Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
News

NetPD, Metallica's Mysterious Tracker 290

Akilesh Rajan writes: "An article at Forbes talks about the firm that supplied Metallica with the software it needed to capture 335,000 users. It 'works like 5,000 humans sitting in a room doing Web searches' to identify user names. Demand for their services is enormous, especially since they also plan to expand into the videogame and movie protection businesses." This NetPD company is unrelated to the shareware program NetPD, which, ironically, helps protect user privacy.
This discussion has been archived. No new comments can be posted.

NetPD, Metallica's Mysterious Tracker

Comments Filter:
  • by Anonymous Coward
    Guns have only one purpose--too kill.

    This is utterly untrue. Guns can also be used to maim, cripple, terrify, and to destroy property. They are much more versatile than you are leading people to believe.
  • by Anonymous Coward
    " How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order."

    Login to laundry.org and then head offshore to crypt.kk and back onto Tombstone, er . . .
  • by Anonymous Coward
    I would say NetPD is trying to cash in on all the paranoia of the recording and movie industries, according to the article they are staffing up and sounds like they will be poised to go public. Pretty good plan, I actually wish I would have thought of it first.
  • by Anonymous Coward
    gawd, the irony here is just too much to pass up; someone using slashdot to talk about how the diversification of musical artists will decrease in a future without commodified culture, in a future where artists will have to fend for themselves.

    Can you say Internet?

  • by Anonymous Coward

    Touring can be pretty grueling work, especially for a musician. Later, and even earlier, in life artists can develop illnesses that prevent them from physically holding concerts, yet be able to record in a studio.

    I've noticed that for some of the aging rockers their followers may only number in the thousands and it does not make sense (esp. monetarily) to go on costly tours. Many aging musicians are forced to entertain at race tracks (I seen this myself), rodeos, and small night clubs yet to make a cent. And, let's not forget Barbra, she suffers from severe stage fright and can't go back on stage!

  • by Anonymous Coward
    As for the bouncing/encrypting, Zero-Knowledge Systems wrote a piece of software called Freed0m, which does just that.

    As someone recently posted to Cypherpunks when this issue came up, Freed0m has a bunch of problems.

    Judging from the FAQ, you can only use ports that they have blessed. (They say that you can use MUDs with it as long as they're on port 23.) I can't believe someone would write something that braindead, but who knows these days.

    It's Windows only.

    Source isn't available.

    It's Windows only.

    You can proxy, but all the servers are presumably controlled by the same entity or are in the same jurisdiction. It's trivial to strongarm the company (via warrants and the like) to reveal the identity of a user.

    Did I say that it was Windows only and that no source was provided?

    Their claim that users' tokens can be connected to their real identities and that "not even Zero-Knowledge" knows who is behind a nym or connection is immediately made extremely suspect by their claim that they will try to track down people who traffic child pornography. If it's untrackable, how can they ever hope to track such a person down?

    Oh, and it's Windows only and no source is provided.

    Thanks but no thanks.

  • by Anonymous Coward
    The above sounds like a great idea. Gnutella is the answer and we might as well fortifying it more to protect against sue crazy lawyers and their rock-star clients.

    Hey, come on, you know you've cost him, so why not pay Lars [paylars.com].
  • The same trick worked for blocking packets headed for Real.com's subnets when their RealAudio player was tracking our listening habits. Also good for blocking out doubleclick.net, microsoft.com, etc.
  • by Anonymous Coward
    I saw this firm on the BBC's "Money Programme" and they had som 'duh' guy who looked totally clueless running a realtime trace on some guy d/l metallica. the target was some dude at the University of Alaska and 'duh' showed us the trace as it went from him through several nodes to the Alaskan. The graphical screen was such a directed graph with PC icons at each node.

    It was kinda spooky to watch, and I imagine Governments have a proper version, but it looked they were just doing a traceroute/DNS lookup on the IP packets as they made their journey. Trivial really. as soon as Gnutella/freenet can hide IP addresses and encrypt data packets this sad little firm will crash and burn.


    When they interviewed the Freenet's creator and 'duh' was told about it he said "it doesnt matter we can still trace them". true now, but he clearly didnt get the BIG PICTURE.

  • by Anonymous Coward
    Using a bot on Napster is against the terms of service. In other words, it is an unauthoriszed use of Napsters computers. What is to keep Napster from filing a criminal complaint against NetPD and Metallica?

    Now that would be fun!

    --P

  • by Anonymous Coward
    As root on your Linux box or linux internet gateway machine (you are running Linux, right?) do:

    ipchains -A input -s 208.145.34.0/24 -d 0/0 -j REJECT
    ipchains -A output -s 0/0 -d 208.145.34.0/24 0/0 -j REJECT

    Poof. Packets headed from mp3police.com to your machine or vice versa are brutally slaughtered. You will appear as machines with all ports closed to one another. Access to the rest of the internet is unaffected. Add a -l to log the failed tx/rx attempts.

  • by Anonymous Coward
    Hmmm... If people abusing napster = napster responsible for those peoples abuse? Then If people abusing visual basic = Microsoft responsible for all those damn VB viruses? I mean the logic does follow.
  • by Anonymous Coward
    Is for one of the bands suing Napster to try to use this service to sue the acutal users:

    "Sir, we've looked all over the state of Calafornia and there just doesn't seem to be anyone named Mike Oxlong around."

  • by Anonymous Coward
    As the piracy apologists like to say: "you can't stop the technology".

    NetPD has a net connection and they have found a creative way to use it. Good for them.

    They won't have to reveal their search technology in court. Think about this: there are about 5 names on each sheet of paper that Lars Ulrich gave to Napster. That's about the size of a screen shot. I speculate that they just turned over screen shots of each user they found offering Metallica MP3's, and they don't have to discuss what search techniques they used to create those screen shots.

    It's downright funny to see pirate apologists yammering about NetPD violating "Terms of Service". Hey, CD's come with "Terms of Service" too, which are found in the Berne Convention. One of the terms is don't make copies for a bunch of other people. That's pretty bsaic.

  • by Anonymous Coward
    And NO IP addresses. Just Napster account names that are listed by the software. This from a friend who works at Napster.
  • by Anonymous Coward
    I wonder if Mr Ward has taken into consideration that data collected in the UK would be subject to the Data Protection Act 1998 - ie. based on various data protection directives which have come out of the EU. His company has possibly commited a criminal act by passing data relating to individuals to the US.
  • The Bill of Rights does not apply to businesses. It only applies to government.

    There are various privacy acts and such prohibiting unauthorized wiretaps by private parties and such (just ask Linda Tripp :-), but it is unlikely that any such laws apply here. In any event, it's not a Constitutional issue, since the Bill of Rights restricts what government can do, not what businesses can do. The only restriction upon businesses are the laws passed by Congress and the individual states -- bodies which increasingly are owned by big businesses and which rarely today serve the people.

    -E

  • Not one bit... so they can cobble together a C program that aggregrates the data returned by a search query made using a protocol that has been reverse-engineered and publicly documented. "Artificial intelligence" is a total fucking lie, and Forbes went for it hook, line, and sinker. I can all but guarantee you that whatever they used was no more than an amalgam is socket calls, pattern matching, and logging. WOW! Given the proper motivation and bandwidth, I could have written this. Most everyone here probably could. And now they have the balls to call themselves the "MP3 Police"? Uhh, not quite.

