IFPI Employee Describes P2P Sabotage Activities

Maxwell'sSilverLART writes "From The Reg: Matt Warne, an employee of the international version of the RIAA, admitted that he helped the organization spread garbage and random noise on the P2P networks. Apparently, they used multiple DSL connections to present the appearance of separate users, disguising the origins of the files. His group has stopped, but he claims several of the big record companies are still doing it themselves. And here I thought all of their garbage came on CD."

Nothing wrong with it

[aridhol]

Why should the music industry be prohibited from putting junk on the network? If the user gets frustrated enough when trying to download music illegally (and yes, copyright infringement is illegal), maybe they'll actually spend money to buy music.

Why is there no great uproar when a private user puts misnamed files on the network? Or when software goes online? Why do we save our complaints for when the legal owners do something against the spirit of the system, rather than when someone else does something against the law?

I don't see anything wrong with this.

[thinkliberty]

I don't see anything wrong with this. If it makes it harder to pirate the music and it isn't a DOS against the network or another person. So what? If the copyright owners want distribute blank songs or garbage songs on p2p networks. Let them do it. It would also be interesting to find out if they paid the artist for using their name on a product they are distributing.

They have a right, in a way

[image]

Look, as much as I resent the RIAA, I have to say that they have a total right to fill up P2P networks with bogus files that look like copyrighted material.

What, you are not able to pirate a copy of some new album? Poor baby. Pay for it. You _really_ are ripping off the artist if you steal it. Yes, you are also ripping of the RIAA (which I don't care about). But don't complain that your organized theft ring is being hampered by the rightful owners of that property.

I despise the RIAA and how it treats their artists. But for the love of all that is right, don't *steal* in reaction. That is certainly not going to make the artists lives better.

Buy from alternative record labels. Go see your friends bands live. Write your own music. Read a book. Play with your computer. Make out with your girlfriend. Or, if you really want that album, pay for it. Or don't and boycott the bad labels. *That* choice is yours.

Isnt this what we were expecting all along?

[josh crawley]

As an ethical issue, downloading songs we havent paid for is just plain stealing. And they tried to shut down the source (the transfer tool and servers), byt the judge bitchslapped them down.

What choice are we leaving them? They're spreading corrupted files. It's not like they're ping flooding every user. They're just sending what the USER REQUESTS.

I'm relieved that's all the Riaa are doing. After all, protecting the groups' rights are what they're about.

EULA?

[Tar-Palantir]

I haven't read any P2P app EULAs, but I wonder if some of them might try including a clause that "You agree by using this Software that You will not attempt to degrade the effectiveness of the Network in any manner, including intentional distribution of flawed or nonsense files."

Now, IANAL, but it seems like the outcome of such an action would be positive for the geek community:

• The RIAA might simply stop.
• They might sue, and have EULAs ruled not binding (this would be negative in the sense that they could continue the monkey business, but good overall).
• The P2P companies might take them to court and win. Wouldn't that be nice?
• 
  
  Anybody see why this wouldn't work (unless some clients failed to put the clause in)?

Avoid it with MD4 hashes to identify files

[Guiri]

This can be avoided using MD4 hashes and file sizes to uniquely identify files. Then on webpages people post links to well tested files which aren't garbage. All this is implemented in the edonkey network, and it's client emule [emule-project.net], and "elinks" with valid files are posted in sites like Sharereactor [sharereactor.com]

I think all P2P apps should at least use MD4 hashes.

Re:Nothing wrong with it

[thelexx]

"Why do we save our complaints for when the legal owners do something against the spirit of the system, rather than when someone else does something against the law?"

Simple. In all cases of them being deceptive, it's just that, pure deception. With the assumption of guilt on the part of everyone who might download. Not all cases of downloads are illegal however.

It's a waste of time in the end

[stratjakt]

P2P networks are already chock full of bad 'rips' full of pops and skips, or poorly/wrongly encoded (like 56k mono), misnamed songs, and so on.

