NetPD, Metallica's Mysterious Tracker 290
Akilesh Rajan writes: "An article at Forbes talks about the firm that supplied Metallica with the software it needed to capture 335,000 users. It 'works like 5,000 humans sitting in a room doing Web searches' to identify user names. Demand for their services is enormous, especially since they also plan to expand into the videogame and movie protection businesses."
This NetPD company is unrelated to the shareware program
NetPD,
which, ironically, helps protect user privacy.
Re:Comparisons... (Score:1)
This is utterly untrue. Guns can also be used to maim, cripple, terrify, and to destroy property. They are much more versatile than you are leading people to believe.
Re:Another step in the arms race (Score:1)
Login to laundry.org and then head offshore to crypt.kk and back onto Tombstone, er . . .
Re:Where there's a will there's a way... (Score:1)
Re:Who are you to dictate? (Score:1)
Can you say Internet?
Barbra Streisand has stage fright! (Score:1)
Touring can be pretty grueling work, especially for a musician. Later, and even earlier, in life artists can develop illnesses that prevent them from physically holding concerts, yet be able to record in a studio.
I've noticed that for some of the aging rockers their followers may only number in the thousands and it does not make sense (esp. monetarily) to go on costly tours. Many aging musicians are forced to entertain at race tracks (I seen this myself), rodeos, and small night clubs yet to make a cent. And, let's not forget Barbra, she suffers from severe stage fright and can't go back on stage!
Re:BNC is illegal? (Score:1)
As someone recently posted to Cypherpunks when this issue came up, Freed0m has a bunch of problems.
Judging from the FAQ, you can only use ports that they have blessed. (They say that you can use MUDs with it as long as they're on port 23.) I can't believe someone would write something that braindead, but who knows these days.
It's Windows only.
Source isn't available.
It's Windows only.
You can proxy, but all the servers are presumably controlled by the same entity or are in the same jurisdiction. It's trivial to strongarm the company (via warrants and the like) to reveal the identity of a user.
Did I say that it was Windows only and that no source was provided?
Their claim that users' tokens can be connected to their real identities and that "not even Zero-Knowledge" knows who is behind a nym or connection is immediately made extremely suspect by their claim that they will try to track down people who traffic child pornography. If it's untrackable, how can they ever hope to track such a person down?
Oh, and it's Windows only and no source is provided.
Thanks but no thanks.
Re:Secure Keys (Score:1)
Hey, come on, you know you've cost him, so why not pay Lars [paylars.com].
ipchains -s Netpd-ip-addr/32 -d 0/0 -b -j DENY (Score:1)
yes, NetPD software does exist (Score:1)
It was kinda spooky to watch, and I imagine Governments have a proper version, but it looked they were just doing a traceroute/DNS lookup on the IP packets as they made their journey. Trivial really. as soon as Gnutella/freenet can hide IP addresses and encrypt data packets this sad little firm will crash and burn.
When they interviewed the Freenet's creator and 'duh' was told about it he said "it doesnt matter we can still trace them". true now, but he clearly didnt get the BIG PICTURE.
Criminal actions by NetPD/Metallica? (Score:1)
Now that would be fun!
--P
Block them out. Here's how. (Score:1)
ipchains -A input -s 208.145.34.0/24 -d 0/0 -j REJECT
ipchains -A output -s 0/0 -d 208.145.34.0/24 0/0 -j REJECT
Poof. Packets headed from mp3police.com to your machine or vice versa are brutally slaughtered. You will appear as machines with all ports closed to one another. Access to the rest of the internet is unaffected. Add a -l to log the failed tx/rx attempts.
A little thought (Score:1)
What I want to see (Score:1)
"Sir, we've looked all over the state of Calafornia and there just doesn't seem to be anyone named Mike Oxlong around."
You can't stop the technology (Score:1)
NetPD has a net connection and they have found a creative way to use it. Good for them.
They won't have to reveal their search technology in court. Think about this: there are about 5 names on each sheet of paper that Lars Ulrich gave to Napster. That's about the size of a screen shot. I speculate that they just turned over screen shots of each user they found offering Metallica MP3's, and they don't have to discuss what search techniques they used to create those screen shots.
It's downright funny to see pirate apologists yammering about NetPD violating "Terms of Service". Hey, CD's come with "Terms of Service" too, which are found in the Berne Convention. One of the terms is don't make copies for a bunch of other people. That's pretty bsaic.
Napster Names Only (Score:2)
Hmmm, "Camridge, England" (Score:2)
Bill of Rights applies to *GOVERNMENT*, not biz. (Score:2)
There are various privacy acts and such prohibiting unauthorized wiretaps by private parties and such (just ask Linda Tripp :-), but it is unlikely that any such laws apply here. In any event, it's not a Constitutional issue, since the Bill of Rights restricts what government can do, not what businesses can do. The only restriction upon businesses are the laws passed by Congress and the individual states -- bodies which increasingly are owned by big businesses and which rarely today serve the people.
-E
I do not fear NetPD (Score:2)
I have a feeling their capabilities for detection of illegal MP3s is massively overblown. First, they did not check to see that people were actually offering files for download. They only checked to see if people came up as search hits. How do I know this? Because my computer was running Napster for the last two weekends and has been for over a month. During the time period that they claim they did their probing, not a single Metallica track was downloaded from my computer. None were even "poked" and then cancelled to see if I was offering them.
