Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Music Media

Spoofing P2P Networks as Marketing Plot 457

prostoalex writes "Salon's technology section talks about major music labels spoofing the peer-to-peer networks. The users of AudioGalaxy, Gnutella or KaZaa have probably seen a surge of fake MP3 files when conducting a search on a popular title. The MP3 looks legit, but contains a 20 second clip played over and over. Such promotional tracks were especially popular with newest releases, such as Eminem and No Doubt, as pointed out in the article. Who posted the fake tracks to the p2p networks? Could it be, as Salon suggests, a suburban mom, who does not agree with controversial lyrics, or would it be the label, trying to prevent piracy and promote the new album at the same time?"
This discussion has been archived. No new comments can be posted.

Spoofing P2P Networks as Marketing Plot

Comments Filter:
  • by RAzaRazor ( 562318 ) on Monday June 10, 2002 @04:35PM (#3674916)
    I have downloaded files in the past where the content repeated itself. It's interesting though because
    I have downloaded files in the past where the content repeated itself. It's interesting though because
    I have downloaded files in the past where the content repeated itself. It's interesting though because

    To view the rest of this comment for only $4.95, visit http://www.riaa.org

  • by Anonymous Coward
    Why do people keep these song shared? I've found one or two of them and deleted them immediately. Maybe we should all do our part and message anyone who shares these songs asking them to delete the track and stop wasting everyone's resources.

    It's not as bad as the renaming of some old movie to look like a brand new movie release, but both are annoying.
    • There's a lot of young stupid kids using this software and they're about as computer savvy as my dead grandmother. They may realize that the song is screwed up, but they don't even know they're sharing it and probably don't even know how to delete it.
    • by zangdesign ( 462534 ) on Monday June 10, 2002 @05:00PM (#3675143) Journal
      Well, if you think about it, all the record company has to do is put P2Pster on a computer somewhere and load up the spoofs. Alternate the usernames (if required) once in a while, maybe add some new content periodically.

      They show up in the search just like some college student in Peoria.

      You know, I think I've just hit on a money-making business: Hosting spoof songs for the record company. For, say, $500 a month plus bandwidth, I will host any and all spoofs the record companies want!

      Whaddaya think?
    • by PepsiProgrammer ( 545828 ) on Monday June 10, 2002 @05:01PM (#3675153)
      So this explains why 'Who let the dogs out' sucked so bad when i downloaded it, surprisingly after months of trying, I still cant seem to find a legitimate, nonrepeating copy. The RIAA must be pretty serious about all this
    • Why do people keep these song shared?

      It's not necessarily individual users keeping these songs shared. Certain hosts are set up to distribute nothing but fake files -- even ones who look for words being searched and rename files after them ( does this with a 28kb spam .mpg/.asf file that launches a website when viewed). If you're on gnutella and are using Gnucleus [gnucleus.net], you can filter out specific hosts.
  • by Squeezer ( 132342 )
    I remember this happening on napster. They also had songs that at the end or beginning said "If you enjoy this song please buy our cd from our website, etc..." I remember a specific Econoline Crush song that was like this and widely distributed on Napster.
    • I was thinking that too. I remember Barenaked Ladies releasing an .mp3 onto Naptster that was the beginning of their new single and a humorous plea to go out and purchase the whole CD. They knew their fans were the people downloading the .mp3 and tried to deal with the problem with a little humor. As opposed to Metallica, who decided that pissing off their fans was a good idea.

  • Interesting... (Score:4, Interesting)

    by tm2b ( 42473 ) on Monday June 10, 2002 @04:36PM (#3674928) Journal
    If you make the analogy between file sharing and free speech, I guess this would be the labels taking the "more speech is the best solution to bad speech" tact.

    I'd much rather see this than action through the courts.
    • by Bouncings ( 55215 ) <ken&kenkinder,com> on Monday June 10, 2002 @05:53PM (#3675473) Homepage
      "more speech is the best solution to bad speech" isn't a new idea either. With politicans don't have any really profound ideas, why do they always run MORE ads on TV and radio to drown out the compeditors?

