and that includes protecting the music they produce.
  • The alternative explanation for the persistence of this noise material is that users are extremely inattentive, and that's difficult to believe.

    It's pretty easy for me to believe.

    I use P2P primarily to check out new bands. Often I will just download the song that most people have available, hoping it will be a representative tune.

    As often as not, however, the most widely available tune has some problem, like being misnamed for example.

    This can't be caused by intentional poisoning. Rather, people are lazy and just leave the crappy files sitting in their download folders.
  • by thinkliberty (593776) on Friday January 17, 2003 @12:11PM (#5102111)
    I don't see anything wrong with this. If it makes it harder to pirate the music and it isn't a DOS against the network or another person. So what? If the copyright owners want distribute blank songs or garbage songs on p2p networks. Let them do it. It would also be interesting to find out if they paid the artist for using their name on a product they are distributing.
  • by image (13487) on Friday January 17, 2003 @12:11PM (#5102113) Homepage
    Look, as much as I resent the RIAA, I have to say that they have a total right to fill up P2P networks with bogus files that look like copyrighted material.

    What, you are not able to pirate a copy of some new album? Poor baby. Pay for it. You _really_ are ripping off the artist if you steal it. Yes, you are also ripping of the RIAA (which I don't care about). But don't complain that your organized theft ring is being hampered by the rightful owners of that property.

    I despise the RIAA and how it treats their artists. But for the love of all that is right, don't *steal* in reaction. That is certainly not going to make the artists lives better.

    Buy from alternative record labels. Go see your friends bands live. Write your own music. Read a book. Play with your computer. Make out with your girlfriend. Or, if you really want that album, pay for it. Or don't and boycott the bad labels. *That* choice is yours.
    • "What, you are not able to pirate a copy of some new album? Poor baby. Pay for it."

      Suppose for a moment that I already have. What is the justification now?

      • if you already bought the album, why do you need to download another copy of it?

        just do what I do and rip the audio data to mp3. depending on your computer, it'll take 3-10 minutes, whereas tracking down all the tracks for your cd and finding someone that's not being a file whore to get them from will take 1 minute- weeks. that way you don't even have to worry about mislabeling or low bitrate, because with a decent CD ripper, it'll connect to a CD database and put in the correct label for you and let you choose what bitrate you want.

        everything you want, none of the hassles of trying to pull it off a peer to peer network.

        back to your question, if you have a copy of the CD on hand, then you probably do have the right to seek out a backup copy for personal use. after all, the end state is the same as if you had ripped it yourself. but my way's a lot better :p
        • by brain159 (113897) on Friday January 17, 2003 @01:01PM (#5102504) Journal
          Have we FORGOTTEN all the perceived angst and trauma about usage-prevented audio CDs (sharpie marker deprotection, all that)??

          If I buy a CD and find I'm totally unable to rip it, I can and will go searching for the tracks on p2p. If/when every "CD" that comes out (including from the smaller dance music labels I like) is similarly mangled, a few people will manage to rip it (carefully via analogue, or whatever) and the music will still proliferate over p2p.

          If, in order to get the music I've paid for into a format I regard as usable (mp3s or oggs) I have to go get them off p2p networks then I've gained no *actual* value from the purchase of the "CD".
    • You make good points, but also one error. Breaking copyright law is not stealing - it is copyright infringement. There's a huge difference.

    • So the RIAA is stupid. All that happens now is people just borrown their friends copy and burn a bit copy (and yes, this usually will work even with those stupid copy-protected CDs) and listen to them. That was always the main source of piracy anyway. Besides, IRC always has been a better means of getting whole albums anyway. Chan ops will nix bots serving bad files.
    • Look, as much as I resent the RIAA, I have to say that they have a total right to fill up P2P networks with bogus files that look like copyrighted material.

      And we have every right to take note of their actions and implement countermeasures. And so it goes.
    • by Anonymous Coward
      Make out with your girlfriend.

      Your new here aren't you?

    • That is all very good advice for those that want to get the music without paying for it.

      Now what about those of us that do actually own a valid copy of a song?

      I have a large collection of LPs (remeber those? the large, circular vinyl disks with the small hole in the middle?). I take loving care of my albums, buy the best stylus I can and clean them when needed. I used to record onto cassette so I could listen to my albums in my car (perfectly leagal time shifting-- if I am driving in my car, no one is back at home listening to my albums).