    I have a feeling their capabilities for detection of illegal MP3s is massively overblown. First, they did not check to see that people were actually offering files for download. They only checked to see if people came up as search hits. How do I know this? Because my computer was running Napster for the last two weekends and has been for over a month. During the time period that they claim they did their probing, not a single Metallica track was downloaded from my computer. None were even "poked" and then cancelled to see if I was offering them.

    It's possible to enter a max upload rate of zero and not upload anything to anyone. Merely having copies of Metallica songs on my computer that I am not distributing is perfectly legal and covered under fair use. We went over this last year with the Diamond Rio.

    So, NetPD has produced a fairly hokey list of 300,000 names of people who have Metallica tracks residing on their computer. So what. This is not illegal. It's also not illegal to name my MP3s after Metallica songs. So if I want to my Beethoven's 5th Symphony public domain MP3 "Enter Sandman", that's not a copyright violation. AFAIK the only way to prove that all 300,000 users violated some sort of copyright is to download the tracks and listen to them. Unless they really have written some sort of AI software that can do this (highly unlikely), all they have proven is that I have files on my computer vaguley matching "*Metallica*.mp3" I am free to name my files whatever they want, and I'll be damned if NetPD or mp3police.com or whoever is going to tell me otherwise.

    --
  • I see. So, may one conclude from your jibe that you believe copying digital media is a crime as heinous as rape? If so, your priorities are seriously out of whack.

    Now, if you'd instead written, "speeding on the nation's highways," then you might have had point worth discussing.

    Schwab

  • > It seems that if anything's funny it's put as
    > Weird Al or Adam Sandler

    When it should obviously be put under "Dr. Demento"

  • Bizarre. You think that companies can make their own law? A "fine" clause would not be valid just because someone writes one into a shrink-wrap contract.

    NetPD would only be bound to obey Napster's terms of service if they have a legally binding agreement with Napster. In some places, clicking on the "I agree" button creates such a contract. But lots of folks have reverse-engineered the Napster protocols. This reverse engineering can be used to track users. Anyone running Napster from a box with a static IP address, and serving up MP3s belonging to bands/record companies that don't like Napster, is a moron. You will be traced. Even if you have a dynamic IP address, your ISP could help to nail you.

  • Hmmm. You do realize that the simple fact that the very sight of these CDs turns your stomach does not entitle you to sell them? If you sell them without remitting royalties to Metallica, you have committed a violation against the copyright holder, and I understand the holders of the Metallica copyrights are a bit touchy here lately...

    though you're probably kidding, I thought I'd point out something that people like the RIAA would really like to get rid of: the principle of first sale. basically it says that they can't do anything about (who/what/whether) you sell it. Now, with DMCA, it is possible to technologically block this, though it is yet another principle enshrined in copyright/fair use law.

    so, though you're not allowed to make copies and distribute/sell them, you can take your original copy and pass it on/sell it/microwave it, and there isn't anything they can do about it.

    Lea

  • >If you are unable to make a copy of music you own personally, I seriously doubt it legal for you to obtain a copy from someone else's copy.

    Why not? Libraries do this frequently to replace missing or damaged pages in books or periodicals.

    Or, for example, you ask a friend to make a copy of a CD you own to tape, but you & your friend find it hard to meet to hand your copy over for copying. ``No problem," says the friend, ``I'll just make a copy of my CD & give it to you next time I see you."

    I'd say that there are enough plausible reasons for sharing MP3s over Napster that do not violate copyright -- & indeed require the bottom fish^W^Wsuits at RIAA to provide proof that their rights are being infringed upon -- & to convince a jury or impartial judge.

    Geoff
  • "If you buy something that you think is cocaine, but actually turns out to be baking powder you are still guilty of purchasing drugs in the eyes of the law. The same for selling fake drugs."

    This is going to vary, but usually this actually results in a charge of Attempt to Posses Nacotics. If a man lies dead and you feel he is sleeping and you shoot a bullet through his heart, you are guilty of attempted murder.

    Or that's how it's supposed to go.

    Bad Mojo [rps.net]
  • Well then, LET HIM decide to distribute his music over the internet. It's his property, it should be his choice. labels may screw artists over, but napster really has no answer to the question of how will they get paid? Labels have money and can pay artists... And i know plenty of friends of mine that release their own music on the internet. By their own free will.

    People that trade artists music freely across the internet are essentially saying that the music is worthless... They're also stating that no matter how much they like a given song, they have absolutely zero respect for any artist whose work their giving away for free. It might not be as explictitly stated as that, but you're cutting them off from one of their only revenue sources and hiding behind the idea that the labels are the bad guys and you're trying to help them.

    Music (in general) is so much more than just "data" and should never be treated under the mantra of "information wants to be free". Everyone who thinks that, in my eyes, are all the most shortsighted individuals.
  • Tup... to make a parody of someone or something, you have to start with a likeness of your target, otherwise it's not a parody.

    Parody has been long-recognized as a vital form of free-expression, and that's why it's protected in the (US) law.
  • It's not illegal to *download* a Metallica file, it's just illegal to *distribute* it.

    Copy Right law restricts the Right to distribute Copies (for a cost or not) to the author, or other Copyright holder.
  • But, let's say I went to a Metallica show.. and had tapers-section seats, and I recorded the show. That's MY recording, I own it, and the copyright on it. I can share "Metallica-Enter Sandman.mp3" if it is from the Albany, NY show I taped it at.

    Now, what differentiates my "metallica-enter-sandman.mp3" file from some bozo's "metallica-enter-sandman.mp3" CD-Rip? It's the CONTENTS... and I can bet you they didn't sit down and listen to the contents.

    Napster can summarily reject the data as bogus on that principle right there.

    D
  • Should that be www.befound.co.uk. There's a big difference.
  • They dont' have to. THey aren't taking you to court.

    Odds are if you are using napster, and sharing a file called 'metallica-black.mp3' that it is in fact, Black, by Metallica, and music. They are asking napster to ban the users, as napster said they would.
  • It is legal for you to COPY the CDs you have.
    Presumably, nobody would try to sue you for copying them from somewhere else, if you have the originals already.

    What is at issue is the fact that the other person does NOT have the right to GIVE those copies to you in the first place, and as you are receiving information they are giving you illegally, the information itself is illegal.
  • hey don't have to prove it in court.

    Napster said that if Metallic provided them with names of infringing people, that napster would ban them (as per the napster usage agreement and other things on the site, as well as a letter right from naspter's lawyers to metallica's lawyers). Metallica did just that. They are not suing users, they are not planning on suing users.. they are simply making napster do what it said it would do. Whether it is admissible in court is irrelevant. Napster said 'give us names, we will act accordingly'.
  • Did NetPD go through the trouble of ensuring that these files were what they claimed to be? What's to say that the file 'Metallica-Black.mp3' isn't my biology assignment? Or maybe it's just a tape of me singing in the shower?