      Personally I think a good solution to the RIAA/MPAA problem is something like the Internet 3. The Internet2 [internet2.edu] is non-commercial. But maybe we could create an Internet 3. Similar to the "No-Homors Club" on The Simpsons, we could have the "NO-RIAA/MPAA Club" -- where in order to get online, you have to sign a "license agreement" where you state that you aren't from the MPAA or RIAA. Therefor, in order to sue you, the RIAA would have in fact had to break a contract. "By clicking here, you agree to release all your copyrights and promise to spit at Jack Valenti"

      ... I can dream, can't I?

  • CRC check? (Score:5, Insightful)

    by Anonymous Coward on Monday June 10, 2002 @04:38PM (#3674949)
    It almost seems as if we should start CRC checking the files through the P2P app. Get several, verified versions floating around at common bitrates (and a VBR version)...
    That way we don't have to deal with garbage like this, and also have a guaranteed, legit (so to speak), quality copy (at least at the said bitrate) to download.
    • [With a system involving hashes of the contents of the compressed audio data,] we don't have to deal with garbage like this, and also have a guaranteed, legit (so to speak), quality copy (at least at the said bitrate) to download.

      If the hashes aren't signed, the labels can forge the hashes. If, on the other hand, the hashes are signed, the labels can send takedown notices to the sites hosting the trusted rippers' public keys.

    • Re:CRC check? (Score:5, Insightful)

      by scott1853 ( 194884 ) on Monday June 10, 2002 @05:03PM (#3675166)
      Choose the worse scenario:

      The RIAA starts using these checksums to flag what is pirated and quickly shuts down everything.

      You create some massive database (CDDB) created by the public, for the public, and then after a few years have some greedy bastards (GraceNote) close it up and charge money for access to it?

    • Haven't used it, because I haven't used a P2P network in a year or two, but it's worth a look:

      hksfv32 [big-o-software.com]

      As a side note, AIM+ [big-o-software.com] is a great program for fellow AIM addicts.

    • The problem is that if you have specified clean copies, then it makes it real easy to filter them. On the other hand, if you were to specify a black list of known sources of bad files and specific CRC's of known bad files, it would clean up the noise a bit.

      Though I have to say, it is nice to see the RIAA taking an intelligent approach to this. Much better than trying to sue everybody and shut down all the P2P networks. There's nothing wrong with P2P sharing, only sharing of pirated music. In that case, the RIAA simply makes it next to impossible to find legitimate copies of music on the system.
    • Web of Trust - (Score:3, Insightful)

      by Sangui5 ( 12317 )
      Straight CRC checks won't work, btw. You'd have to download the whole file to do the checksum. Better to sign the file in chunks. Or, use a fancier scheme:

      You could do a web-of-trust type verification. Logically, divide the files into medium-sized chunks (say 32KB). Allow people to sign the chunks (w/private key), thereby endorsing the content as "valid". You can download a chunk, and see if it's been verified (preferably by someone you trust, or someone who's been signed by someone you trust). If it has, download the next, see if that's been verified, etc. (Again, if you only sign the whole file, you have to d/l the whole file to verify the sig, which is pointless).

      Now, of course ppl. could falsely sign something. So, you 1) allow more than one signing of a file. 2) distribute keys with a PGP-style trust web.

      So, suppose I put up a P2P host. I allow ppl. to download my public key, along with signed files. Someone will be willing to try out my files. They find it valid, so they sign my stuff, and send the signiture back to me. They also sign my key, perhaps indicating a level of trust in the signing.

      As time passes, I can build a reputation in the long list of people who have signed my key and my files. You can trust the stuff I have up to be good because the stuff I've had up before was good, and this long list of people are willing to vouch. Probably, you trust at least some of these people directly (they've shared good stuff with you), so their sig. means something.

      Now, an attacker can take advantage by gaining trust, and then spewing abunch of crap. BUT, they have to deliver good shit first. If they abuse it later, well, have the signatures be dated, or provide for revocation certificates.