Eventually the people who get 'into' it figure out who enjoys the same sort of music they do, and who tends to have quality mp3s on their sites. So the metalheads migrate together, and the hip hop fans, etc.

If they stray outside their 'clique' and get a garbage tune or two, they delete them and move on.

They also 'poison' newer, profitable releases, and I've found that a huge chunk of the P2P'ers are there for older or more obscure music. The fact that there's a garbage version of Britney Spears' latest floating around doesn't bother a Deadhead or someone looking for underground punk tunes in the least.

So, I suppose it could discourage a handful of 13 year old newbies if by luck they manage to get the garbage files the first time they try it. But it won't 'kill' the networks.

Who's complaining?

[Sloppy]

Why should the music industry be prohibited from putting junk on the network?

No reason they should be prohibited, and I haven't seen a single poster suggest that they should be. This is news (sort of) because it's moderately interesting, not because it's some horrible atrocity.

Re:copyright infringement is illegal

[aridhol]

Hmm...I just looked at the definition of civil disobedience [63.240.197.92]:

[R]efusal to obey governmental demands or commands

OK, so you're refusing to obey the law (meaning that yes, you admit that it's illegal but you don't think it should be).

[...]

means of forcing concessions from the government

Here's where I don't beleive that you're practicing civil disobedience. See, you're breaking the law from the privacy of your own home. This means that the government doesn't see that you're doing it, so you're not making much of a statement. You're not going to acheive anything doing it this way, and you know it. This makes it not civil disobedience, but regular lawbreaking.

If you really feel that it's civil disobedience, get a bunch of people together, set up a network in a public place (rented hall, maybe), and download there. Make sure the media is there, and hand out pamphlets telling what you're doing. Get your message out there. Face the risks of being arrested.

Until you do something like this, I say you are not practicing civil disobedience, but plain old lawbreaking.

Re:They have a right, in a way

[RackinFrackin]

You make good points, but also one error. Breaking copyright law is not stealing - it is copyright infringement. There's a huge difference.

Advertising.

[Moderation abuser]

They should use p2p like a radio broadcast, put low bitrate encoded versions up for free, advertise sites where the high quality encodings can be purchased for $0.50.

Re:Why haven't I noticed?

[uncoveror]

They want everyone to stop trading files, so they fill the networks with garbage. They want us to pay $20 for a CD that cost less than 1 to manufacture, and most of those are filled with garbage. Increasingly, they won't play in a computer because of "copy protection," when computers are they only player many of us have. How do we tell them we don't approve? By boycotting their products. [dontbuycds.org] Let CDs gather dust on store shelves.

"I thought all of their garbage came on CD."

[Junks Jerzey]

Troll.

You're essentially saying that every single band from the last 40 years that has any kind of name recognition is garbage. That's a lot of bands to be smacking down with one offhand comment. Sure, there's a lot of crap out there like Creed and Mariah Carey, but if you put together a list of all good bands that have had major label deals *ever*, then that's a mighty long list.

Re:They have a right, in a way

[The Evil Couch]

if you already bought the album, why do you need to download another copy of it?

just do what I do and rip the audio data to mp3. depending on your computer, it'll take 3-10 minutes, whereas tracking down all the tracks for your cd and finding someone that's not being a file whore to get them from will take 1 minute- weeks. that way you don't even have to worry about mislabeling or low bitrate, because with a decent CD ripper, it'll connect to a CD database and put in the correct label for you and let you choose what bitrate you want.

everything you want, none of the hassles of trying to pull it off a peer to peer network.

back to your question, if you have a copy of the CD on hand, then you probably do have the right to seek out a backup copy for personal use. after all, the end state is the same as if you had ripped it yourself. but my way's a lot better :p

Re:Nothing wrong with it

[Anonymous Coward]

For the simple reason that you don't possess
any such right - you are exempt from copyright
law if you personally make a backup of media you own but no-one is obligated to make it either
easy or possible for you to do so.

Enigma

[moc.tfosorcimgllib]

If the user gets frustrated enough when trying to download music illegally maybe they'll actually spend money to buy music.