It's possible to enter a max upload rate of zero and not upload anything to anyone. Merely having copies of Metallica songs on my computer that I am not distributing is perfectly legal and covered under fair use. We went over this last year with the Diamond Rio.
So, NetPD has produced a fairly hokey list of 300,000 names of people who have Metallica tracks residing on their computer. So what. This is not illegal. It's also not illegal to name my MP3s after Metallica songs. So if I want to my Beethoven's 5th Symphony public domain MP3 "Enter Sandman", that's not a copyright violation. AFAIK the only way to prove that all 300,000 users violated some sort of copyright is to download the tracks and listen to them. Unless they really have written some sort of AI software that can do this (highly unlikely), all they have proven is that I have files on my computer vaguley matching "*Metallica*.mp3" I am free to name my files whatever they want, and I'll be damned if NetPD or mp3police.com or whoever is going to tell me otherwise.
--
Re:It comes down to this (Score:2)
I see. So, may one conclude from your jibe that you believe copying digital media is a crime as heinous as rape? If so, your priorities are seriously out of whack.
Now, if you'd instead written, "speeding on the nation's highways," then you might have had point worth discussing.
Schwab
Re:OT: Favourite quote on this topic (Score:2)
> Weird Al or Adam Sandler
When it should obviously be put under "Dr. Demento"
NetPD does not have to comply with Napster's TOS (Score:2)
Bizarre. You think that companies can make their own law? A "fine" clause would not be valid just because someone writes one into a shrink-wrap contract.
NetPD would only be bound to obey Napster's terms of service if they have a legally binding agreement with Napster. In some places, clicking on the "I agree" button creates such a contract. But lots of folks have reverse-engineered the Napster protocols. This reverse engineering can be used to track users. Anyone running Napster from a box with a static IP address, and serving up MP3s belonging to bands/record companies that don't like Napster, is a moron. You will be traced. Even if you have a dynamic IP address, your ISP could help to nail you.
Re:Napster names or real names? (Score:2)
though you're probably kidding, I thought I'd point out something that people like the RIAA would really like to get rid of: the principle of first sale. basically it says that they can't do anything about (who/what/whether) you sell it. Now, with DMCA, it is possible to technologically block this, though it is yet another principle enshrined in copyright/fair use law.
so, though you're not allowed to make copies and distribute/sell them, you can take your original copy and pass it on/sell it/microwave it, and there isn't anything they can do about it.
Lea
Re:How about my legal rights? (Score:2)
Why not? Libraries do this frequently to replace missing or damaged pages in books or periodicals.
Or, for example, you ask a friend to make a copy of a CD you own to tape, but you & your friend find it hard to meet to hand your copy over for copying. ``No problem," says the friend, ``I'll just make a copy of my CD & give it to you next time I see you."
I'd say that there are enough plausible reasons for sharing MP3s over Napster that do not violate copyright -- & indeed require the bottom fish^W^Wsuits at RIAA to provide proof that their rights are being infringed upon -- & to convince a jury or impartial judge.
Geoff
Re:Whitehats/Blackhats? (Score:2)
This is going to vary, but usually this actually results in a charge of Attempt to Posses Nacotics. If a man lies dead and you feel he is sleeping and you shoot a bullet through his heart, you are guilty of attempted murder.
Or that's how it's supposed to go.
Bad Mojo [rps.net]
Re:Don't shoot the messenger... (Score:2)
People that trade artists music freely across the internet are essentially saying that the music is worthless... They're also stating that no matter how much they like a given song, they have absolutely zero respect for any artist whose work their giving away for free. It might not be as explictitly stated as that, but you're cutting them off from one of their only revenue sources and hiding behind the idea that the labels are the bad guys and you're trying to help them.
Music (in general) is so much more than just "data" and should never be treated under the mantra of "information wants to be free". Everyone who thinks that, in my eyes, are all the most shortsighted individuals.
Re:Um, they would need some serious bandwidth... (Score:2)
Parody has been long-recognized as a vital form of free-expression, and that's why it's protected in the (US) law.
Re:How I would do what NetPD did. (Score:2)
Copy Right law restricts the Right to distribute Copies (for a cost or not) to the author, or other Copyright holder.
Re:Do they verify file name or content? (Score:2)
Now, what differentiates my "metallica-enter-sandman.mp3" file from some bozo's "metallica-enter-sandman.mp3" CD-Rip? It's the CONTENTS... and I can bet you they didn't sit down and listen to the contents.
Napster can summarily reject the data as bogus on that principle right there.
D
Re:Fighting fire with fire (Score:2)
Re:Do they verify file name or content? (Score:2)
Odds are if you are using napster, and sharing a file called 'metallica-black.mp3' that it is in fact, Black, by Metallica, and music. They are asking napster to ban the users, as napster said they would.
You are fine. (Score:2)
Presumably, nobody would try to sue you for copying them from somewhere else, if you have the originals already.
What is at issue is the fact that the other person does NOT have the right to GIVE those copies to you in the first place, and as you are receiving information they are giving you illegally, the information itself is illegal.