    Is it illegal to have a file that has a title that sounds like a song? Shouldn't they have to make sure that this file is what it appears to be? That would take a long time given the number of Metallica songs that are out there and the thousands of file sizes that are available for these songs (based on combinations of frequency, bitrate and ripping software).

    Just some thoughts ...off to see if www.NetPDSucks.com [netpdsucks.com] is registered yet.

    ------
    IanO
  • I'm in the mood to......spoof.....

    linux/beos bands/songs
    here [mp3.com] and here [mp3.com]
  • Anonymous attacks are becoming more and more effective in the U.S., you can anonymously rat out your neighbor to Child Protective Services and they have to prove to the authorities that you aren't beating your kids, and if you refuse to cooperate you are (to them) admitting your guilt and you will always be suspected.

    Once NetPD fingers you as a copyright violator (even if they make up the information out of whole cloth, who can prove otherwise?), people like Metallica and the RIAA will assume you are scum of the earth, and but for the fact that most people don't have much money and wouldn't be worth the trouble, would probably sue you into the Stone Age.

    And if they do pursaue it, as with any unfounded litigation, it will probably be easier and cheaper to settle.

    IANAL, nor do I pretend to have any idea what I am talking about.

  • Assume I've never used Napster (I have for awhile now). What username are they referring to? Did they just capture IP addresses of people who have Metallica MP3's up for grabs, or people who are downloading Metallica MP3's?

    I'm a little foggy on "what" they actually captured.
  • <i>This kind of thing would never stand up in court.</i><p>

    It doesn't have to stand in court. It's Napster's own policy that's biting them back. Since Napster promised to remove any specified user's account per the artist's request, if Metallica comes back after a couple of weeks, looks up any of 300,000 users and finds out that metallica mp3s are still being offered, Napster is going to face more trouble in court.

    Go get your free Palm V (25 referrals needed only!)
  • fom your bash command line ;)

    mkdir /home/pirate/netpd-bait
    for i in `ls /home/pirate/mp3`
    do cp /home/pirate/mp3/$i /home/pirate/netpd-bait/Metallica-$i
    done

    login with favorite client and redirect your db to /home/pirate/netpd-bait

    What? have they linked in mp3 id tags? same search, insert command to change id tag.
  • He also owns, or at least registered the www.befound.com site (the one hosting the old Y2K software page). Also if you write to them you can ask that they remove any data they have regarding you under the terms of the Data Protection Act (see my previous post).

    Offtopic but interesting The data protection registrars response to the RIP bill [ccta.gov.uk] (Word Doc)

    http://www.dataprotection.gov.uk/ [dataprotection.gov.uk]

  • Anybody know their real name?, if they are in the UK then what they have done is WAY Illegal under the data protection act, assuming that the information they have collected could be considered personal data (not entirely sure about that, but it would seem to be).

    Can't find Netpd/mp3police or Bruce Ward registed as data collectors on the Data Protection website [dataprotection.gov.uk] either.

    Section 8 is interesting, u r not allowed to transmit data outside of the European area unless you can prove that there is sufficient protection for it....

    And hey if you think you are on their list you can send a couple of quid to their registered address and they have to send you a copy of all the info they have on you.

  • You've hit on a really good point...

    He insists that to say more would enable Napster and other MP3 programs to block the software.

    The proceadure/progarm/AI is defeatable by their own words. It will only take a little time and effort and NetPD will be made impotent!

  • All the probes are coming out of a cable system in the UK. Look on whois.ripe.net for the real source

    inetnum: 62.254.209.128 - 62.254.209.159
    netname: MP3PLTD
    descr: Internet applications for the music industry.
    admin-c: BW2097-RIPE
    tech-c: COH1-RIPE
    person: Bruse Ward
    address: 1st Floor,Godolphin House
    address: 2 The Avenue
    address: Newmarket Suffolk. CB8 9AA
    phone: +44 1633 670000
    e-mail: Bruce@mp3police.co.uk
    nic-hdl: BW2097-RIPE
    changed: hostmaster@ntli.net 19991221
    source: RIPE

    but can't find the registry contact for mp3police.co.uk, it seems to be hosted at Xara.net.

    According to logs, mp3police.co.uk were actively scanning http, ftp, and napster style connections starting in mid-april. Machines were under occasional cyber-attack by groups of 5 machines, each taking turns probing different services and trying to walk ftp trees on a few anonymous-login servers, and ignored robots.txt on the web servers. Couldn't tell from the logs what they were looking for, but since they didn't try to rattle any exploits, the rogue bots were ignored for more immediate threats.

    It should be noted that for a while they were attempting napster type connections on whole banks of IP addresses, whether or not the nodes were running napster. It shows up kind of funny in the security logs when routers are probed by a rogue napster client.

    So their scanning pre-dates the lawsuit, or else there were preparations for the suit going on for a long time.

    I think mp3police or netpd have been getting ready to sell their services to the first lawsuit to come along. They've collected tons of logs over a period of months, and then when metallica hit the news their marketing guy contacted the lawyers. I wonder what their business plan looks like :-)

    the AC
  • The article hints that this software would be easy to block. It relies on Napster, etc. not knowing what to look for. I wonder if Napster could look at logs of the Black Weekend (bad Metallica pun--sorry) and figure out how to block NetPD.
  • Let's try to be just a little consistent here. Under any other circumstances, slashdot posters would deride those TOS as completely ludicrous -- of course you should be allowed to use bots and reverse engineer the system.

    But now you want to enforce such restricive terms!? With a fine !?. That must be the most stupid thing I've heard all day.

    *shakes head, sighs, and turns away*
  • Someone thought I was joking!

    No. The TOS should have those terms, and the fine clause, and here's an analogy:

    I write a bit of software. The license I used granted some of my rights to my users. My users can do all sorts of wonderful things with my software. But so can BigEvilCorp. They decide to rip me off and exploit my license. I can't change BigEvilCorps license. They can screw me.

    I write another bit of software. The license I use not only preserves all of my rights, it actually removes some of those normally granted my users. My users want to do wonderful things with my software, and I can let them, either by changing the license on a case-by-case basis or by choosing to not enforce some of it. But BiggEvilCorp can't screw me.