And the money spent on this music funds the company putting random noise on this medium instead of producing more, better music.
What happends when more money is spent on protecting the music than actually producing music?

Just random thought noise.

The Cost of "Disinformation"

[davejenkins]

Disinformation, the act of spreading rumors, false orders, and couterfeit money is as old as warfare itself. Usually, the production cost' of disinformation is much less than the 'production cost' of truth. It's easy to spread a rumor about ambushed soldiers, whereas actually ambushing someone is pricey. Fake Confederate dollars were much easier to print than real ones, etc. Al Qaeda knows this, and it's rumor mill is going full steam.

Now to the immediate fight: the RIAA and record labels have decided to invest time and money into producing counterfeits and disinformation. The problem is that the very structure of P2P networks makes this overtly pricey:
1. The RIAA must proactively produce 'bad' Britney Spears
2. Some dope must download this 'bad' track-- but once they find it's bad, they delete it. The track never gets past that first copy.

Whereas 'legitimate' tracks get copied and passed around by everyone, because the legitimate tracks are keepers, and they expand virally.

Eventually, the RIAA will come under such heavy costs to maintain their disinformation campaign, that it would be cheaper to start using the P2P system to their advantage (theoretically)

Packrat P2P users do save garbage.

[ChaosDiscord]

However, more recent evidence suggests that the technique is being used by major labels in-house, instead, and the sheer quantity of junk files found on the peer to peer networks today - purportedly residing on individual's PCs - points to continuing "poisoning". Why? Because users abort a junk download, or quickly delete a file. The alternative explanation for the persistence of this noise material is that users are extremely inattentive, and that's difficult to believe.

The Register dropped the ball on this. There is a non-trivial number of peer-to-peer users who just download things because they can. Much like the core of packrat warez traders they're not so much interested in the specifics as trying to have the largest collection. (And when you get warez from one of these packrats, you'll often get software that's seriously broken.) They're not really going to listen to the two months of continious music they have, just a small subset. Clearly they're rather have real songs, but they never bother to check. It only takes a few of these people to create the impression that the network is full of garbage.

Re:Nothing wrong with it

[grolim13]

'twould be legal if the person downloading it already owned a copy on CD.

Yawn... MD5 Checksums

[Rayonic]

I guess that the RIAA's anti-piracy measures are getting so bad that they're circumvented well before they're implemented.

There are already networks out there that incorporate MD5 checksums in order to avoid bad files (example [sourceforge.net], example [overnet.com]). Couple that with a simple checksum repository (example [filenexus.net], example [sharereactor.com]). Or maybe even a search engine (example [jigle.com]), and you never have to download another bad file again.

Re:Too little, too late

[Anonymous Coward]

"Boo Hoo. If you don't like someones song enough to buy it, you don't like it enough to dowenload it for free."

From a strictly economic standpoint, that's like saying, "If you don't like milk enough to buy it at $30 a gallon, you don't like it enough to buy it at $1.50 a gallon." Or, since most songs come bundled on a CD with a dozen others of unknown quality, it's like saying, "If you don't like milk enough to buy a gallon of milk and this bag of groceries I'm hiding behind my back for $200, you don't like it enough to buy the jug alone for $1.50.

Please provide an economic rationale for your idea that, if a person doesn't like a product or service enough to purchase it at price X, then they don't like it enough to purchase it at substantially lower price Y. Because you've lost me.

Re:copyright infringement is illegal

[Ann Coulter]

Prohibition ended because of plain old lawbreaking (resulting in some corpses and blind people to boot). Sometimes civil disobedience does not send the message clearly. The most effective message is direct action and if it takes money from RIAA members and indirectly their political pawns then it is more just than parades.

Re:Fighting Fire With Fire

[PinkFloyd]

"File sharing is illegal - you are paying nothing for something."

No, file sharing is _NOT_ illegal. Copying and distributed copyrighted works is illegal. There's a world of difference between the two.

Re:Yeah

[buswolley]

What we need is an intelligent agent that scans our mp3's etc and gets rid of the junk.