Re:Can this dumb program PROVE it though? (Score:2)
Napster said that if Metallic provided them with names of infringing people, that napster would ban them (as per the napster usage agreement and other things on the site, as well as a letter right from naspter's lawyers to metallica's lawyers). Metallica did just that. They are not suing users, they are not planning on suing users.. they are simply making napster do what it said it would do. Whether it is admissible in court is irrelevant. Napster said 'give us names, we will act accordingly'.
Do they verify file name or content? (Score:2)
Is it illegal to have a file that has a title that sounds like a song? Shouldn't they have to make sure that this file is what it appears to be? That would take a long time given the number of Metallica songs that are out there and the thousands of file sizes that are available for these songs (based on combinations of frequency, bitrate and ripping software).
Just some thoughts
------
IanO
*ahem* A song... (Score:2)
linux/beos bands/songs
here [mp3.com] and here [mp3.com]
Re:They'll have to tell someone how they do it ... (Score:2)
Once NetPD fingers you as a copyright violator (even if they make up the information out of whole cloth, who can prove otherwise?), people like Metallica and the RIAA will assume you are scum of the earth, and but for the fact that most people don't have much money and wouldn't be worth the trouble, would probably sue you into the Stone Age.
And if they do pursaue it, as with any unfounded litigation, it will probably be easier and cheaper to settle.
IANAL, nor do I pretend to have any idea what I am talking about.
Can someone explain how they can find usernames? (Score:2)
I'm a little foggy on "what" they actually captured.
Re:Whitehats/Blackhats? (Score:2)
It doesn't have to stand in court. It's Napster's own policy that's biting them back. Since Napster promised to remove any specified user's account per the artist's request, if Metallica comes back after a couple of weeks, looks up any of 300,000 users and finds out that metallica mp3s are still being offered, Napster is going to face more trouble in court.
Go get your free Palm V (25 referrals needed only!)
One way to fight such nonsense (Score:2)
mkdir
for i in `ls
do cp
done
login with favorite client and redirect your db to
What? have they linked in mp3 id tags? same search, insert command to change id tag.
Re:Fighting fire with fire (Score:2)
Offtopic but interesting The data protection registrars response to the RIP bill [ccta.gov.uk] (Word Doc)
http://www.dataprotection.gov.uk/ [dataprotection.gov.uk]
NetPD (Score:2)
Can't find Netpd/mp3police or Bruce Ward registed as data collectors on the Data Protection website [dataprotection.gov.uk] either.
Section 8 is interesting, u r not allowed to transmit data outside of the European area unless you can prove that there is sufficient protection for it....
And hey if you think you are on their list you can send a couple of quid to their registered address and they have to send you a copy of all the info they have on you.
Re:ah (Score:2)
He insists that to say more would enable Napster and other MP3 programs to block the software.
The proceadure/progarm/AI is defeatable by their own words. It will only take a little time and effort and NetPD will be made impotent!
That's a lure for script kiddies (Score:2)
inetnum: 62.254.209.128 - 62.254.209.159
netname: MP3PLTD
descr: Internet applications for the music industry.
admin-c: BW2097-RIPE
tech-c: COH1-RIPE
person: Bruse Ward
address: 1st Floor,Godolphin House
address: 2 The Avenue
address: Newmarket Suffolk. CB8 9AA
phone: +44 1633 670000
e-mail: Bruce@mp3police.co.uk
nic-hdl: BW2097-RIPE
changed: hostmaster@ntli.net 19991221
source: RIPE
but can't find the registry contact for mp3police.co.uk, it seems to be hosted at Xara.net.
According to logs, mp3police.co.uk were actively scanning http, ftp, and napster style connections starting in mid-april. Machines were under occasional cyber-attack by groups of 5 machines, each taking turns probing different services and trying to walk ftp trees on a few anonymous-login servers, and ignored robots.txt on the web servers. Couldn't tell from the logs what they were looking for, but since they didn't try to rattle any exploits, the rogue bots were ignored for more immediate threats.
It should be noted that for a while they were attempting napster type connections on whole banks of IP addresses, whether or not the nodes were running napster. It shows up kind of funny in the security logs when routers are probed by a rogue napster client.
So their scanning pre-dates the lawsuit, or else there were preparations for the suit going on for a long time.
I think mp3police or netpd have been getting ready to sell their services to the first lawsuit to come along. They've collected tons of logs over a period of months, and then when metallica hit the news their marketing guy contacted the lawyers. I wonder what their business plan looks like
the AC
What about blocking it? (Score:2)
Flame: just a litte hypocritical (Score:2)
But now you want to enforce such restricive terms!? With a fine !?. That must be the most stupid thing I've heard all day.
*shakes head, sighs, and turns away*
Re:Bot??? (Score:2)
No. The TOS should have those terms, and the fine clause, and here's an analogy:
I write a bit of software. The license I used granted some of my rights to my users. My users can do all sorts of wonderful things with my software. But so can BigEvilCorp. They decide to rip me off and exploit my license. I can't change BigEvilCorps license. They can screw me.