    It's not the TOS or the license; It's the person enforcing it.
  • Read the rest of the thread, especially my reply to myself. They're not hypocrites, exactly..
  • Of course I think they're ludicrous! But I also think that NetPD's collection of 335,000 usernames is ludicrous. A perfect match!! I personally could live with bots. You'll note I made no mention of levying a fine on them. Collection of information that is or could be personally identifiable is not acceptable under any circumstance, however. Reverse engineering, in the case of making a new client conforming to the specifications and rules laid out by Napster, Inc., is and has been deemed (by allowing said clients to connect) acceptable by said company. Reverse engineering with the express intent of violating the other terms of service (in this case, personally identifiable information) and in the process damage Napster, Inc., should deserve enforcement of the fine. And what if they did not collect IP addresses? I'd consider a list of the files stored in /home/jim/napster/shared/ a pretty good fingerprint.
  • Shrinkwrap/click-thru licences have been tested by a couple of states now. They are, to everyones great detriment, probably enforcable. /. had a mention of the WA case a few days back. Entering into a contract with deliberate prior intent to violate it is fraud. If you sign the contract knowing you're going to violate it, and then violate it, not only can the other party void the contract but can sue you for damages based on the fact you knew you would violate it. If they want to be pricks about it, they could also push to see you prosecuted criminally.. Changing the license after the fact is something traditionally illegal. UCITA makes it legal, unfortunatly. I hope Verant gets a good slap..
  • I'm not quite sure that the progress of electronic communications will help our situation. Every day a budding musician has to travel farther in the scene in order to eat, since the big names keep becoming bigger and bigger. I'd prefer to concentrate on everything that's going on nearby, but too many people concentrate on high profile talent, and local music fizzles unless it's distinctive. I'm sure some people will say that the added competition makes the remaining few stronger, and they're probably right. But it does make it a pain in the butt to find fun shows and cool records if you're not into pop pap.
    --
    The other side is crowded. The dead have nowhere to go.
  • yep, we're talking about GSM here. Prepaid phones, and use them only for the one phone call where you do your misschief, that way they can't find you buy tracing all the calls you do with that phone. Oh, and for bonus points, assume that when you use the phone they are ably to track your location by finding out what GSM base station you're connected to - so do this from a moving train during rush hour.

    -John
  • Remember Usenet? Store and forward becomes effectively completely untracable with just a tiny bit of effort. Perhaps we'll see a resurgance in the alt.* hiearchies...
  • They're obviously aiming for a hallowed spot up there next to Oasis...
  • Good point, but when does a bot get a chance to read or agree to Napster's TOS?

    There is nothing in their protocol [sourceforge.net]that sends the bot Napster's TOS, nor is their any request in the protocol that asks whether or not the user actually agrees to the TOS. Without these things in their protocol, NetPD could argue that they never saw nor agreed to Napster's TOS.
  • Allright, so a bunch of idiots put together a program that lists people that are supposedly serving metallica songs, even though Metallica is the weakest band around.

    Anyway, is this provable evidence in court? Did this program DOWNLOAD and LISTEN to the songs? What if someone gets kicked off because they have a Chuck D song that is renamed to Metallica-One.mp3 ?? What if its a lower quality, or is just a clip, and not an entire song?

    Has this stupid program (written by a stupid company (hired by a stupid band))) proven anything here?

    Mike Roberto (roberto@soul.apk.net [mailto]) -GAIM: MicroBerto

  • They can make it from live performances. Up until the last couple decades, that's where the money was made - record sales and radio airplay were the means by which artists built their reputation, allowing them to make money by playing LIVE.

    The rise of the fixed-medium (vinyl, CD, etc.) music industry as a gigantic financial engine is a fairly recent one. In another decade or two, it will (hopefully) be remembered as a temporary economic quirk that was renderred irrelevant by the progress of electronic communications technology.

  • Assuming you're not really trolling...
    (okay, I need a laugh today)
    What you'd end up with is a nice tight pile of code that nobody in the recording industry would touch because there are just too many self-promoting bastards like netPD who are willing to generate completely bogus numbers using "secret" methods to get their company names in lights.

    Meow
  • Would have been amusing if the ILUVYOU virus had renamed all mp3's it found to start with 'Metallica'. Which, btw, is procounced Metal-licka, for all of you that were unaware..
  • It doesn't have to stand in court. It's Napster's own policy that's biting them back. Since Napster promised to remove any specified user's account per the artist's request, if Metallica comes back after a couple of weeks, looks up any of 300,000 users and finds out that metallica mp3s are still being offered, Napster is going to face more trouble in court.

    This gets back to the point made by another poster: what if you just called all of your Napster files metallica_000001.mp3, up to metallica_300000.mp3, but having absolutely NO Metallica content within them? Or, make the template m3tall1ca_######.mp3 so they can't claim any trademark issues.

    Seems to me the best way to thrwart what being done is to make it VERY difficult to make the case that the alleged violations are genuine. Consider:

    Metallica's Lawyers: we found all these copies of our music on this site.

    Judge: How do you know?

    Metallica: It's has the word metallica on the file name.

    Defense: Please play one.

    Judge: Is this your music?

    Metallica: Uh..... No.

    Judge: Did you check the files to see if the content is actually your music?

    Metallica: Uh..... No.

    Judge: Case dismissed, precedence set.

    They might have more trouble in court, but it doesn't have to be a difficult experience. Personally, I like the idea of sending money to bands to wean them off of their record label. Look at Aimee Mann [aimeemann.com] who is label-free and having a very successful year (Magnolia soundtrack nomination).

  • He has not provided details beyond the fact that NetPD's software "works like 5,000 humans sitting in a room doing Web searches" to identify thousands of user names very quickly. He insists that to say more would enable Napster and other MP3 programs to block the software.

    So what will happen when this program results are submitted as evidence in court? How can it be without saying how it works (at least in general terms)? NetPD will have to, and then Napster, etc. will be able to block it.


    Gonzo
  • This means that the 300-odd thousand names of copyright infringers still need to be individually verified by humans before they can be pursued in court. To do otherwise would be like typing "child porn" into a search engine and pursuing the owner of every page returned without checking to see what is actually there. Using a firm like this should increase the cost of litigating copyright offenses with little benifit to the plaintiffs. Let's hope they all contract with these guys!
  • (iii) reverse engineer any portion of the Napster service or browser

    Yet on their home page [napster.com], they recommend Macster for users on Macintosh boxen. And the official FAQ [napster.com] lists (unsupported) clients for other platforms.

  • Take an infinite number of monkeys, typing on an infinite number of typewriters for an infinite amount of time and you'll get yourself an Encyclopedia Britanica.

    Take 5000 NetPD employees typing on 5000 computers for a day and you get yourself 335,000 Napster users downloading Metallica. It's all about the time constraint and the theory of probability.

  • True, I doubt they (NetPD_whatever) actucally downloaded the files content, (3MBS X 333,000) = a hole hell-of-alot bandwidth. They probably just did sometime lame like

    while ($user list($user);
    foreach (@songs)
    {if ($_ =~ /Metallica/i)
    { $count++; } }
    $user++; }
    print ("$count # of Metallica rip offs!");

    There won't really be any real way of tell who REALLY had Metallica mp3s, without downloading.

    But %90 of the users that they "Metallica" in a mp3's name, %80 of the time it is probably going to be an Metallica mp3, this still is a high number.


  • you also forgot slander! Nothing says loving like getting gang raped in prison for being a loyal fan and supporting a band!


  • Yea sourceforge is part of VA linux, but freenet is an open source (GPL IIRC) program that is not affilated with VA Linux (that I know of), VA Linux is cool enough to host open source projects on their servers (ie. sourceforge.org). sourceforge.net gives up server space/bandwidth/maintaince to open source developers, which IMHO is really cool of them (no I don't work for them).

    Sorry I posted the wrong URL last time, the correct address is:

    http://freenet.sourceforge.net/ [sourceforge.net]

  • they got your username (and ip?) and that is it. Say they don't have your ip address and force napaster to give up there logs on that date (assuming they don't rotate logs every week or so) and they manage to get your IP. Ok, so they got your ip and roughly the time you where trading metallica mp3.