      Now, I have a car with a CD player, but no cassette. I want to listen to my albums, but I don't want to pay for them all over again when I already own a legal copy. So, I can try and get the output from my turntable to my computer (not easy!) or I can check out a P2P network and download copies of those songs I already leagally own.

      Why should the RIAA have any problem with that?

    • by GuyMannDude (574364) on Friday January 17, 2003 @01:07PM (#5102538) Journal

      For a minute there it looked like you were making some serious points. Then I got to this line:

      Make out with your girlfriend.

      That kind of delusional thinking just wiped out any semblance of reality that your post might have had. :)

      GMD

  • by Tofino (628530) on Friday January 17, 2003 @12:11PM (#5102117)
    Everything Metallica has released since Master of Puppets has been garbage :).
  • by josh crawley (537561) on Friday January 17, 2003 @12:13PM (#5102130)
    As an ethical issue, downloading songs we havent paid for is just plain stealing. And they tried to shut down the source (the transfer tool and servers), byt the judge bitchslapped them down.

    What choice are we leaving them? They're spreading corrupted files. It's not like they're ping flooding every user. They're just sending what the USER REQUESTS.

    I'm relieved that's all the Riaa are doing. After all, protecting the groups' rights are what they're about.
  • EULA? (Score:5, Insightful)

    by Tar-Palantir (590548) on Friday January 17, 2003 @12:13PM (#5102132)
    I haven't read any P2P app EULAs, but I wonder if some of them might try including a clause that "You agree by using this Software that You will not attempt to degrade the effectiveness of the Network in any manner, including intentional distribution of flawed or nonsense files."

    Now, IANAL, but it seems like the outcome of such an action would be positive for the geek community:
    • The RIAA might simply stop.
    • They might sue, and have EULAs ruled not binding (this would be negative in the sense that they could continue the monkey business, but good overall).
    • The P2P companies might take them to court and win. Wouldn't that be nice?


    • Anybody see why this wouldn't work (unless some clients failed to put the clause in)?
    • Re:EULA? (Score:2, Informative)

      by zipoff (62601)
      I really don't understand how the parent is modded up to +5.

      The RIAA/MPAA/xxAA could just write their own client that connects to the network. They are not bound under any EULA, as it is their software.

      As the companies releasing P2P lean towards, there is no owner of the network, and as such, there is no EULA to enforce for the network.
  • by Amsterdam Vallon (639622) <amsterdamvallon2003@yahoo.com> on Friday January 17, 2003 @12:14PM (#5102142) Homepage
    I actually e-mailed Richard Stallman a couple years ago when I realized a great way to spread the GNU message.

    My question was whether disguising pro-GNU songs (such as these [gnu.org]) as Billboard Top 40 hits and sharing them on Peer 2 Peer networks was a "right" thing to do.

    He suggested that I not do it, but did thank me for a good laugh.
  • This reminds me.. (Score:5, Interesting)

    by Maeryk (87865) on Friday January 17, 2003 @12:14PM (#5102144) Journal
    I have been running Limewire, and has anyone else noticed that no matter WHAT you put in the search box, you nearly immediately get three hits back with exactly that title and an appropriate extension? One is a broken move file that just locks your player, and two others are pr0n teasers.. but that must be a large server with a fast pipe... because it consistant, and it is FAST.

    Has anyone run into this with any of the other P2P clients, or is it just limewire specific?

    (I would think that would be a better way to tie up the services anyway.. just have a remote server that responds to incoming searches with a couple of crap files. Get enough of them doing it, and the S/N ratio will get so screwed people will stop using it.)

    Maeryk
    • No matter what you put in, you get a file back instantly, some of which are some kind of pornbots or something, and i have had a few where they are a virus, i believe. It seems to change the names of its files on the fly. Its kinda neat, in a way, i wonder who it is.
      • by meringuoid (568297) on Friday January 17, 2003 @01:43PM (#5102768)
        No matter what you put in, you get a file back instantly, some of which are some kind of pornbots or something, and i have had a few where they are a virus, i believe. It seems to change the names of its files on the fly. Its kinda neat, in a way, i wonder who it is.

        The dummy results always come from the same few machins; they say they're running Gnucleus, and I believe it - access to the source code helps if you mean to screw with Gnutella in this way.