I write another bit of software. The license I use not only preserves all of my rights, it actually removes some of those normally granted my users. My users want to do wonderful things with my software, and I can let them, either by changing the license on a case-by-case basis or by choosing to not enforce some of it. But BiggEvilCorp can't screw me.
It's not the TOS or the license; It's the person enforcing it.
Re:No REing? Hypocrites. (Score:2)
Re:Flame: just a litte hypocritical (Score:2)
Re:Wrong (?) (Score:2)
Re:If musicians want to make money... (Score:2)
--
The other side is crowded. The dead have nowhere to go.
Re:You don't need to hide (Score:2)
-John
Ultimately go back to store and foward (Score:2)
What are you talking about? (Score:2)
Re:Bot??? (Score:2)
There is nothing in their protocol [sourceforge.net]that sends the bot Napster's TOS, nor is their any request in the protocol that asks whether or not the user actually agrees to the TOS. Without these things in their protocol, NetPD could argue that they never saw nor agreed to Napster's TOS.
Can this dumb program PROVE it though? (Score:2)
Anyway, is this provable evidence in court? Did this program DOWNLOAD and LISTEN to the songs? What if someone gets kicked off because they have a Chuck D song that is renamed to Metallica-One.mp3 ?? What if its a lower quality, or is just a clip, and not an entire song?
Has this stupid program (written by a stupid company (hired by a stupid band))) proven anything here?
Mike Roberto (roberto@soul.apk.net [mailto]) -GAIM: MicroBerto
If musicians want to make money... (Score:2)
The rise of the fixed-medium (vinyl, CD, etc.) music industry as a gigantic financial engine is a fairly recent one. In another decade or two, it will (hopefully) be remembered as a temporary economic quirk that was renderred irrelevant by the progress of electronic communications technology.
Re:How do we know this list of users is valid? (Score:2)
(okay, I need a laugh today)
What you'd end up with is a nice tight pile of code that nobody in the recording industry would touch because there are just too many self-promoting bastards like netPD who are willing to generate completely bogus numbers using "secret" methods to get their company names in lights.
Meow
Re:One way to fight such nonsense (Score:2)
Re:Whitehats/Blackhats? (Score:2)
This gets back to the point made by another poster: what if you just called all of your Napster files metallica_000001.mp3, up to metallica_300000.mp3, but having absolutely NO Metallica content within them? Or, make the template m3tall1ca_######.mp3 so they can't claim any trademark issues.
Seems to me the best way to thrwart what being done is to make it VERY difficult to make the case that the alleged violations are genuine. Consider:
Metallica's Lawyers: we found all these copies of our music on this site.
Judge: How do you know?
Metallica: It's has the word metallica on the file name.
Defense: Please play one.
Judge: Is this your music?
Metallica: Uh..... No.
Judge: Did you check the files to see if the content is actually your music?
Metallica: Uh..... No.
Judge: Case dismissed, precedence set.
They might have more trouble in court, but it doesn't have to be a difficult experience. Personally, I like the idea of sending money to bands to wean them off of their record label. Look at Aimee Mann [aimeemann.com] who is label-free and having a very successful year (Magnolia soundtrack nomination).
NetPD can't win (Score:2)
He has not provided details beyond the fact that NetPD's software "works like 5,000 humans sitting in a room doing Web searches" to identify thousands of user names very quickly. He insists that to say more would enable Napster and other MP3 programs to block the software.
So what will happen when this program results are submitted as evidence in court? How can it be without saying how it works (at least in general terms)? NetPD will have to, and then Napster, etc. will be able to block it.
Gonzo
A waste of money for copyright holders (Score:2)
No REing? Hypocrites. (Score:2)
(iii) reverse engineer any portion of the Napster service or browser
Yet on their home page [napster.com], they recommend Macster for users on Macintosh boxen. And the official FAQ [napster.com] lists (unsupported) clients for other platforms.
5000 (Score:2)
Take 5000 NetPD employees typing on 5000 computers for a day and you get yourself 335,000 Napster users downloading Metallica. It's all about the time constraint and the theory of probability.
Re:How do we know this list of users is valid? (Score:2)
True, I doubt they (NetPD_whatever) actucally downloaded the files content, (3MBS X 333,000) = a hole hell-of-alot bandwidth. They probably just did sometime lame like
while ($user list($user);
foreach (@songs)
{if ($_ =~
{ $count++; } }
$user++; }
print ("$count # of Metallica rip offs!");
There won't really be any real way of tell who REALLY had Metallica mp3s, without downloading.
But %90 of the users that they "Metallica" in a mp3's name, %80 of the time it is probably going to be an Metallica mp3, this still is a high number.
Re:Napster names or real names? (Score:2)
you also forgot slander! Nothing says loving like getting gang raped in prison for being a loyal fan and supporting a band!
Re:I never realized freenet was under sourceforge (Score:2)
Yea sourceforge is part of VA linux, but freenet is an open source (GPL IIRC) program that is not affilated with VA Linux (that I know of), VA Linux is cool enough to host open source projects on their servers (ie. sourceforge.org). sourceforge.net gives up server space/bandwidth/maintaince to open source developers, which IMHO is really cool of them (no I don't work for them).