    With that IP, they would find how it was registored to (more than likely your isp), then they would go to the registors of that ip (more than likely your isp) and court order them to give up the logs files on that date for dial-in connection (assuming your on a dial up), or what ip is staticly assigned that.

    If your ip is staticly assigned by your isp, your pretty screwed, but if it is dynamically assigned like for a dial up connection (cable modem??, dsl??) they would need the log files. Most smaller isp rotate their auth-log/radius log files alot (every week for some) because 1) they are small and can't afford disk space 2) they really don't give a crap what their users do

    Or, say they magically get past all this crap and do get your ip and that leads back to the username on the isp, with that username the isp (under court order) finds your billing information and it traces back to your name, simple huh?

    Ok, so they know have to get a search warrant for your house/apartment, plan a raid, then arrest you/ or take your computer equipment to look over.

    Now lets think about this, how long is this going to take? It has been 1-2 weeks since they go this user names, it will probably take a couple weeks PER USER to get a warrant for the isp, then it might take 1-3 days for the isp to produce the log files (assuming they wheren't flushed at this point) and then it will take 1-14 days to get a search warrant for your house. Ok, now rinse and repeat for 330,541 more users. If you are at the VERY bottom of this list, it might take YEARS to get you arrested (assuming the isp still has the logs, and you still have the mp3's on hard disk)

    Metallica isn't going to arrest 300, 000 + of it's users. This is being used as "Look Mr. Court, they ARE trading meticall mp3s on Napster, look big piles of paper, it is proof"

  • Instead of finding more creative ways to break copyright laws, how about going about changing them? You know I don't like these murder laws, in protest I'll go kill some people. See my point?
  • As if people needed any more reasons to hate Metallica.
    (For added effect, it handed the names over on 60,000 pages of paper instead of simply using a few floppy disks.)
    I saw a news report on that this morning, and how the guys from Napster took one look at the stack of paper, and said, "Uh... give these to us on a disk, and maybe this process wont take two years, dumbass." If you ever see Lars in an interview about it, he's a total idiot. He has no idea what he's talking about, he's basically quoting what the lawyers told him. I'd imagine that they were just following their record label's lead with the whole thing, it got blown out of proportion, and now they can't just back out. I say good, maybe now they'll stop tarnishing their former glory with the repeated piles of crap that they produce today. Sharkey
    www.badassmofo.com [badassmofo.com]
  • well, barring the comment on the sound of metallica...

    lets pull an 'echelon' on them; create so many false triggers, they won't be able to find out which advertised entries are real Met. songs and which ones are just renamed versions of the latest uuencoded linux kernels.

    so please do the following before running napster:

    % cp /boot/bzImage /mp3/junk

    % cd /mp3

    % uuencode junk junk > metallica_song1.mp3

    repeat until satisfied.

    --

  • Yep, and you just know that their methods are likely bogus, or at least severely flawed. Which is probably why they won't reveal them.

    The "works like 5,000 humans sitting in a room doing Web searches' to identify user names" crap sounds strangly reminiscent of the pathetic "we have humans checking every single website we block" crap that products like CyberGestapo^H^H^H^H^H^H^HPatrol spew forth for advertisements.

    I don't know about anyone else, but I'm rather suspicious of their oh-so-intelligent Artificial Stupidity algorithms.

  • Registrant:
    MP3 Police (MP3POLICE4-DOM)
    PO Box 3242
    Hot Springs, AR 71914
    US

    Domain Name: MP3POLICE.COM

    Administrative Contact, Technical Contact, Zone Contact, Billing Contact:
    Ward, Bruce (BW11725) bruce@PROVENST.COM
    MP3 Police
    PO Box 3242
    Hot Springs , AR 71914
    501 466 4883

    Record last updated on 03-Sep-1999.
    Record expires on 03-Sep-2001.
    Record created on 03-Sep-1999.
    Database last updated on 7-May-2000 20:36:49 EDT.

    Domain servers in listed order:

    NS1.BEFOUND.COM 208.145.34.1
    NS2.BEFOUND.COM 208.145.34.2
  • I think this would be the perfect opportunity for Napster to give NetPD a little bit of a pinch. Napster has a list of 335,435 ips that Metallica wants banned for trading it's copyrighted music. Thats all well and good, but how were they collected? How does Napster know the list is accurate? You and I can't call up NetPD or Metallica and demand to know, but Napster can. And should. What if someone was sharing out a self-made legal parody of a Metallica song? Would their 'AI' pick that up as being a Metallica song? This is something that Napster should demand to know before complying with anything. And, should evidence collected by NetPD ever enter into the court case, the actual algorithms involved should be questioned in a very specific manner. Once that sort of thing enters public record, NetPD can kiss it's monopoly on tracking down copyright infringers goodbye.

    But then again, thats just my opinion. Standard IANAL disclaimer applies.
  • Anyone consider the ussage violation that Napster has set up, specifically it says that no bots are allowed on napster...this I'm sure would be some type of bot, it's automated and all that...so Napster has authority to ban them, am I correct? (BTW this is my first slashdot post...but have been reading this page forever) -Balt_53
  • Things like this will just force more expansion on the FreeNET front.

    This is a losing battle - the only thing that RIAA can even remotely *hope* to gain is a public perception that they'll beat you if you try to usurp their members positions as owners and dominators of the media industry.

    FreeNET will come along and fuck this up for them, big time. It'll also be a major headache for *legitimate* law enforcement, but I suspect the Discordians behind the various free net movements find that perfectly reasonable.

    I just hope that *real* musicians, who *want* to share their works with others keep in mind that they *STILL CAN DO IT, IN SPITE OF WHAT THE RIAA/MPAA SAY ABOUT IT*.

    Folks, there's an awful lot of good music out there, for free, available to download any time of day. You don't *have* to buy the force-fed 'product' that's being pushed in the frontlines - you can always have a more direct, personal relationship with other musicians whose art you prefer.

    When was the last time you sent an email to Christina Aguilera or Metallica and got a *real* response, eh? That's the new rules of the game, and the majors know they can't play that.

  • by ewhac ( 5844 ) on Monday May 08, 2000 @09:52AM (#1084414) Homepage Journal

    You've oversimplified the question. You need to add a third choice:

    Intellectual "Property" needs to be fundamentally redesigned.
    Intellectual "Property" laws primarily revolve around establishing who gets to control making duplicates of the artist's artifacts. In practical terms, this underlying concept is now obsolete, since digital artifacts can be duplicated in any quantity at zero cost. Thus, all Intellectual "Property" law founded on this concept collapses.

    We must therefore redesign IP laws such that they acknowledge infinite, zero-cost duplication by anyone, anywhere. What sorts of things would you still want to protect? What sorts of activities would you still wish to deter by criminal/civil sanctions? (Hint: It mostly revolves around an artist's reputation, rather than their artifacts.)