      Or we could go back to the old-fashioned way of doing it. I trust the stuff I download because I've shaken the hand of the people I'm downloading it from. Or because I've taken a risk in the past with them, and they paid off, so now I trust them enough to let them get my stuff, and they trust me enough to let me d/l theirs. Much more personable and friendly that way.
  • by zenintrude ( 462825 ) on Monday June 10, 2002 @04:39PM (#3674962)
    you thought it was just 20 seconds repeated over and over, but that's actually the real song...

    hey baby, hey baby, hey!

    hey baby, hey baby, hey!

  • Searching... (Score:4, Insightful)

    by Mars Hill ( 583512 ) on Monday June 10, 2002 @04:39PM (#3674965)
    Anybody who uses a fileshare client can quickly figure out that if a file is not multisourced, it might not be legit. These files will not be kept on peoples drives, they will get deleted right away, and then their presence will shrink into oblivion. It's a sneaky idea, though.
    • I don't know. I tend to find junk, ads, whatnot on multiple sources. I think people are just lazy, and don't delete the junk.

      I know I do, as quickly as I find it, but sometimes I'm downloading something through the night, and may miss a file for 10 hours or so.

      So the multi-source thing doesn't work that well.
      • Multisource is normally what I grab first, its downloads quicker, if someone disconnects, I can still get the whole file. I have yet to get a multisource piece of junk. If it ever comes to that, I'm sure some talented programmer will think of a way to bypass the crap.
    • Some people (myself included) actually rename the files after they download them and remove things like %20 from the filename, which would make it unique. Of course I don't bother sharing so it doesn't matter much ;)
  • Subliminal? (Score:3, Interesting)

    by FortKnox ( 169099 ) on Monday June 10, 2002 @04:40PM (#3674966) Homepage Journal
    I'd find it even more clever if they put subliminal messages in the repeated tracks. Way to use technology against people to do your evil bidding ;-)
  • Good to see (Score:3, Interesting)

    by tps12 ( 105590 ) on Monday June 10, 2002 @04:40PM (#3674967) Homepage Journal
    This is actually really good news. It's a sign that the music labels are going to try to deal with the P2P phenomenon on its own terms, not in the courts.

    Fortunately, we will likely see a surge of new features in the more popular P2P clients that permit easy filtering of such "bad" files (e.g., an easy "delete and remember checksum" button). But as long as its a technological battle as opposed to a legal one, than it can be won.

    On the other hand, the music labels may be shooting themselves in the foot in some cases. If I was trying to get the hot new "electronica" single, and ended up with "a 20 second clip looped over and over" I might not notice the difference!
    • It's a sign that the music labels are going to try to deal with the P2P phenomenon on its own terms, not in the courts.

      I totally agree and I can't believe how long it took them to finally figure this one out. I got a whole bunch of Scorpian King adverts instead of a movie I was trying to grab. Pretty effective stuff, I must say. My next search was "Scorpian King avi" ;o)
  • is this bad? (Score:2, Insightful)

    by dreamt ( 14798 )
    I don't necessarily think that this is too bad of a thing. I would rather see the recording industry trying to fight with technology than the courts. At least if they are fighting illegal copying using technolgy, that still leaves the technology open and available for legal means. If anything, this just goes to prove that P2P has legitimate means, depending on if they are using it for "advertising".
  • Good on them (Score:2, Insightful)

    by God! Awful ( 181117 )
    I hope it is the music companies who have found a clever way to shut out free-loaders. One of the points that people often ignore here is that a wide-scale solution to music piracy does not have to be technologically perfect; it merely has to make it sufficiently inconvenient or shameful to pirate music that most people won't bother. That's essentially what the much-loathed DRM technology does. This new technique of flooding the netwaves with junk clips is even better because the only "victims" are criminals.