        The .exe files in the !!_YEEHAA_!! zip files probably hijack Internet Explorer - going by what comes out of running 'strings' on them, they also add a whole lot of porno bookmarks - venusseek.com in particular. This is just a guess as I'm not planning to actually run this thing on Windows :-) The images and mpgs just show an ad for some porno site.

        The .vbs viruses... they seem to have come from Columbia. A look at the source of one of them reveals

        rem "Plan Colombia" virus v1.0
        rem by Sand Ja9e Gr0w (www.colombia.com)

        rem Dedicated to all the people that want to be hackers or crackers, in Colombia
        rem This program is also a protest act against the violence and corruption that Colombia lives...
        rem I always wanting that all this finishes, I have said...

        rem Santa fe de Bogotá 2000/09
        rem I dedicate to all you the song "GoodBye" of Andreas Bochelli

        It relies on user stupidity and Windows' habit of hiding file extensions. Instead of 'virus.mp3.vbs' the user sees 'virus.mp3' and thinking all is well doubleclicks to play it. VB script promptly scans the whole hard disk and creates a copy of itself under the name of every MP3 it finds. That's why you tend to get double results - maybe Quadrophenia.mp3 and Quadrophenia.mp3.vbs from the same user. It also seems to redirect IE's start page to a FortuneCity site, and has a bunch of other stuff going on related to script kiddie life and Colombian politics.

        Compared to this sort of malevolence, a Coral song that craps out after five seconds and continues in silence is positively benign.

        What I want to know, though, is why I keep getting back 'Free Bird' by Lynyrd Skynyrd no matter what I search for?

    • Re:This reminds me.. (Score:5, Informative)

      by theLOUDroom (556455) on Friday January 17, 2003 @01:49PM (#5102810)
      I use limewire and I've noticed the same thing. Here's what I do about it:

      1. Start Limewire and let it get connected.
      2. Search one something weird like "frobittzly."
      3. Open up the settings and add any computer that replies to my list of blocked ips.
      4. Repeat the two steps above until I get no search results for things which shouldn't exist.
      5. Use Limewire as usual.
  • Right on (Score:3, Interesting)

    by octalgirl (580949) on Friday January 17, 2003 @12:15PM (#5102155) Journal
    This guys quotes are right on, and I hope we see more and more people say this publicly:

    Back in 1997 and 1998, the industry had the chance to develop online music services, he says. It saw what was coming. Which is true: at that time, the major labels were paralyzed by fear of online music and were downsizing accordingly, but refused to alter their business models, or extend into new areas.

    "Once Napster came along," says Warne, "people got used to getting stuff for free. They've introduced Emusic but people just ask 'why isn't it free?' If they'd introduced it in 1998, they wouldn't have this problem,' he thinks.
  • So somebody who does not like unauthenticated P2P networks is trying to jab them. Who would have thought that kind of activity could be going on the internet?!?!

    I certainly didn't see it coming.

    Next thing you are going to tell me is that those free weekly newspapers have lots of ads. Or that admins will put patches on their servers to protect them. Or that there are lots of naked pictures on the internet. Or that I am not the 14 girl I play in some chat rooms. (maybe I should use a different name?)

    Another obviously stupid story about how anyone who can guess the end of most movies can guess about 75% of the stories that are going to be written on any subject or 75% of the stupid things that big organizations are going to do. Please something fresh. Please something that is news or that matters.

  • This can be avoided using MD4 hashes and file sizes to uniquely identify files. Then on webpages people post links to well tested files which aren't garbage. All this is implemented in the edonkey network, and it's client emule [emule-project.net], and "elinks" with valid files are posted in sites like Sharereactor [sharereactor.com]

    I think all P2P apps should at least use MD4 hashes.
  • by smd4985 (203677) on Friday January 17, 2003 @12:17PM (#5102172) Homepage
    once again, the IFPI and RIAA don't understand technology. given the infrastructure, p2p users could 'moderate' content up and down, and 'metamoderate' the moderations of other users (wonder where i've heard of those terms ;) ). but seriously, this technological solution would destroy poisoning efforts - as content and users were moderating, crappy content would be marked as 'to be ignored', and valid content would sift to the top of the heap.
  • by burgburgburg (574866) <(moc.liame) (ta) (60neksilps)> on Friday January 17, 2003 @12:17PM (#5102174)
    playing little guerilla internet tricks rather than trying to understand/reform your industry. It's so much simpler to poison a well rather than figure out how to use it to make money and satisfy your "customers". It's so much more restful to sit around and blame "pirates" rather than addressing new technology and a changed customer base. It so much less tiring to pay off legislators to outlaw things that are inconvenient rather than putting together a business model that isn't 30 years out of date. Thanks IFPI.
    • Agreed.