    This is the discussion we should be having, not obscenely expensive flamefests by overpaid mercenar^H^H^H^H^H^H^H^Hlawyers. Arguing about whether it's ethical to copy another artist's music is rather like arguing about whether it's ethical for tornadoes to strike trailer parks. While we may lament when it happens to someone we like, the fact is, it's going to happen, so it's probably a good idea to start structuring your life around this reality.

    Schwab

  • by Croaker ( 10633 ) on Monday May 08, 2000 @10:25AM (#1084415)
    Why not let the musicians decide how they'll make a living? Granted, a large number of them do take to the road, choose to be away from their families for weeks or months at a time. But to decide that those who choose not to should not make money by making music I thing is pretty presumtive.

    I suspect this will also lead to less, not greater diversity in music. For one thing, the only people who will make money in the music biz are those acts that *can* travel. A lone composer in his basement whipping up symphonies on his bank of synthesizers is out of luck under your plan. "Sorry mate, not paying for your music, since you can't manage to play 5 keyboards at once. But hey, thanks for the tunes."

    Also consider that the limited number of venues will act as a force to restict who will be able to make money. This is a limiting factor now to bands that are starting out, but if *every* band out there needs to play live gigs to make their money, things will just get that much more crowded.

    Also, the focus on live performance will likely change music itself. Why spend all of the money to cut a studio album when you'll just be giving it away? Bands will just stick with what they can do in concert. If you told the Beatles they couldn't make money off of studio albums, would they have made Sgt. Pepper's Lonely Heart Club Band?

    Perhaps some will say that this is a good thing. Well, that's your musical taste. Why enforce your taste on others?

    You know, most geeks would throw a hissy fit if management dictated they had to work 9-5, had to wear ties, and the whole works. Why, then, this attitude regarding how others make their money?
  • by arkham6 ( 24514 ) on Monday May 08, 2000 @08:49AM (#1084416)
    I've been wondering about this for a while. Say say my name is on Metallica's list. I own every Metallica CD they have came out with (except re-load but thats another issue). I have the right to have copies of the songs in mp3 format, this has been proven in several court cases. Now, I have an older machine with a CD-ROM that cannot rip. So to get the songs I legally have a right to have in mp3 format I have to turn to the net. Fine, thats still not illegal. Metallica accuses me of being a pirate because some research agency pulled my name off the napster lists. They have no proof that I have done anything illegal, just that I have downloaded their songs. Isn't the burden of proof for these sorts of things on Metallica? If Metallica has me banned from Napster, could I take legal action against them for harrasment, defermation of character or other nasty things?

  • by Frac ( 27516 ) on Monday May 08, 2000 @10:06AM (#1084417)
    Also, without revealing their methods, it seems like there is a real possibility that they're doing packet sniffing, which would be a violation of the law, constituting illegal search, or they're posing as napster clients, letting people download which, while not entrapment, as they're not a law enforcement agency (among other reasons) is just as illegal as the person downloading them.

    It's very likely you're overestimating the technology behind NetPD.

    My guess is that they simply queried for the names "Metallica", parsed the search results, and queried each request to get the username holding the song. Rinse and repeat for each Napster server. It's not like you don't already know the username when you download an mp3.

    There wouldn't be anything illegal about that, and they don't really have to resort to methods like packet-sniffing and eavesdropping, which would probably be pretty controversial.

    Go get your free Palm V (25 referrals needed only!)

  • by Diamond Slicer ( 39462 ) on Monday May 08, 2000 @08:49AM (#1084418) Journal
    Does anyone want to bet that this firm get's hired to go start looking for DeCSS on the internet should the court battle go the way of the DVDCAA/MPAA?

    From the Article,

    "We've set up with the intention of offering copyright protection services to not just the music industry, but the videogame and movie businesses," says Ward, who worked at "a few unknown software companies" before starting NetPD last year."

    This sounds pretty much an offer to help the MPAA/DVDCAA to me - even though I wonder how the actual program would identify and make sure that the so labeled software actually is CSS code.

    Which brings me to my next point. If I was trading non-copyrighted music through Napster (after having renamed it to Metallica music) and may have got my name on the list - does that mean that I can be prosecuted for violating the law?

    At the moment, I dunno. Still I do not think programs like this will ever be effective. Hotline (ftp client program like Wrapster) has an infamous bot - known as the Sadwyw Spider - that searches HL servers for warez. It was news when it came out, but people quickly figured that by simply requiring an l/p to view items on the server the bot would be defeated - or by renaming the items and listing the actual name as part of the info tag.

    Couldn't Napster do - something of the like, to defeat bot searches? For Instance - require that a specific always changing login that is displayed at several different locations on the screen be entered for the Bot to search - that would at the very least require a human there to punch in the login, which should make the popularity of programs like this go down alot.
    Overall, I don't think this is something to worry about - more scary would be if Metallica put a bot user on Napster with thier songs and displayed the IP's of anyone that dl'ed their songs (Like the webpage that does Gnutella porn) Anyhow - what if I download a song that I legally own, the bot cannot check that either so I'm not that worried...
  • by cardozo ( 64194 ) on Monday May 08, 2000 @12:16PM (#1084419)
    Now I've used Napster (once or twice, but only for songs in the PD :) and the largest number of users I've seen on the same server that I was on at one time was 8000, and that was on a day when they were obviously having server troubles, so people were being directed to that server more than usual. The normal number is around 5,000 people logged in at any one time.

    So I'm wondering if anyone has any idea of where they could have gotten such a high number. Perhaps there were 335,000 songs, but I just can't believe that there were 335,000 individual users.

    My guess is that they used the song count, rather than the user count so that it would have more press impact, and that we'll find out later that it really was something more like 20,000 users (even that is high). Come to think of it, 335,000 songs is too high. They must be double counting.

    Like if NetPD person A and NetPD person B were logged on to the same Napster server, they probably counted the songs they saw twice. And with "5000" NetPD people banging on it... Hmm, that would require only 67 Metallica (TM, Reg. US Pat. Off., Reg. Penna Dept. Agr) songs to be on Napster to get a count of 335,000, which is about how many I'd estimate are available on a server at any given time.

  • 495000 seconds to download all those pirated MP3's.

    Your calculations also assumed that every user could match their full download speed. That just ain't so. So, multiply that time by about 10 and you have the actual time, then add 10% for the actual search time on that many files.
    So our new total is About 1800 days. That's 5 years.... Hrrmmm.... Hasn't napster only been around for about 8 months?

    Kintanon
  • Here in Europe, I'd buy a pre-paid GSM mobile phone anonymously (from a store that has no surveillance cameras running) on a busy saturday afternoon, get a free internet provider or just use one of the 30 hours free accounts. Used just once and thrown away, from a city you don't live in, and the agency that can trace that deserves to be in world power anyway..
  • by Machina ( 110989 ) on Monday May 08, 2000 @09:13AM (#1084422)

    I agree that it seems hard to prove who is who on napster and if they could even block all the people on that list (possibly the people with static ips, but then they'll just get another).

    My question, and I feel it's something that should certainly be investigated before napster instigates any actions, is just HOW were they collecting information? Sure, they say they've got some "AI Program" doing the search of 5,000 individuals, but that doesn't mean their searches were successful. Are they looking for every mp3 that has metallica in the title? Or has some reference to a Metallica song title? How are they even sure that these mp3s are even Metallica mp3s without downloading and listening to them (Can't you see it, NetPD sued as largest pirate of illegal mp3s *grin*)? Then, the question is, is it illegal to have an mp3 with Metallica in the title, but the actual music isn't Metallica?