    The advantage of the GPL is that your customers can continue to maintain your code after you go bankrupt.
    • This new technique of flooding the netwaves with junk clips is even better because the only "victims" are criminals.
      Not if you're downloading an MP3 version of a song you own, rather than ripping it yourself.
  • the price you pay (Score:5, Insightful)

    by the_rev_matt ( 239420 ) <slashbotNO@SPAMrevmatt.com> on Monday June 10, 2002 @04:45PM (#3675006) Homepage
    That's the price you pay for not paying for your music. I'm quite serious about that. If you are getting music for free, why bitch about the fact that it isn't perfect? If you're getting music for some cool indie band that doesn't have a label, then chances are they aren't spoofed files. If you're getting music from todays top 40 charts, then you obviously haven't paid for something that is generally not free. The labels are just taking advantage of that fact and trying to promote the track you are trying to get without paying for it.

    Note, I'm not preaching about how you "shouldn't steal music" (see my rant [punitiveart.com] about what's wrong with DRM). I'm just saying if you get something free, don't bitch that it isn't perfect.

    • Just a note about Top 40 Napsterizers in my area:

      Most Eminem-bots around here wont even complain that their Eminem CD wont play on their PC, and they STILL bought it. Of course they downloaded the mp3s, but they buy the CD too (its called franchise penetance, and I'd be more sympathetic to the RIAA if wasting money on brands, regardless of quality of product, wasnt America's favorite passtime, anyhow. Do they really honestly think people are downloading top40 bands because the quality is top notch? Nope. The big bands are Brands, and nobody likes to own a brand without owning some officially licensed 'gear', which is the CD in this case.)

      The RIAA's archtypal top 40 uber-pirate downloader does not exist! Instead, those downloaders have ALSO been rushing to their local store, repeating, "I know I'm a sucker, but hes so cuuuuute, I have to buy his CD!" for the last 5 years ..

      So, I'd say, they are targeting an audience that is buying CDs from them anyhow. I certainly dont know too many NON-top40 downloaders who are buying CDs nearly as religiously as the brand whores who need their latest Eminem or No Doubt (tho thier last single is pretty catchy, I have to admit they've grown) or big label divas.

      How does this impact this story? I think if it is the RIAA or labels that are doing this, they are wasting their time, and the bandwidth of the last slice of their realiable, heavy user consumer base. It might work tho, which is fine with me as it would leave the people actually using file sharing networks to increase their exposure to new music alone to pursue such a noble quest.
    • by ajs ( 35943 )
      No, this is a new technology finding its legs. Reviewed and scored content will be the next step. It's an arms race that companies like RIAA and MPAA can only win if they ban the technology, and that's seeming increasingly unlikely.

      I suspect that the next stage of music and video distribution are just around the corner, but they have some mindset hurdles to overcome (MTV was the most brilliant thing the music industry could have done to delay the phenomenon of digital distribution). Certainly there's a lot of money to be made and there's also an altruistic goal: if the mindshare lock can be broken, real music can once again penetrate the masses. Imagine the change; music as poetry taking root again. Music as protest. Music as expression. Wow, wouldn't that be something!

      But for now, all the teenies who are swapping mp3s can see to do is trade copyrighted Metallica and No Doubt. That will change, and sooner than you think.
    • by Bouncings ( 55215 ) <ken&kenkinder,com> on Monday June 10, 2002 @05:37PM (#3675387) Homepage
      I have to take exception with this. The RIAA is exploiting it because it is open not because it's free. What does cost have to do with this? This is no different than Microsoft releasing a bunch of fake Linux patches to discredit Linux. Wouldn't that be perfectly OK, because Linux is free and you get what you paid for? You're some kind of lying, stealing bastard to get something for free aren't you?

      It's wrong for someone to write a program that exploits obvious problems with Microsoft outlook, but exploiting p2p or iMac firmware issues on CD players is a perfectly acceptable way to "get back at" those darned copyright infringers?

      News flash: Most of the interstate highway system is free. Does that give me the right to blow up a highway? Hardly.

    • Note I didn't say if you can't beat'em, lobby congress to destroy a legal infrastructure in order to put money in your own pocket. I've been saying for years that if the MPAA threw hoards of half length mp3's on P2P networks, and then provided an alternate service where I could buy the songs I liked, but not the crap I didn't, they would be rolling in the dough. Whats more, it would leave all of the best of P2P networks while destroying all of the worst of P2P. Could it be possible that these guys are starting to get a clue? I know it's too much to hope for, but this seems like a perfect way for the RIAA to coexist, and even profit from P2P.
    • On the flip side (Score:2, Insightful)

      by lorcha ( 464930 )
      I think many people, including myself, would actually pay money for mp3s which are:

      1. Professionally ripped (no skips or other imperfections)
      2. At a high bitrate
      3. Downloadable from a high-bandwidth server.