      Each time I see a commerical on TV for a collection of songs I think to myself, "The labels are losing money all the time."

      If they sold them online, made them portable for me and priced them reasonably I'd buy them.

      For instance, when I buy an online book for my palm it encrypts my credit card information. That is a great idea as I don't share it with anyone. It keeps my portability as I can read it on my PC or palm. It is priced right as they make a little money, but pass on the savings to me.

      This is the model the music and movie industry needs to adopt. Allow me to move my downloads to other mediums and make it cheap. I'd buy more.
  • by On Lawn (1073) on Friday January 17, 2003 @12:18PM (#5102182) Journal
    When I do a search on gnutella, I used to get nothing but good information. Then about three months ago I started seeing files like (say I was searching for Avalanches)

    Avalanches.jpg
    Avalanches.mpg
    Avalanches.mov ...and so forth. Its pretty easy to avoid them, I don't think they are fooling anyone. I've never even clicked on them to see what they actually contained.

    Wait, I did get snookered once. I was searching for "Camaflouge" the old Depech-mode sounding 80's band, which I haven't found a way to purchase the CD anyway. One of the files I pulled down turned out to be a really sweet rendition of "I Know that My Redeemer Lives". I suspect it was a fellow mormon reminding me of my values. But I liked the rendition so much that I kept it and play it.

    (By the way, I own the Avalanches CD)

    ________________________
    OnRoad: [onlawn.net] Hacking that which costs more money and is more deadly. (Its just a car-enthusiast site really)
    • Not sure which Camouflage album you're looking for (they're releasing a new one this year), but most of their stuff can be found at A Different Drum [adifferentdrum.com] (which has lots of other similarly-styled stuff you might like) or even Amazon.
  • by Savage-Rabbit (308260) on Friday January 17, 2003 @12:18PM (#5102183)
    ".... all of their garbage came on CD"

    For the N'th time NO Record Company Garbage does not just come on CD, it comes on Video Tape, on DVD, Over cable, Over satelite and TV channles, Radio, The Internet ........
  • by stratjakt (596332) on Friday January 17, 2003 @12:18PM (#5102189) Journal
    P2P networks are already chock full of bad 'rips' full of pops and skips, or poorly/wrongly encoded (like 56k mono), misnamed songs, and so on.

    Eventually the people who get 'into' it figure out who enjoys the same sort of music they do, and who tends to have quality mp3s on their sites. So the metalheads migrate together, and the hip hop fans, etc.

    If they stray outside their 'clique' and get a garbage tune or two, they delete them and move on.

    They also 'poison' newer, profitable releases, and I've found that a huge chunk of the P2P'ers are there for older or more obscure music. The fact that there's a garbage version of Britney Spears' latest floating around doesn't bother a Deadhead or someone looking for underground punk tunes in the least.

    So, I suppose it could discourage a handful of 13 year old newbies if by luck they manage to get the garbage files the first time they try it. But it won't 'kill' the networks.
  • be careful what you say about the riaa in your posts, or they'll use the same tactic here, on slashdot, and post random garbage comments to drown out the anti-riaa noise...

    wait... garbage posts on slashdot!? it's already begun! how much are those trolls getting paid?!
    • Not enough. (Score:3, Insightful)

      by twitter (104583)
      it's already begun! how much are those trolls getting paid?!

      Ever met a rich whore? Neither have I. People who sell out like that are always pawns and never have anything.

      The wistle blower should not be trusted. If he had left while the effort was ongoing instead of after it was shut down, his credibility would be much greater. I don't believe him when he says that he did not engage in cracking and other illegal activity. We have several posts here that attest to the fact that people are using the P2P networks to spread viruses. All we can be sure of is that the RIAA and friends are doing everything in their power to eliminate fair use music sharing.

      They hate music sharing because they don't control it. If people are free to share what they realy enjoy instead of being forced to listen to programs designed to sell 40 albums a year, the recorded music world will once again regain the diversity the real music world still has and we will start to see more recording lables than you can shake a stick at. The RIAA will be ruined, of course. Oh well.