    I think NetPD needs to be saying a lot more about it's "AI Program" before anybody (slashdotters, lawyers, napster, etc) take their results seriously. In the meantime, I vote we (as in slashdotters), make a rather annoying song about how Metallica sucks and flood napster with tons of these with Metallica titles. How about it? Of course, we'll want to change spellings, titles, file size, etc to throw their "AI Program" off.

    Note: I have heard of a company that is developing software that can identify/pattern match music based on properties within the file. So maybe NetPD is using something like this, but they should certainly be able to prove their results are accurate.

  • by jbarnett ( 127033 ) on Monday May 08, 2000 @08:31AM (#1084423) Homepage

    He has not provided details beyond the fact that NetPD's software "works like 5,000 humans sitting in a room doing Web searches" to identify thousands of user names very quickly. He insists that to say more would enable Napster and other MP3 programs to block the software.

    Oh my God he is using software to brain wash people into doing web searches, any army of mindless droids, he must be stopped. We already know he has 5000 mindless slaves, how many more before before we step in? He must be stoped know.
  • I cannot stand to even look at my Metallica CD's anymore....Does anyone want to buy them from me????
    Hmmm. You do realize that the simple fact that the very sight of these CDs turns your stomach does not entitle you to sell them? If you sell them without remitting royalties to Metallica, you have committed a violation against the copyright holder, and I understand the holders of the Metallica copyrights are a bit touchy here lately...
    I remember scrawling a big lightning bolt on my gym locker in the Seventh Grade
    ...that's probably trademark infringement; you might want to consult a lawyer before you post any more of this stuff. At least you're not a napster user (are you!?).

    Since you were technically a juvenile in 7th grade, you might get off with a warning unless Metallica chooses to prosecute you as an adult, in which case you'll probably go down for "intent to redistribute illegally" and "racketeering" in addition to the usual "habitual violator" stuff... tough break.

  • by WJenness ( 147181 ) on Monday May 08, 2000 @08:43AM (#1084425) Homepage
    wouldnt this program violate napster's 'no bots clause' that you get when you log on? wouldnt this be considerd a bot and hence the ip should be banned??? oh well... just a thought.
  • by BillyBob_Jones ( 155675 ) on Monday May 08, 2000 @08:31AM (#1084426)
    Someone will need to add on the fly encryption keys to Gnutella.
  • OK, what is the deal here. If it took 60,000 sheets of paper (Assuming US standard 8.5/11 inch sheets), then they only got 5.58 names on each page. Even with a 72 point font, that allows more than that per page.

    I suppose there was probably more than just the name, possibly a listing of songs downloaded or other info (IP Address, etc), but it still seems pretty wasteful use of paper.

    Isn't there some kind of law against wanton waste of natural resources? (Nah, guess not or all the junksnalmailers and those postcards that fall out of magazines would be illegal too...) Maybe there should be! :)

  • by Mike Schiraldi ( 18296 ) on Monday May 08, 2000 @08:55AM (#1084428) Homepage Journal
    "We've got 5000 users, each with a computer, locked in a room. They want to talk to you about this script to Hamlet they've worked out."
    --
  • by cwhicks ( 62623 ) on Monday May 08, 2000 @08:55AM (#1084429)
    Here's what I don't get. So they have user ID's or whatever of 330,000 people who are trading Metallica mp3's.
    OR, is it people who have a file with the name Metallica in it, or one of their song title's. How about I put out a copy of the dictionary, out there titled "Metallica - Holier than Thou.mp3"?
    Did they download 330,000 mp3's and play them to see that the are copyrighted material.
    I have a file called "Metallica Sucks My Dick.mp3", on Napster. Am I on their list?
  • by technos ( 73414 ) on Monday May 08, 2000 @11:25AM (#1084430) Homepage Journal
    Since you asked..

    TOS or no TOS, breaking the law (however unjust it may be to /.) is still illegal.

    The law says you must agree to the TOS to use the service. The law says you must also enter the agreement in good faith. By entering into the TOS with previous deliberate intent to violate it you have broken the law.

    I don't care if you are a pedophiliac, a drug dealer, or a jaywalker; If the someone has to break the law to catch you, they should be the ones going to jail. No if's, and's, or but's.

    For the rest of your argument: NetPD is not the police. They are a private company, with no right to search or seizure whatsoever. Napster, Inc., is not a pedophile. They are accused of the offense of copyright infringement, a victimless crime, in a civil suit. This is nothing more that a corporate dicksize war.
  • by jbarnett ( 127033 ) on Monday May 08, 2000 @09:27AM (#1084431) Homepage

    How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order.

    I sometimes use a socks{4|5} anonymous server. They are really hard to find, but they do mask your IP under anything you can find a client for (irc,telnet,ftp,etc.), a lot of the anonymous socks servers get abused alot so they don't stay around for an extended period of time, ussually have to find a new one every week or so.

    They do mask your IP well (it appears to be coming from the socks server), but under a court order they might be able to get your IP from the "anonymous" socks server. It isn't full proof, but it can help you in some sisuations.

    there is huge listing out there of anonymous and free socks avaiable on the Internet, also there is free shell accounts. These both appear to "mask" your IP, but the server that you are bouncing from can grab your IP if they really wanted to (some have a no-log-ip policy, some don't), also make sure the shell/socks proxy you are "bouncing" off allows this, some sites "forget" to secure them probably and they get posted on this list, then 100 script kiddies start trading p0rn though them and it ends up in a big mess...

    The only other thing I know of would be FreeNet [sourceforge.com]
  • by crow ( 16139 ) on Monday May 08, 2000 @08:38AM (#1084432) Homepage Journal
    This is another step in the arms race between those who wish to remain anonymous and those who want to know who is doing what.

    It's just a matter of time before the RIAA goes after those operating servers on IRC. NetPD is a company that will likely help in this. (In most cases, they could probably get those running servers booted from their ISPs--very painful when high-speed options are limited.)

    So what are the next step for those who want to be anonymous? How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order.
  • by KFury ( 19522 ) on Monday May 08, 2000 @09:13AM (#1084433) Homepage
    If I hacked into a net conversation between two parties and then sold the information to a third, I would be put in jail. If I refused to say how I got the data I wouldn't be let out on bail. If I did it 350,000 times I'd never be free again. When NetPC does it, they get lots of press as a police presence.


    NetPD hails itself as a "force for good", but where's the accountability? If the Christian Coalition approached NetPC asking for the names of everyone emailing to abortion clinics, how do we know they won't turn their 10 employees (5000 monkeys) on that job to make their next dime?


    Also, without revealing their methods, it seems like there is a real possibility that they're doing packet sniffing, which would be a violation of the law, constituting illegal search, or they're posing as napster clients, letting people download which, while not entrapment, as they're not a law enforcement agency (among other reasons) is just as illegal as the person downloading them.