      Polluting the P2P networks helps them make their business case for their own music services, and isn't any less nice than what the P2P networks are doing to them.

      I don't intend this to be a flame or a troll, but seriously, we shouldn't hold the RIAA to a higher standard than we hold ourselves. I'd much rather see them fighting back through technology than through draconian legislation.
  • by paradesign ( 561561 ) on Monday June 10, 2002 @04:45PM (#3675007) Homepage
    and i thought they were just boring repetitive songs, you know, like the ones they play on the radio too. i think the RIAA is to blame for those as well.
  • Hmm (Score:2, Interesting)

    by Have Blue ( 616 )
    Hey, this is better than putting up malicious content disguised as MP3 files and hoping it gets launched by the client or user. Haven't you seen those redirects that pop up when you let a gnutella search run for a while?
    • Haven't you seen those redirects that pop up when you let a gnutella search run for a while?

      Actually, I haven't. What client do you use? I use the purist java client, Phex [sourceforge.net] which doesn't suffer from those. Granted, I've seen so much d/led content tripping redirects, but not the act of searching.

      And I've wondered about spoofing hits, too. I can't imagine a Gnutella client following a redirect, but if someone builds a quick & dirty one around a small, modular web browser, I guess I can see it happening.
  • Fake? (Score:2, Funny)

    by dr_dank ( 472072 )
    Who posted the fake tracks to the p2p networks?

    Fake music? Theres [britneyspears.com] no [backstreetboys.com] such [nsync.com] thing! [98degrees.com]

  • by dada21 ( 163177 ) <adam.dada@gmail.com> on Monday June 10, 2002 @04:46PM (#3675019) Homepage Journal
    I think this is a fine idea by the record labels, if they want to do it, go ahead.

    I would REALLY love the ability to moderate people though. I've downloaded my share of BAD quality stuff, and sometimes from the same user, so it would be nice to moderate someone out to nothing-ness status, as well as say "Only download from high moderation point users first" etc.

    • Not slashdot-like. Too easy to spoof.

      Now a personalized system, where you can rate downloads as "Good" or "Bad" and then that gets converted into a score would certainly be nice.

      IPs below a certain score don't get shown
  • This is weak (Score:2, Interesting)

    by MicroBerto ( 91055 )
    The inner-blessings of p2p fix this problem though! Since the file will suck, it will get deleted off most people's hard drives, and will not become as circumvented.

    On the other hand, the Eminem files or whatever that are GOOD will eventually spread out, making your chances of finding the right file better with time.

    It's nothing to be worried about, as long as people do a good job of stealing and organizing their music (tongue in cheek).

  • The only way (I think) to stop these kinds of "attacks" might be if the users can rate the content. That way users can help eachother in localizing and avoiding the crappy files. Not sure how it could be implemented, though, and I'm not sure how to avoid the record companies from creating massive amounts of clients that all give positive ratings on their own crappy files...

  • Salon says... (Score:5, Insightful)

    by doorbot.com ( 184378 ) on Monday June 10, 2002 @04:51PM (#3675064) Journal
    Actually, Salon quotes Eric Garland, CEO of peer-to-peer measuring service BigChampagne:

    "What you want to do is excite the consumer and titillate and create demand." He notes, however, that the "danger of try-before-you-buy" is that if a user doesn't like a previewed track, "then the industry and that record would have benefited from [that user's] ignorance."

    Hmm. Now isn't that interesting.


    RIAA doesn't want Joe Consumer listening to the crap (Top 40 I guess) they release before he buys the album, because then he might realize it's crap and the RIAA is just liberating money from a fool.

    OK, so let's go with that for just a moment here...