  • by esorense (199722) on Friday January 17, 2003 @12:25PM (#5102245)
    This might be a little offtopic but I thought it was interesting. I attended a Spoken Word Event by Henry Rollins. He discussed his views on P2P and downloading music off the net. His basic view was go ahead download my stuff. "I would rather have your time than your money," he said. Amen. I liked it so much I added it as my sig, sorry about the repetition.
  • Filling up p2p networks with silent/garbage mp3's might disappoint a number of users enough into not using/trusting the service, but at least a handful of them will try to find alternatives such as IRC networks and private FTP's (which is the only thing some people use).. Not everyone is using kazaa et all. Also, what about good-old trading with their friends? This is something the RIAA/IFPI will never be able to stop. Why? because people have been trading cassette tapes/records/mix tapes/cd's forever. It might slow it down, but the RIAA is still a few dozen people trying to stop a way bigger amount of users. They should really focus on one, single solution, rather than little problems. Until they do, expect music downloading/trading to keep spreading.
  • And here I thought all of their garbage came on CD


    No, most of their *REAL* garbage comes out of the politicians they've bought over the years. That would probably be on Legal Paper I guess, but (hopefully!) not on CD.

  • Advertising. (Score:5, Insightful)

    by Moderation abuser (184013) on Friday January 17, 2003 @12:28PM (#5102268)
    They should use p2p like a radio broadcast, put low bitrate encoded versions up for free, advertise sites where the high quality encodings can be purchased for $0.50.

  • They cannot do anything to the p2p netowrk I use.. it's invite only to get access to it.. (Open Nap server system) we have approximately 200 people on it now, and have had to kick only 1 person.. they were acting like the typical leech.. so they are blackballed... simple really. we allow someone to join and become a part of the network for 10 days with no files to share. (mp3 and ogg only) and anyone that doesnt add new material usually get's a warning, but no warning have needed to be issued.. we have a HUGE amount of IUMA artist music on it.... the legal stuff :-)

    nothing below 128kbps and users regularry weed out the crap so that you are used to getting a good copy the first time.

    I know I'm not the first to organize a private P2P but I do know that's where the RIAA can do a damned thing... and unless you are on the invited list you cant get in it to spoil it.
  • Troll.

    You're essentially saying that every single band from the last 40 years that has any kind of name recognition is garbage. That's a lot of bands to be smacking down with one offhand comment. Sure, there's a lot of crap out there like Creed and Mariah Carey, but if you put together a list of all good bands that have had major label deals *ever*, then that's a mighty long list.
  • by davejenkins (99111) <slashdot@davejenki n s . c om> on Friday January 17, 2003 @12:34PM (#5102317) Homepage
    Disinformation, the act of spreading rumors, false orders, and couterfeit money is as old as warfare itself. Usually, the production cost' of disinformation is much less than the 'production cost' of truth. It's easy to spread a rumor about ambushed soldiers, whereas actually ambushing someone is pricey. Fake Confederate dollars were much easier to print than real ones, etc. Al Qaeda knows this, and it's rumor mill is going full steam.

    Now to the immediate fight: the RIAA and record labels have decided to invest time and money into producing counterfeits and disinformation. The problem is that the very structure of P2P networks makes this overtly pricey:
    1. The RIAA must proactively produce 'bad' Britney Spears
    2. Some dope must download this 'bad' track-- but once they find it's bad, they delete it. The track never gets past that first copy.

    Whereas 'legitimate' tracks get copied and passed around by everyone, because the legitimate tracks are keepers, and they expand virally.

    Eventually, the RIAA will come under such heavy costs to maintain their disinformation campaign, that it would be cheaper to start using the P2P system to their advantage (theoretically)
    • 2. Some dope must download this 'bad' track-- but once they find it's bad, they delete it. The track never gets past that first copy.

      Ah, if only p2p networks were so efficient. Most people just aren't as deligent as you about cleaning up corrupted stuff they download as you are. With harddrives in the tens of gigabytes these days, there's no pressing need for the average user to get rid of every single junk file. Most people are lazy, lazy, lazy. They download a whole chunk of mp3s at once and figure they'll sort through them later. Maybe that won't happen for a few days. In the meantime, others do the same thing and download it off him before he gets a chance to delete it.