Re:Yeah

[NineNine]

That's what the integrity ratings are an attempt at on the FastTrack network. The only problem with that is that the "intelligent" agents are the users.

I disagree -- on both counts

[GuyMannDude]

2. Some dope must download this 'bad' track-- but once they find it's bad, they delete it. The track never gets past that first copy.

Ah, if only p2p networks were so efficient. Most people just aren't as deligent as you about cleaning up corrupted stuff they download as you are. With harddrives in the tens of gigabytes these days, there's no pressing need for the average user to get rid of every single junk file. Most people are lazy, lazy, lazy. They download a whole chunk of mp3s at once and figure they'll sort through them later. Maybe that won't happen for a few days. In the meantime, others do the same thing and download it off him before he gets a chance to delete it.

I don't quite understand your arguement about why creating bad mp3s is so pricey for them. I'm sure they can whip up a short program that will automate the process. Then they just pay some intern minimum wage to run batch jobs and create a huge amount of corrupted files. They can repeat this process over and over.

I'm not saying that the RIAAs tactic is sound. But I also think that your conclusion that "Eventually, the RIAA will come under such heavy costs to maintain their disinformation campaign, that it would be cheaper to start using the P2P system to their advantage" is flawed. I think this is a dirt cheap and easy way for them to feel like they are doing something about the p2p problem.

GMD

It's not that simple, buddy

[Cokelee]

If you really feel that it's civil disobedience, get a bunch of people together, set up a network in a public place (rented hall, maybe), and download there. Make sure the media is there, and hand out pamphlets telling what you're doing. Get your message out there. Face the risks of being arrested.

Hmmm, not quite. When it comes to those who care more people use P2P than don't.

See this is the internet and everything is distributed (not the hippie generation where your approach might actually work). Millions upon millions of people disobeying the law is infinitely more formidable than getting a couple hundred to take a fall for millions.

You see, if the civil disobedience came only from a few people in this situation they would be squashed and become an example, not a martyr for the cause.

By effectively eluding the government and **AA people are out rightly defying the law in masses. Meaning, if the government does not change its policies it will be forced to imprison its population. Because this cannot occur and have the government still exist, the masses will win over the few.

It's only a matter of time and determination.

Re:Yeah

[Old Uncle Bill]

Without a doubt, that is the biggest truth about this article. FastTrack has built in a moderation system of sorts, but do people use it? Hell no. Try this for starters, go search on FastTrack for the movie XXX. I bet one entry comes up saying it is a perfect copy with about 40 people who have it. That equates to 40 dumbasses, because that file is really Half Baked. What is the point of sharing when you are sharing shit? I think the general user on the system is more to blame than the incompetent folks over at the RIAA/MPAA.

Re:Just block 'em at the firewall.

[Grit]

Umm... isn't one of the "strengths" of P2P that this would only be effective if everybody refused to peer with these addresses? Even if it were effective, wouldn't the parties involved just call up the phone company and order a DSL line--- with an address from the phone company's IP address block?

The same anonymity which P2P promises cuts both ways. Installing filters like this is a big waste of time. Now, accepting the connections but keeping them occupied via a fake "honeypot" network might at least be interesting...

Re:Yeah

[Phil Wilkins]

It was Mike Batt, of Wombles fame, and he was stupid enough to give Cage a co-writer credit. The Cage estate sharks duely extracted their pound of flesh.

Moral: Don't dick with the credits.

Re:Fighting Fire With Fire

[Tenebrious1]

"File sharing is illegal - you are paying nothing for something." No, file sharing is _NOT_ illegal. Copying and distributed copyrighted works is illegal. There's a world of difference between the two.

Not quite- copying and distributing copyrighted works... without consent of the copyright holder... is illegal.

Re:Just block 'em at the firewall.

[glesga_kiss]

Why would anyone keep a crappy mp3 on their computer for other people to download?