    That means that what the RIAA releases as "today's hottest bands" are really just a bunch of second-rate hacks (not even first rate!) who've been blitz-marketed into every teenager's record collection. So, as Bono (right?) said on that VH1 special (paraphrased), "It's not casette copying that's killing the music industry, it's crap music killing the music industry."

    Frankly, I think that has always been true.

    What I want to know is... if the band is so unbelievably fantastic, why do they need all the heavy marketing? Sure, some marketing to appeal to the fence-sitters, but you don't preach to the choir.

    So, the RIAA is spending billions to market Britney Spears to make us believe she's the best thing since sliced bread (or better yet, to make us think it more than we already do it seems), when Britney fans will buy the CDs anyways. And somehow they claim they're losing money here. Hmm.

    All the word games, legal lunges, and slight of hand gets old after a while. Is anyone else getting a vision of the RIAA as another Ross Perot jumping in an out of the "race" all the while annoying us with lots of charts and a funny voice?
  • Good thinking (Score:3, Insightful)

    by geekoid ( 135745 ) <dadinportland&yahoo,com> on Monday June 10, 2002 @04:51PM (#3675066) Homepage Journal
    This is how They should try to stop copyright infringement. Putting aside the copyright debate for a moment, this is away to make it inconvienant for people downloading material, without engaging the courts.
    You could take this same approach on other things as well.
    I have always felt radar detector should be legal. If the loac PD don't like it, just put up a device that fired a signal at a random interval to trigger the radar detectors. Don't involve the courts in something you can solve yourself.

  • by Subcarrier ( 262294 ) on Monday June 10, 2002 @04:52PM (#3675071)
    The MP3 looks legit, but contains a 20 second clip played over and over

    Time to put the /. moderation system into the P2P clients.
  • by CurtisRWC ( 520668 ) <curtisNO@SPAMfaac.net> on Monday June 10, 2002 @04:53PM (#3675077)
    I think this is a really good tactic for the music industry to use in their struggle against P2P piracy. Yes, piracy. I mean, regardless of whether or not you personally are downloading music or other files in a legal fashion, there are tons of other people (likely the majority) of people who are using this to do something which is considered illegal by law. Is it a good law? Doesn't matter. It is the law.

    So, when Joe College Student downloads the latest MTV-hyped band that sounds like metal, grunge, and rap all thrown together in a blender, he gets a 20 second clip and an advertisement. What is Joe going to do? This is kinda/sorta like the highschool kid who spends $60 on a bag of off-the-shelf herbs and spices.

    Now, here's the thing that really makes this a Good Thing. If this becomes common practice amongst the music industry, it could very well have the unexpected side effect of thwarting legal attempts to get P2P services shut down. I'm not a lawyer, etc, etc, but I'd think that you would be hard pressed to present a case to shut down a service that you use yourself.

    And of course, now that the ante has been upped, I'm sure the P2P community will respond by improving their software to add features to combat the music industry's latest tactics. I'm not sure what form this will take, but perhaps some sort of public key watermark by trusted encoders or preview features or something even better.

    In an odd, preverse sort of way, this is almost the first step in making peace between the P2P community and the music industry.
  • by Sanity ( 1431 ) on Monday June 10, 2002 @04:54PM (#3675091) Homepage Journal
    We [freenetproject.org] have been thinking about this problem for some time. Our solution is a mechanism called "subspaces", where users can effectively vouch for the authenticity of data, even though that data might be anonymously inserted into the network. Even those vouching for data can remain anonymous, they will be motivated to stay honest to maintain the reputation of their anonymous identity. You can learn more about subspaces here [freenetproject.org].
    • ...someone with non-trivial resources bent on flooding the network with junk?

      It seems to me that it would be extremely easy to generate massive amounts of junk into a P2P network under legit looking names. A large music company could easily put up a hundred servers, each virtual hosting a hundred P2P nodes, and then generate multiple bastardized variants of each song so that they appear to come from multiple nodes in multiple versions. Impossible to distinguish from the real thing unlesss you download it. They could keep generating new variants as old ones fall into disfavor.