      I don't quite understand your arguement about why creating bad mp3s is so pricey for them. I'm sure they can whip up a short program that will automate the process. Then they just pay some intern minimum wage to run batch jobs and create a huge amount of corrupted files. They can repeat this process over and over.

      I'm not saying that the RIAAs tactic is sound. But I also think that your conclusion that "Eventually, the RIAA will come under such heavy costs to maintain their disinformation campaign, that it would be cheaper to start using the P2P system to their advantage" is flawed. I think this is a dirt cheap and easy way for them to feel like they are doing something about the p2p problem.

      GMD

  • by ChaosDiscord (4913) on Friday January 17, 2003 @12:34PM (#5102318) Homepage Journal
    However, more recent evidence suggests that the technique is being used by major labels in-house, instead, and the sheer quantity of junk files found on the peer to peer networks today - purportedly residing on individual's PCs - points to continuing "poisoning". Why? Because users abort a junk download, or quickly delete a file. The alternative explanation for the persistence of this noise material is that users are extremely inattentive, and that's difficult to believe.

    The Register dropped the ball on this. There is a non-trivial number of peer-to-peer users who just download things because they can. Much like the core of packrat warez traders they're not so much interested in the specifics as trying to have the largest collection. (And when you get warez from one of these packrats, you'll often get software that's seriously broken.) They're not really going to listen to the two months of continious music they have, just a small subset. Clearly they're rather have real songs, but they never bother to check. It only takes a few of these people to create the impression that the network is full of garbage.

  • Don't like what they're doing? Design a better P2P solution! You're the best and the brightest (or so some of you keep claiming). P2P networks with no trust metrics are subject to corrupt data abuse. Why don't the (anonymous) IDs or IP ranges end up with negative trust metrics, so that other users download their files from slightly-more-trusted hosts? And why isn't there some kind of legal EULA to "sign" before files are browsed or downloaded? "Legitimate" users (that's us!) have the software sign it automatically, while "they" have to modify their software to send the OK without meaning it, so their access to our systems is illegal.

  • I was just thinking. What happens if you downloaded a bunch of songs that they distribute on physical media and get taken to court by them. You could easily argue that you had heard that they were willingly distributing garbage files on the P2P networks, and were merely trying to aquire some examples of them to see what all the fuss is about.

    Since they are placing the garbage up there themselves, wouldn't that imply that they were approving download and listening of the garbage files? The real files got in the way, and you were busted before you had a chance to delete them.

    Seems to me that they were better off before, simply sueing the file distributors as they find them. *shrug* Just thought I'd share that little thought. :)
  • We've got confirmation of what we've pretty much assumed is going on, and someone else saying the RIAA and co are scum who exploit and destroy artists.

    What I find amusing in these articles is they often ignore what goes on beyond P2P - people trading WITHOUT the networks, or using them together to find non-garbage songs, or ripping CDs, then sending songs to each other via non P2P methods.

    The only way the RIAA can mess everything up is if they force ISPs to monitor every transaction and get access to every computer . . .

    . . . which sort of seems to be their goal. THAT'S the important news. We already know they're scum.
  • What P2P networks need is a built in web-of-trust model that allows users to vote on content. The more good content you are currently sharing (based on file hashes or whatever), the higher your trust level. The more flawed content you share (whether it's virus infested programs, or fake songs) the lower your rating gets. Rating takes place on individual pieces of content, not on users, since anonymity is fairly important. Though it would be nice and would make this model work better if some sort of persistent identity existed on the network that allowed hardcore users to develop higher trust ratings over time and therefore be more trusted to do content rating.


    The alternative is the eDonkey 2000 model, which is have trusted sites that publish the hashes of known good content, and then just search the network for that content. Of course, eDonkey2k is so atrociously hard to use and cranky that it will never gain too much popularity (this is based on using it some 6 months to a year ago, maybe it's changed since then - of course, I think that is part of the point - make it only for |33+ folks, keep out the llamas so it doesn't get shut down).

  • by Rayonic (462789) on Friday January 17, 2003 @12:52PM (#5102438) Homepage Journal
    I guess that the RIAA's anti-piracy measures are getting so bad that they're circumvented well before they're implemented.