Sorry I posted the wrong URL last time, the correct address is:
http://freenet.sourceforge.net/ [sourceforge.net]
Re:Napster names or real names? (Score:2)
they got your username (and ip?) and that is it. Say they don't have your ip address and force napaster to give up there logs on that date (assuming they don't rotate logs every week or so) and they manage to get your IP. Ok, so they got your ip and roughly the time you where trading metallica mp3.
With that IP, they would find how it was registored to (more than likely your isp), then they would go to the registors of that ip (more than likely your isp) and court order them to give up the logs files on that date for dial-in connection (assuming your on a dial up), or what ip is staticly assigned that.
If your ip is staticly assigned by your isp, your pretty screwed, but if it is dynamically assigned like for a dial up connection (cable modem??, dsl??) they would need the log files. Most smaller isp rotate their auth-log/radius log files alot (every week for some) because 1) they are small and can't afford disk space 2) they really don't give a crap what their users do
Or, say they magically get past all this crap and do get your ip and that leads back to the username on the isp, with that username the isp (under court order) finds your billing information and it traces back to your name, simple huh?
Ok, so they know have to get a search warrant for your house/apartment, plan a raid, then arrest you/ or take your computer equipment to look over.
Now lets think about this, how long is this going to take? It has been 1-2 weeks since they go this user names, it will probably take a couple weeks PER USER to get a warrant for the isp, then it might take 1-3 days for the isp to produce the log files (assuming they wheren't flushed at this point) and then it will take 1-14 days to get a search warrant for your house. Ok, now rinse and repeat for 330,541 more users. If you are at the VERY bottom of this list, it might take YEARS to get you arrested (assuming the isp still has the logs, and you still have the mp3's on hard disk)
Metallica isn't going to arrest 300, 000 + of it's users. This is being used as "Look Mr. Court, they ARE trading meticall mp3s on Napster, look big piles of paper, it is proof"
how can I find more ways of breaking the law (Score:2)
Metallica ain't winning any new friends (Score:2)
www.badassmofo.com [badassmofo.com]
fight noise with noise (Score:2)
lets pull an 'echelon' on them; create so many false triggers, they won't be able to find out which advertised entries are real Met. songs and which ones are just renamed versions of the latest uuencoded linux kernels.
so please do the following before running napster:
% cp /boot/bzImage /mp3/junk
% cd /mp3
% uuencode junk junk > metallica_song1.mp3
repeat until satisfied.
--
Re:Whitehats/Blackhats? (Score:2)
The "works like 5,000 humans sitting in a room doing Web searches' to identify user names" crap sounds strangly reminiscent of the pathetic "we have humans checking every single website we block" crap that products like CyberGestapo^H^H^H^H^H^H^HPatrol spew forth for advertisements.
I don't know about anyone else, but I'm rather suspicious of their oh-so-intelligent Artificial Stupidity algorithms.
Re:What no link? (Score:2)
MP3 Police (MP3POLICE4-DOM)
PO Box 3242
Hot Springs, AR 71914
US
Domain Name: MP3POLICE.COM
Administrative Contact, Technical Contact, Zone Contact, Billing Contact:
Ward, Bruce (BW11725) bruce@PROVENST.COM
MP3 Police
PO Box 3242
Hot Springs , AR 71914
501 466 4883
Record last updated on 03-Sep-1999.
Record expires on 03-Sep-2001.
Record created on 03-Sep-1999.
Database last updated on 7-May-2000 20:36:49 EDT.
Domain servers in listed order:
NS1.BEFOUND.COM 208.145.34.1
NS2.BEFOUND.COM 208.145.34.2
Re:artificial intelligenc? (Score:2)
But then again, thats just my opinion. Standard IANAL disclaimer applies.
No Bots on Napster (Score:2)
Fine, FreeNET is given yet more reason to exist... (Score:3)
This is a losing battle - the only thing that RIAA can even remotely *hope* to gain is a public perception that they'll beat you if you try to usurp their members positions as owners and dominators of the media industry.
FreeNET will come along and fuck this up for them, big time. It'll also be a major headache for *legitimate* law enforcement, but I suspect the Discordians behind the various free net movements find that perfectly reasonable.
I just hope that *real* musicians, who *want* to share their works with others keep in mind that they *STILL CAN DO IT, IN SPITE OF WHAT THE RIAA/MPAA SAY ABOUT IT*.
Folks, there's an awful lot of good music out there, for free, available to download any time of day. You don't *have* to buy the force-fed 'product' that's being pushed in the frontlines - you can always have a more direct, personal relationship with other musicians whose art you prefer.
When was the last time you sent an email to Christina Aguilera or Metallica and got a *real* response, eh? That's the new rules of the game, and the majors know they can't play that.
Re:It comes down to this (Score:3)
You've oversimplified the question. You need to add a third choice:
Intellectual "Property" needs to be fundamentally redesigned.
Intellectual "Property" laws primarily revolve around establishing who gets to control making duplicates of the artist's artifacts. In practical terms, this underlying concept is now obsolete, since digital artifacts can be duplicated in any quantity at zero cost. Thus, all Intellectual "Property" law founded on this concept collapses.
We must therefore redesign IP laws such that they acknowledge infinite, zero-cost duplication by anyone, anywhere. What sorts of things would you still want to protect? What sorts of activities would you still wish to deter by criminal/civil sanctions? (Hint: It mostly revolves around an artist's reputation, rather than their artifacts.)