I've figured out a way this can happen and is happening on p2p just now. Here's the sequence:

1. Troll user or industry contractor downloads a common file that is genuine. LOTR on DivX for example.
2. File gets renamed to something else.
3. New user comes along, sees the fake and starts to download it. important note: the file on your machine is always named the same as the original you first selected to download
4. Each copy of the file (including the properly named ones) becomes a valid hash-compatible alternate source. So even if the fake-providing user goes off-line, there will still be sources.
5. Here's the key part: Your partial downloads are shared. Other users see you with the fake file, even though you don't even know it's fake yet. They start to download it from you, with the same fake name. If it's a popular fake name, the effect snowballs from there.

Unless everyone deletes the fake file at the same time, it's going to be there forever. This works best for large files, so you'll see a lot of mp3 singles that need overburning to fit on one disk. A lot of users don't know what to expect as a filesize, so they can and are caught out by this.

I've been aware of this for sometime now. I didn't want to post it anywhere, in case it gives someone any ideas. This thread has kinda mucked that up though, so it doesn't matter anymore.

Now, the question is, what to do to avoid this issue:

1. Use WinMX [winmx.com] and it's "Search alternates" feature, which will look for files with the same hash. You should remove the first line of the search (the filename) and re-click on "find", so you are getting back all files of the same checksum. If most of the names don't match what you have, it's usually a fake. Kazaa doesn't allow anything like this unfortunatly.
2. Install a tool like sig2dat which gives your system a new net service available through web pages. You get a link like "sig2dat://......" which, when clicked on it will create an empty partial download for Kazaa. Restart Kazaa and it will begin looking for that particular file. If you trust the web page, then you are happy. FastTrackMovies [fasttrackmovies.com] springs to mind.
3. Pay attention to file sizes.
4. Block IPs that are "nasty"

What really floats my boat is the evential outcome of this. The industry is shooting itself in the foot in this arms race between them and the world, that they cannot possibly hope to win.

Think of it this way. Soon, no one will trust filenames in p2p and the searches will become redunant. One of two things will happen: People will start remortgaging their homes again to buy CDs. Or, people will create better systems that allow ratings of files, like the sig2dat system.

This is fantastic for the p2p user. Not only do you know that you are getting the right file; you'll also have reviews and comments on it's quality and listings of other files you wouldn't have normally thought of searching for. Entire albums can be queued in one click (the question is, will Amazon sue?!? ;-)

What I envisage happening long term is p2p being more of a service on the PC, with little user interaction. To send someone a file, you send them a "link" to that file on the network, and your client seeks it out itself. Just like the birth of Napster, the record/movies industries choice of action (or inaction) will ultimately bite them. Evolution doesn't work well unless someone is hacking away at the weak links.

misnamed files - dangerous material

[phorm]

What disturbs me is the great amount of misnamed files that contain somewhat objectionable content. Some are named as such things as disney movies, or pokemon, etc... but contain adult content. I'm sure at least a few kids have come across this crap on kazaa.

Some of said clips (or those somewhat ambiguously named), contain content of somewhat dubious legality as well (not copyright legality, I'm referring to the content itself being very very wrong). It's bad enough that I see such things when browsing my kazaa cache... but it's worse when I think that somebody may have sniffed my (static) IP and associated me with it - or others have downloaded it off my PC.

The messaging feature is nice... I can let people know when I find bad, or immoral, downloads - and hopefully help filter the crap-files.

Not enough.

[twitter]

it's already begun! how much are those trolls getting paid?!

Ever met a rich whore? Neither have I. People who sell out like that are always pawns and never have anything.

The wistle blower should not be trusted. If he had left while the effort was ongoing instead of after it was shut down, his credibility would be much greater. I don't believe him when he says that he did not engage in cracking and other illegal activity. We have several posts here that attest to the fact that people are using the P2P networks to spread viruses. All we can be sure of is that the RIAA and friends are doing everything in their power to eliminate fair use music sharing.

They hate music sharing because they don't control it. If people are free to share what they realy enjoy instead of being forced to listen to programs designed to sell 40 albums a year, the recorded music world will once again regain the diversity the real music world still has and we will start to see more recording lables than you can shake a stick at. The RIAA will be ruined, of course. Oh well.