    There are already networks out there that incorporate MD5 checksums in order to avoid bad files (example [sourceforge.net], example [overnet.com]). Couple that with a simple checksum repository (example [filenexus.net], example [sharereactor.com]). Or maybe even a search engine (example [jigle.com]), and you never have to download another bad file again.
    • by anewsome (58)
      Anyone who thinks checksums for encoded music files would work has no idea what they are talking about. A checksum for two music files, ripped and encoded by different people would only work if both files were ripped, without error and encoded with the same identical encoder with the same exact options, id3 tags and all. Anything less would produce two files with different checksums. You could encode the same file at the same rate with the same encoder, options and everything else. 1 character different in an id3 tag and you have a different checksum.

      Fuzzy checksums would detect this but now we are getting off track. This supposed checksum database would have literally hundreds or thousands of valid checksums for each ripped file.

      So,.. yawn. Learn what you are talking about before posting.

      --Aaron

  • Labels spoof files on p2p networks. Duh. Short of suing the entire world, that's currently their best weapon against piracy. Sure it doesn't stop it, but it does make it more of a pain in the ass.

    At the same time, I wrote an influential paper for the NY chapter of NARAS disputing all of the RIAA's claims (much of the support used in the paper came from articles posted on /.). Long story short, this paper went to the voting delegates at the national NARAS meeting. They voted NOT to support the RIAA's stance on mp3s and NOT to support the RIAA's current marketing scheme where Britney Spears says downloading = stealing.

    A part of that paper said this:

    Record labels are confused and contradictory. They use mp3s in private while they deride it in public. If they're promoting a new band, they'll post the band's songs on p2p networks (often in a covert manner) with the hopes that they'll be traded and talked about in chat rooms. If it's an established act with a history of sales, they'll "spoof" the p2p networks with fake files. It's just another way of using mp3s, albeit in a subversive and anti-customer way, which is par for the course.

  • Ever since Kazaa has put out their 2.0 and onward line of clients (and Kazaa Lite as well by extension of it) there is a Quality Vote feature for all of your files. If a file is shared by 58 users and they all gave the file Excellent rating, you can feel self-assured that the file is what it says it is. I doubt 58 people would go out of the way to vote a garbled/garbage file as Excellent to propogate an RIAA/IFIA spoof file (note that the rating does not follow the copy of the file to your computer).

    As long as people are honest about the file's integrity in their voting (what motive would 3/4 of those serving the file have to lie?), then this sort of RIAA/IFIA subterfuge will be sunk.
  • "...And here I thought all of their garbage came on CD"
    If it did, their wouldn't be a P2P network to worry about, now would there?
  • Idiots... (Score:3, Interesting)

    by j_kenpo (571930) on Friday January 17, 2003 @01:20PM (#5102616)
    These people just dont get it. With the hopes of poisoning P2P file populations with garbage, do they actually hope to discourage users? I remember when I still used P2P for fileshareing, if I got a bad file, that just made me more determined to find a good one. These people dont give enough credit to the persistence and patience of people looking for music. Just because they put out bad files doesnt mean it will discourage users anymore, theyll just keep on looking until they find a good one...
  • by Newer Guy (520108) on Friday January 17, 2003 @01:54PM (#5102847)
    So I went out and bought her CD, but found out that I can't play in to my computer (which IS my CD player by the way). "No problem": I thought to myself. Since I already own the CD (that I can't play), I'll go onto Kazaa and download the tracks. BIG PROBLEM, as every one of them has been altered with a 'swishing' tone every 30 seconds or so. In disgust, I returned the CD. If Norah doesn't want me as a fan, she can go fuck herself. Actually, I wonder if Norah (even) knows and appreciates how hard her label works at derailing her career?
  • by phorm (591458) on Friday January 17, 2003 @03:15PM (#5103533) Journal
    What disturbs me is the great amount of misnamed files that contain somewhat objectionable content. Some are named as such things as disney movies, or pokemon, etc... but contain adult content. I'm sure at least a few kids have come across this crap on kazaa.

    Some of said clips (or those somewhat ambiguously named), contain content of somewhat dubious legality as well (not copyright legality, I'm referring to the content itself being very very wrong). It's bad enough that I see such things when browsing my kazaa cache... but it's worse when I think that somebody may have sniffed my (static) IP and associated me with it - or others have downloaded it off my PC.

    The messaging feature is nice... I can let people know when I find bad, or immoral, downloads - and hopefully help filter the crap-files.

"Consistency requires you to be as ignorant today as you were a year ago." -- Bernard Berenson

Working...