This is the discussion we should be having, not obscenely expensive flamefests by overpaid mercenar^H^H^H^H^H^H^H^Hlawyers. Arguing about whether it's ethical to copy another artist's music is rather like arguing about whether it's ethical for tornadoes to strike trailer parks. While we may lament when it happens to someone we like, the fact is, it's going to happen, so it's probably a good idea to start structuring your life around this reality.
Schwab
Who are you to dictate? (Score:3)
I suspect this will also lead to less, not greater diversity in music. For one thing, the only people who will make money in the music biz are those acts that *can* travel. A lone composer in his basement whipping up symphonies on his bank of synthesizers is out of luck under your plan. "Sorry mate, not paying for your music, since you can't manage to play 5 keyboards at once. But hey, thanks for the tunes."
Also consider that the limited number of venues will act as a force to restict who will be able to make money. This is a limiting factor now to bands that are starting out, but if *every* band out there needs to play live gigs to make their money, things will just get that much more crowded.
Also, the focus on live performance will likely change music itself. Why spend all of the money to cut a studio album when you'll just be giving it away? Bands will just stick with what they can do in concert. If you told the Beatles they couldn't make money off of studio albums, would they have made Sgt. Pepper's Lonely Heart Club Band?
Perhaps some will say that this is a good thing. Well, that's your musical taste. Why enforce your taste on others?
You know, most geeks would throw a hissy fit if management dictated they had to work 9-5, had to wear ties, and the whole works. Why, then, this attitude regarding how others make their money?
How about my legal rights? (Score:3)
Re:Whitehats/Blackhats? (Score:3)
It's very likely you're overestimating the technology behind NetPD.
My guess is that they simply queried for the names "Metallica", parsed the search results, and queried each request to get the username holding the song. Rinse and repeat for each Napster server. It's not like you don't already know the username when you download an mp3.
There wouldn't be anything illegal about that, and they don't really have to resort to methods like packet-sniffing and eavesdropping, which would probably be pretty controversial.
Go get your free Palm V (25 referrals needed only!)
DeCSS anyone? (Score:3)
From the Article,
"We've set up with the intention of offering copyright protection services to not just the music industry, but the videogame and movie businesses," says Ward, who worked at "a few unknown software companies" before starting NetPD last year."
This sounds pretty much an offer to help the MPAA/DVDCAA to me - even though I wonder how the actual program would identify and make sure that the so labeled software actually is CSS code.
Which brings me to my next point. If I was trading non-copyrighted music through Napster (after having renamed it to Metallica music) and may have got my name on the list - does that mean that I can be prosecuted for violating the law?
At the moment, I dunno. Still I do not think programs like this will ever be effective. Hotline (ftp client program like Wrapster) has an infamous bot - known as the Sadwyw Spider - that searches HL servers for warez. It was news when it came out, but people quickly figured that by simply requiring an l/p to view items on the server the bot would be defeated - or by renaming the items and listing the actual name as part of the info tag.
Couldn't Napster do - something of the like, to defeat bot searches? For Instance - require that a specific always changing login that is displayed at several different locations on the screen be entered for the Bot to search - that would at the very least require a human there to punch in the login, which should make the popularity of programs like this go down alot.
Overall, I don't think this is something to worry about - more scary would be if Metallica put a bot user on Napster with thier songs and displayed the IP's of anyone that dl'ed their songs (Like the webpage that does Gnutella porn) Anyhow - what if I download a song that I legally own, the bot cannot check that either so I'm not that worried...
335,000 napster users in one weekend? (Score:3)
So I'm wondering if anyone has any idea of where they could have gotten such a high number. Perhaps there were 335,000 songs, but I just can't believe that there were 335,000 individual users.
My guess is that they used the song count, rather than the user count so that it would have more press impact, and that we'll find out later that it really was something more like 20,000 users (even that is high). Come to think of it, 335,000 songs is too high. They must be double counting.
Like if NetPD person A and NetPD person B were logged on to the same Napster server, they probably counted the songs they saw twice. And with "5000" NetPD people banging on it... Hmm, that would require only 67 Metallica (TM, Reg. US Pat. Off., Reg. Penna Dept. Agr) songs to be on Napster to get a count of 335,000, which is about how many I'd estimate are available on a server at any given time.
Re:Um, they would need some serious bandwidth... (Score:3)
Your calculations also assumed that every user could match their full download speed. That just ain't so. So, multiply that time by about 10 and you have the actual time, then add 10% for the actual search time on that many files.
So our new total is About 1800 days. That's 5 years.... Hrrmmm.... Hasn't napster only been around for about 8 months?
Kintanon
You don't need to hide (Score:3)
Are they even Metallica MP3s? (Score:3)
I agree that it seems hard to prove who is who on napster and if they could even block all the people on that list (possibly the people with static ips, but then they'll just get another).
