TorrentSpy Must Preserve Data In RAM For MPAA 489
Transient writes "Reaffirming a magistrate's earlier decision, a federal judge has ordered TorrentSpy to begin keeping server logs as it defends itself against an MPAA lawsuit. In her opinion, Judge Florence-Marie Cooper interpreted federal discovery rules broadly. ' Judge Cooper took issue with TorrentSpy's argument that data in RAM is not "stored." She noted RAM's function as primary storage and that the storage of data in RAM — even if not permanently archived — makes it electronically stored information governed by federal discovery rules.' Given that TorrentSpy has limited access for users in the US, the ruling may be moot. But it does set a precedent for other, similar cases. 'Under this interpretation, any data stored in RAM could be subject to a subpoena, as at a basic level it is a "medium from which information can be obtained" just like a hard drive. '"
Re:Put down the crack pipe and pick up a book (Score:5, Informative)
Re:Soo.... (Score:5, Informative)
Re:Evidence destruction ? (Score:5, Informative)
int main() {
char buf[255];
puts("Enter something:");
fgets(buf, sizeof(buf), stdin);
return strlen(buf);
}
where on the disk did the contents of buf get stored (assuming we have no virtual memory)?
Re:Evidence destruction ? (Score:3, Informative)
does it not also have to exist on the hard drive in some fashion also
Nope. The ram info can be anything that's taking place during the operation of software. For instance, the x,y coordinates of your mouse pointer. In the case of the TorrentSpy server, it would be inbound http requests and their source IP addresses. The TortrentSpy admins have apparently configured their HTTP server to not log these requests to files on the hard drive. The MPAA is trying another approach for gathering this information by court order. Good luck.
Seth
It's not the DIMM's being subpoena'd (Score:3, Informative)
Re:Soo.... (Score:5, Informative)
If this turns out to be expensive, TorrentSpy can make the MPAA pay for it. I'm not going to guess how probable that would be, but the option is certainly there to have the MPAA pay a few bucks for worthless IP information.
Re:Bah, move the servers offshore. (Score:5, Informative)
According to United Nations Convention on the Law of the Sea [wikipedia.org], passed in 1982, does not allow artificial islands to become sovereign nations. Sealand may have a valid claim to sovereignty before 1982, but any new attempts at creating a new nation will have to be based on a natural land mass.
Enforcibility and Burden (Score:2, Informative)
Re:Bah, move the servers offshore. (Score:3, Informative)
You need to care for the rules of the UN as you are bound by the laws of your present nation.
As most nations, with the USofA in a leading role, have signed up to international treaties giving the United Nations it's power you are bound to follow the lead of your government.
So the trick is to first become a national of a country that does not recognise the powers of the UN and then start your own Offshore Platform nation.
Re:White Board (Score:3, Informative)
They are not saying "produce the contents of the RAM from such-and-such a date", they're saying "this would have been evidence that could have been subpoenaed had it been preserved, so in future you will preserve it so that we can subpoena it if necessary".
Re:SSL Keys (Score:3, Informative)
There is no obligation for you to store/save/retain anything until after the police or a lawyer tells you that it is of interest.
This is one of the reason why businesses setup data retention policies such that after X days, [information] is shredded or wiped. That way, when they get sued or investigated, they can honestly say "we don't have it and we aren't obstructing justice because our policy is to scrap [information] after X days."
Just because you could save [information], but never have, doesn't mean you are somehow liable for not doing so.
Hippie FUD (Score:4, Informative)
The other 97% of deforestation is due to the locals and the Brazilian government. ~60% cattle ranches, ~30-33% agriculture (~30% subsistence, ~1-3% commercial), and ~3% urbanization. (I found a pretty good link here, which has a nice pie graph, which is where I'm pulling these numbers since I'm not at my home computer with all my bookmarks: http://www.mongabay.com/brazil.html [mongabay.com])
So anyway, stop blindly believing hippie FUD from the the 60s and do a few minutes' worth of research on Google. Shit, I just looked at the wikipedia article and even they have a pretty good section on Amazon deforestation. So yeah, go ahead and use all the paper you want, it's actually GOOD for the environment and has been for the better part of a century. (Oh, and totally unrelated, but if you're still believing the hippie FUD about nuclear power, you'll want to do research on that too.
Re:Um, isn't this some pretty heavy spin??? (Score:1, Informative)
The reason is that the judge cannot legally compel someone to generate a new document (such as a summary report or a log file) that they are not already producing. So instead, he has issued the order in a way that is arguably legal but technically impossible unless the defendant waives those rights (in fact it is technically impossible EVEN if the defendant waives those rights but the MPAA has graciously conceded to looking the other way for now...).
I'm really interested to see what this does to SarbOx or any future litigation. Even if it has no impact whatsoever on SarbOx, imagine the effect on any company of being ordered not to destroy any records during the course of a proceeding. Aside from Microsoft cases going a lot faster, even the smallest oil spill could cripple an oil company indefinitely ("...and the contents of the A registers of the pressure controllers for pumping station XXX, effective immediately").
Re:so hand them a stick of RAM (Score:3, Informative)
The way I see it is it is entirely impractical. Take for example the Judge's Cell Phone or Fax Machine. Both buffer and convert digital to analog and analog to digital. Care to impliment a way to permanantly capture and record all data transversing the RAM in these devices. Capturing the transient data in a server memory is equaly burdensome and useless.
If you want tetrabytes of useless data, capture all the data in just my video card memory while I play a round of Unreal. Re-constituting that data into anything useful is an exersise in futility. Same applies to random data in a server's RAM. Sifting incriminating evidence from a stream of server RAM without the CPU pointers for all the reads, writes, terminal, NIC, DMA, interrupts, and predictive branching makes a useless heap of data to sift. What data belongs to what user?, process? port? Add in some virtual environments, SSL, and more and the data heap gets big fast. What app points to what string? Who owns what app, process, or data? Good luck.