    If they're only supplying dummy files with authentic-looking names, then the people downloading the files aren't breaking the law.


    Of course, there are other major problems, such as the fact that they're using Napster-registered names, which are often fake to begin with, and that they have no way of showing that someone doesn't own the CD in the first place, and thus a license to make or obtain a copy.


    None of this will have an effect in the long term, as NetPC admits they can't discuss their information gathering methods, because if they were public Napster would be able to block it. Sorry, but such evidence won't hold up in court without demonstrating exactly how it was obtained (for resons of determining authenticity, accuracy, and legality). Once this is done, Napster can block it.

    Kevin Fox

  • Anonymous attacks are becoming more and more effective in the U.S.,

    Yes and no. :) In the case Florida v. JL, handed down 28 March 2000, the Supreme Court ruled *unanimously* that "an anonymous tip that a person is carrying a gun is not, without more, sufficient to justify a police officer's stop and frisk of that person." The argument is that anonymous tips which are *predictive of behavior* can be trusted *when the predicted behavior manifests*, but tips which are merely *descriptive* cannot be --- otherwise you could call the police and accuse the otherwise innocent-looking black man standing at the bus stop of carrying a gun, and the police would be justified in searching him.

    For more information, including the text of the decision, see http://supct.law.cornell.edu/supct/html/98-1993.ZS .html
  • Their methodology will have to come out, eventually.

    Imagine (this isn't going to happen now, but something similar will someday) that Napster refuses to block the names on the list. Metallica sues, and the conversation in court looks like:

    Metallica: "Napster won't block these known copyright violaters."
    Napster: "This is a random list of names; there is no proof they are copyright violators."
    Metallica: "Sure there is; NetPD told us they are."
    Napster: "How did they get the list?" What proof do we have they aren't just random names?"
    NetPD: "Trade secret, we can't tell you that."

    Either NetPD's comment holds up in court, and *anonymous attacks* become acceptable legal practice (in which case we all ought to run to the nearest country with reasonable laws, as ours will cease to mean anything), or NetPD is forced to disclose their methodology to the court, or the list is thrown out as being invalid evidence in a court hearing.
  • Start by attacking any ISP in the UK who offers internet service to this company. At this point, all it takes is threatening [slashdot.org] to file a law suit, and the ISP will yank their access. It is legitimate to use words such as 'libel', since they may in the near future try to claim someone a criminal, which could then be proven in court to be libelous. Words such as 'cracking attempts' and 'illegal probing' can also be tossed out truthfully. When netPD have exhausted all potential connections in the UK, they will be forced to move their entire operation to another country, and start over again. It will take some perseverence to take them down, but the community is large, and the number of ISPs willing to take a stand against baseless litigation is rapidly diminishing.

    Complain to their upstream provider [ntli.net], about the excessive use of bandwidth caused by netPD. It might not get them blocked, but they could get bumped to a higher cost guaranteed bandwidth service, taking another chunk out of their revenue.

    Track the methods they use to search napster, gnutella, and web sites. They are using some kind of spyder to crawl around and log hits based on their customer's heuristics. These bots/spyders could then be blocked at various points, freeing small sections of the internet from their insidious probing.

    Enlist university administrators to help block netPD. Students who are running distributed file systems and fear being libeled or falsely accused by netPD should send a written request to the university network administrators to block outside access to netPD. Again, use carefully selected panic words 'illegal probing attempts', 'crack attack', and 'allowing netPD access could open the university to a lawsuit'. Tell them cracking/scanning attempts are coming from the subnet [ripe.net] 62.254.209.128/25, and ask them to block it.

    Create a standard template to exclude netPD from networks you control. Someone should write a one paragraph disclaimer which could be customised for each locale telling netPD to stay away, and promising to follow up any violations with a vigorous prosecution.

    Bruce Ward, 23-year-old chief technology officer of NetPD sounds like this is a small failed Y2K pre-IPO company jumping onto a wave of free publicity. Not to put down 23-year-olds, but a company with an abrasive CTO like Bruse may not survive riding a big and dangerous tsunami very long, no matter how good surfers they think they are. He already rode another company into bankruptcy and several lawsuits.

    He's been so bold as to register the address www.mp3police.com.
    "We fully expect to upset people and our site will probably get hacked," he says.

    This sounds likes a challenge to leave to the script kiddies. That server is physically located in a webhosting service in Dallas, Tx, USA, running a static page of Bruse's failed Y2K fixit company. Bruse has also registered mp3police.co.uk, which has been recorded scanning many legitimate sites, none of which are running napster or warez boards. Complaints have been circulating for a while, go scan deja for some more info. NetPD has even hit some totally innoculous honeypots and scanned them completely.

    At this moment, netpd.com and netpd.net are still available from futuresite.register.com for a price :-) Any takers?

    The challenge for those who want to see a free net is to attack netPD where it counts, their access, their financial well being, their status as vigilantes, and their reputation with any potential customers.

    the AC
  • by technos ( 73414 ) on Monday May 08, 2000 @09:04AM (#1084437) Homepage Journal
    Hmmm.. So NetPd violates Napsters TOS.. And accoding to that TOS, the relevant bits being: (ii) use the Napster browser or service, or attempt to penetrate, modify or manipulate the Napster browser or service or any of the hardware or software thereof in order to: invade the privacy of, obtain the identity of, or obtain any personal information about (including but not limited to IP addresses of) any Napster account holder or user

    (iii) reverse engineer any portion of the Napster service or browser

    And the penalty:

    Napster and its affiliates reserve the right to refuse service and terminate accounts in their discretion, including, but not limited to, if Napster believes that user conduct violates applicable law or is harmful to the interests of Napster, its affiliates, or other users, or for any other reason in Napster's sole discretion, with or without cause.

    I'm just sorry they didn't have a 'fine' clause. Say $1,000 per infraction of privacy policy, and $100,000 per instance of infraction of the RE clause. Collecting 335,000 users nicks and IPs would cost Metallica and NetPD $335,000,000, as well as each bogus session using the harmful RE'd software (probably 40-100 clients) another million.
  • I was under the impression that Metallica had hired some magical internet dectective firm to find the real names of those who had been trading mp3s illegally...am I mistaken? This article makes it sound like all that have is Napster user IDs. Yes? No?

    If that's all they have, then why is there a problem? Anyone can use any name to sign up and use the service, it's not as if the 335,000 named folks can't use it anymore. Also, I don't remember giving any personal information when I signed up for Napster, so unless they're working with ISPs, they won't have any real names. If I'm wrong about this, please, someone enlighten me. But it just sounds to me like NetPD logged on, got user names, and killed some trees to make a show of the whole thing.

    The Good Reverend
  • Asked of Weird Al: Hey Al!!!!! What do u think about Napster? I just want to know if you approve.

    Al Answers: I have very mixed feelings about it. On one hand, I'm concerned that the rampant downloading of my copyright-protected material over the Internet is severely eating into my album sales and having a decidedly adverse effect on my career. On the other hand, I can get all the Metallica songs I want for FREE! WOW!!!!!

    Taken from Ask Al [weirdal.com]

If you didn't have to work so hard, you'd have more time to be depressed.

Working...