My question, and I feel it's something that should certainly be investigated before napster instigates any actions, is just HOW were they collecting information? Sure, they say they've got some "AI Program" doing the search of 5,000 individuals, but that doesn't mean their searches were successful. Are they looking for every mp3 that has metallica in the title? Or has some reference to a Metallica song title? How are they even sure that these mp3s are even Metallica mp3s without downloading and listening to them (Can't you see it, NetPD sued as largest pirate of illegal mp3s *grin*)? Then, the question is, is it illegal to have an mp3 with Metallica in the title, but the actual music isn't Metallica?
I think NetPD needs to be saying a lot more about it's "AI Program" before anybody (slashdotters, lawyers, napster, etc) take their results seriously. In the meantime, I vote we (as in slashdotters), make a rather annoying song about how Metallica sucks and flood napster with tons of these with Metallica titles. How about it? Of course, we'll want to change spellings, titles, file size, etc to throw their "AI Program" off.
Note: I have heard of a company that is developing software that can identify/pattern match music based on properties within the file. So maybe NetPD is using something like this, but they should certainly be able to prove their results are accurate.
ah (Score:3)
He has not provided details beyond the fact that NetPD's software "works like 5,000 humans sitting in a room doing Web searches" to identify thousands of user names very quickly. He insists that to say more would enable Napster and other MP3 programs to block the software.
Oh my God he is using software to brain wash people into doing web searches, any army of mindless droids, he must be stopped. We already know he has 5000 mindless slaves, how many more before before we step in? He must be stoped know.
Re:Napster names or real names? (Score:3)
Since you were technically a juvenile in 7th grade, you might get off with a warning unless Metallica chooses to prosecute you as an adult, in which case you'll probably go down for "intent to redistribute illegally" and "racketeering" in addition to the usual "habitual violator" stuff... tough break.
Bot??? (Score:3)
Secure Keys (Score:3)
335,000 / 60,000 = 5.58 names per page! (Score:4)
I suppose there was probably more than just the name, possibly a listing of songs downloaded or other info (IP Address, etc), but it still seems pretty wasteful use of paper.
Isn't there some kind of law against wanton waste of natural resources? (Nah, guess not or all the junksnalmailers and those postcards that fall out of magazines would be illegal too...) Maybe there should be! :)
5000 users? (Score:4)
--
Prove Downloading/Storing Metallica (Score:4)
OR, is it people who have a file with the name Metallica in it, or one of their song title's. How about I put out a copy of the dictionary, out there titled "Metallica - Holier than Thou.mp3"?
Did they download 330,000 mp3's and play them to see that the are copyrighted material.
I have a file called "Metallica Sucks My Dick.mp3", on Napster. Am I on their list?
Re:Wrong (?) (Score:4)
TOS or no TOS, breaking the law (however unjust it may be to
The law says you must agree to the TOS to use the service. The law says you must also enter the agreement in good faith. By entering into the TOS with previous deliberate intent to violate it you have broken the law.
I don't care if you are a pedophiliac, a drug dealer, or a jaywalker; If the someone has to break the law to catch you, they should be the ones going to jail. No if's, and's, or but's.
For the rest of your argument: NetPD is not the police. They are a private company, with no right to search or seizure whatsoever. Napster, Inc., is not a pedophile. They are accused of the offense of copyright infringement, a victimless crime, in a civil suit. This is nothing more that a corporate dicksize war.
Re:Another step in the arms race (Score:4)
How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order.
I sometimes use a socks{4|5} anonymous server. They are really hard to find, but they do mask your IP under anything you can find a client for (irc,telnet,ftp,etc.), a lot of the anonymous socks servers get abused alot so they don't stay around for an extended period of time, ussually have to find a new one every week or so.
They do mask your IP well (it appears to be coming from the socks server), but under a court order they might be able to get your IP from the "anonymous" socks server. It isn't full proof, but it can help you in some sisuations.
there is huge listing out there of anonymous and free socks avaiable on the Internet, also there is free shell accounts. These both appear to "mask" your IP, but the server that you are bouncing from can grab your IP if they really wanted to (some have a no-log-ip policy, some don't), also make sure the shell/socks proxy you are "bouncing" off allows this, some sites "forget" to secure them probably and they get posted on this list, then 100 script kiddies start trading p0rn though them and it ends up in a big mess...
The only other thing I know of would be FreeNet [sourceforge.com]
Another step in the arms race (Score:5)
It's just a matter of time before the RIAA goes after those operating servers on IRC. NetPD is a company that will likely help in this. (In most cases, they could probably get those running servers booted from their ISPs--very painful when high-speed options are limited.)
So what are the next step for those who want to be anonymous? How can I mask my IP number when going online (through IRC, web, napster, etc.)? And I mean really anonymous--no logs to be revealed under court order.
Whitehats/Blackhats? (Score:5)
NetPD hails itself as a "force for good", but where's the accountability? If the Christian Coalition approached NetPC asking for the names of everyone emailing to abortion clinics, how do we know they won't turn their 10 employees (5000 monkeys) on that job to make their next dime?
Also, without revealing their methods, it seems like there is a real possibility that they're doing packet sniffing, which would be a violation of the law, constituting illegal search, or they're posing as napster clients, letting people download which, while not entrapment, as they're not a law enforcement agency (among other reasons) is just as illegal as the person downloading them.
If they're only supplying dummy files with authentic-looking names, then the people downloading the files aren't breaking the law.