      This looks like a really hard thing to combat. They don't have to worry about losing credibility either. Even if you put in some kind of a co-operative moderation system, they can use those 10 000 P2P nodes to moderate each other up.
      • They don't have to worry about losing credibility either. Even if you put in some kind of a co-operative moderation system, they can use those 10 000 P2P nodes to moderate each other up.

        This is the kind of challenge that Google solves, by sensing self-referential sectors of the net and nullifiying their weights. This IS an emminently solveable problem.

        • I wouldn't call it eminently solvable. The situation in the web is fairly static and there is a central computation point at Google to hold the necessary data. Here you would have to store every moderation as a link connecting node A to node B and somehow perform a distributed computation in order to isolate the self-referring parts of the network. While doing that, you would also have to prevent the tainted parts of the network from interfering the the computation.

          It presents an interesting problem.
          • by tftp ( 111690 ) on Monday June 10, 2002 @06:40PM (#3675706) Homepage
            Here you would have to store every moderation as a link connecting node A to node B and somehow perform a distributed computation in order to isolate the self-referring parts of the network.

            That's how PGP's Web of Trust works. It is fully applicable here. A hierarchy of trusted signers would vouch for the authenticity; each signer can be anonymous, and signer's trust can be added or revoked. All you need to add is the ability to download the signature separately (or before) the song.

  • Ya gotta love barenaked ladies... (and the band by that name too)... A few weeks prior to the release of their last album, all the tracks appeared on Morpheus... leaked by themselves! sorta... During a few points in each song various band members chimed in with wisecracks about file trading, computer stuff, etc... The tracks served both to promote the songs as well as give the fans something unique, yet different from the studio releases... It was great! I burned a copy of this version and purchased the actual album when it was released... both are classics... I'm all for this practice, though i can't imagine such creativity coming from most other RIAA contract holders (I doubt that RIAA approved of BNL's antics, for that mattter...)
  • Once I was downloading the Scorpion King, and as usual I previewed it a couple of times during the download to make sure it was legit. Well, after I downloaded the whole thing, I looked at it, and it turned out to be just the trailer for the Scorpion King looping like 25 times. Much like pop music, those cheesy movies pretty much look the same all the way through so even if you previewed it in the middle of the movie/song you wouldn't know the difference.I never did get to see that movie but I heard that it's just a looping of the Rock doing the eyebrow thing.
  • Trusted networks (Score:3, Insightful)

    by sacrilicious ( 316896 ) on Monday June 10, 2002 @04:58PM (#3675128) Homepage
    This may spur the next level of one-upsmanship: "trust" metrics being manually or automatically integrated into the p2p experience.

    For example: there could spring up various independent directories of MD5 checksums for songs known to be either good or bad. Various individuals could maintain these by hand, or P2P clients could allow the users to collaborate on such a shared directory by allowing users to simply click a button to associate a "trusted" or "untrusted" score for an individual file. File scores could then end up being aggregated into a reputation for a given person. Someone impugned a lot would get a bad reputation for sharing bad files, but allowing meta-level moderation (not unlike that in slashdot) could make this work both ways: someone who repeatedly impugns someone who actually deserves a good reputation would themselves lose reputation points.

    An example of a trust metric can be found here [advogato.org].

  • From the article: "MetaFilter's Haughey says 'record companies would love it if people were frightened of file-sharing networks and never touched them again.'"

    I'm really surprised the record companies haven't taken advantage of this to advertise their pay services. Why play just a looping 10-second piece of the song when you can play a clip and then say, "To get the whole song legally for just $1.95, visit Pressplay.com" or something to that effect? I know that eMusic and some other services used to advertise their presence in the ID3 comment tag of the MP3, but this would seem to be wholeheartedly more effective.

    The real question is, do the music companies really want these for-pay services to succeed, or do they want them to fail so they can frame Internet users as thieves? I'd say that both viewpoints exist in the RIAA. That's why these services aren't even advertised, especially not in a means such as the above, which IMHO would be quite effective.