Of course, there are other major problems, such as the fact that they're using Napster-registered names, which are often fake to begin with, and that they have no way of showing that someone doesn't own the CD in the first place, and thus a license to make or obtain a copy.
None of this will have an effect in the long term, as NetPC admits they can't discuss their information gathering methods, because if they were public Napster would be able to block it. Sorry, but such evidence won't hold up in court without demonstrating exactly how it was obtained (for resons of determining authenticity, accuracy, and legality). Once this is done, Napster can block it.
Kevin Fox
Re:They'll have to tell someone how they do it ... (Score:5)
Yes and no.
For more information, including the text of the decision, see http://supct.law.cornell.edu/supct/html/98-1993.Z
They'll have to tell someone how they do it ... (Score:5)
Imagine (this isn't going to happen now, but something similar will someday) that Napster refuses to block the names on the list. Metallica sues, and the conversation in court looks like:
Metallica: "Napster won't block these known copyright violaters."
Napster: "This is a random list of names; there is no proof they are copyright violators."
Metallica: "Sure there is; NetPD told us they are."
Napster: "How did they get the list?" What proof do we have they aren't just random names?"
NetPD: "Trade secret, we can't tell you that."
Either NetPD's comment holds up in court, and *anonymous attacks* become acceptable legal practice (in which case we all ought to run to the nearest country with reasonable laws, as ours will cease to mean anything), or NetPD is forced to disclose their methodology to the court, or the list is thrown out as being invalid evidence in a court hearing.
Fighting fire with fire (Score:5)
Complain to their upstream provider [ntli.net], about the excessive use of bandwidth caused by netPD. It might not get them blocked, but they could get bumped to a higher cost guaranteed bandwidth service, taking another chunk out of their revenue.
Track the methods they use to search napster, gnutella, and web sites. They are using some kind of spyder to crawl around and log hits based on their customer's heuristics. These bots/spyders could then be blocked at various points, freeing small sections of the internet from their insidious probing.
Enlist university administrators to help block netPD. Students who are running distributed file systems and fear being libeled or falsely accused by netPD should send a written request to the university network administrators to block outside access to netPD. Again, use carefully selected panic words 'illegal probing attempts', 'crack attack', and 'allowing netPD access could open the university to a lawsuit'. Tell them cracking/scanning attempts are coming from the subnet [ripe.net] 62.254.209.128/25, and ask them to block it.
Create a standard template to exclude netPD from networks you control. Someone should write a one paragraph disclaimer which could be customised for each locale telling netPD to stay away, and promising to follow up any violations with a vigorous prosecution.
Bruce Ward, 23-year-old chief technology officer of NetPD sounds like this is a small failed Y2K pre-IPO company jumping onto a wave of free publicity. Not to put down 23-year-olds, but a company with an abrasive CTO like Bruse may not survive riding a big and dangerous tsunami very long, no matter how good surfers they think they are. He already rode another company into bankruptcy and several lawsuits.
He's been so bold as to register the address www.mp3police.com.
"We fully expect to upset people and our site will probably get hacked," he says.
This sounds likes a challenge to leave to the script kiddies. That server is physically located in a webhosting service in Dallas, Tx, USA, running a static page of Bruse's failed Y2K fixit company. Bruse has also registered mp3police.co.uk, which has been recorded scanning many legitimate sites, none of which are running napster or warez boards. Complaints have been circulating for a while, go scan deja for some more info. NetPD has even hit some totally innoculous honeypots and scanned them completely.
At this moment, netpd.com and netpd.net are still available from futuresite.register.com for a price
The challenge for those who want to see a free net is to attack netPD where it counts, their access, their financial well being, their status as vigilantes, and their reputation with any potential customers.
the AC
Re:Bot??? (Score:5)
(iii) reverse engineer any portion of the Napster service or browser
And the penalty:
Napster and its affiliates reserve the right to refuse service and terminate accounts in their discretion, including, but not limited to, if Napster believes that user conduct violates applicable law or is harmful to the interests of Napster, its affiliates, or other users, or for any other reason in Napster's sole discretion, with or without cause.
I'm just sorry they didn't have a 'fine' clause. Say $1,000 per infraction of privacy policy, and $100,000 per instance of infraction of the RE clause. Collecting 335,000 users nicks and IPs would cost Metallica and NetPD $335,000,000, as well as each bogus session using the harmful RE'd software (probably 40-100 clients) another million.
Napster names or real names? (Score:5)
If that's all they have, then why is there a problem? Anyone can use any name to sign up and use the service, it's not as if the 335,000 named folks can't use it anymore. Also, I don't remember giving any personal information when I signed up for Napster, so unless they're working with ISPs, they won't have any real names. If I'm wrong about this, please, someone enlighten me. But it just sounds to me like NetPD logged on, got user names, and killed some trees to make a show of the whole thing.
The Good Reverend
Favourite quote on this topic (Score:5)
Al Answers: I have very mixed feelings about it. On one hand, I'm concerned that the rampant downloading of my copyright-protected material over the Internet is severely eating into my album sales and having a decidedly adverse effect on my career. On the other hand, I can get all the Metallica songs I want for FREE! WOW!!!!!
Taken from Ask Al [weirdal.com]