    I worry sometimes that all this "music revolution" will give us is uncopyable CDs. This would be a huge disappointment to those of us who don't want to gyp the artists -- we just want music in a more flexible format than a CD can offer. I, for one, am hoping that the potential of mass music distribution via the Internet can become a reality. If the record companies only squash the P2P networks without providing an alternative, this will only serve to alienate customers. On the other hand, if the record companies work with us to provide a low-cost way to distribute music legally (with rights to copy it to other devices), both the record companies and artists have a chance to become much more profitable while continuing to make their customers happy. I sincerely hope the latter will occur.
    • Why play just a looping 10-second piece of the song when you can play a clip and then say, "To get the whole song legally for just $1.95, visit Pressplay.com" or something to that effect?

      Simple: because you simply can't do that yet.

      The day that MusicMatch and Pressplay offer plain vanilla MP3's of their songs for download at $1.95 a pop is the day they begin to win back mindshare and marketshare from the P2P services.

      Until then, they are stuck with desperate measures like these to gum up the P2P works.


  • I suggested this a while back:
    http://slashdot.org/comments.pl?sid=28940&c id=3108 069

    Really it seems the best course of action for them. Make it terribly difficult to find a track and couple it with cheap, easy downloads of MP3 songs and you've got a winner.
  • Movies, too? (Score:2, Insightful)

    by vrmlguy ( 120854 )
    I've started suspecting that someone at the one or more of the studios deliberately floods the P2P "market" with crappy versions of the latest movies. For instance, there's the hand-held camera, with MST3K effects. After watching for a few minutes, you start thinking about deleting the file and going to see the "real thing". When there's a good image, the sound is frequently bad.

    And then there's the matter of file sizes. Look at this:

    03/02/2002 07:35a 746,689,484 movie - CENTROPY release -No subs CD 1of3.mpg
    03/07/2002 04:36a 721,932,332 movie - CENTROPY release -No subs CD 2of3.mpg
    03/02/2002 11:58a 425,062,892 movie - CENTROPY release -No subs CD 3of3.mpg
    3 File(s) 1,893,684,708 bytes

    You can fit roughly 650 MB on a 74 minute CD-R, or 700 MB on an 80 minute. There's no way that the first two parts of this movie will fit without violating the spec! And there's no reason for it, because the total, divided by 3, will easily fit on either size CD-R: 631,228,236!

    Obviously, the only reason for doing this is to keep people from burning the movie onto CD-R's, which prevents archival storage and means that you have to decide to either keep it on your hard drive, or eventually delete it and hope that you won't want to watch it again.

    • Re:Movies, too? (Score:5, Informative)

      by groke ( 160115 ) on Monday June 10, 2002 @05:32PM (#3675349)
      actually, the reason for these file sizes is that they're meant to be burnt as VCD -- video CD -- (or sometimes SVCD (the S is for super)).. said movie is most likely a VCD-compliant (happens to fit the bitrate and resolution requirements) MPEG-1. (S)VCDs are in mode II, which allows for about 740 meg on a 74-minute CD, and 800 meg on an 80 minute one. This is all spec-happy, and just about any recent burning software will be happy to burn said mpegs to VCD (I know Roxio EasyCD creator does (starting with version 5) and Nero, of course). The added space comes from less error-correction in the data tracks, so it's slightly less robust.. but it allows for more data to be burned.

      as a side note: almost all regular DVD players (you know, the ones for your TV) will play VCDs, some will play SVCDs (which are VCDs but with MPEG2 instead of MPEG1, and a bit more advanced menus possible). Some will play them off of CDRs, some not so much. visit http://www.vcdhelp.com [vcdhelp.com] for more information on players and how to make VCDs.

      And for the record, centropy tends to release pretty damn fine quality screeners. It's true that many suck, and they do make me want to wait for theater (or just until the DVD comes out, and then get a DVD rip :) ), and I won't discount the possibility that the studios play games with bad released from time to time.

      That is all, thank you for your time.
  • If these tracks from 'major' artists are tough to get, perhaps the people who are denied access to the 'hot' albums will try out a local or independent artist.

    Then realizing what crap they've been listening to all this time, a sense of taste develops.

    These awakened consumers of music spread the glorious truth: The real art is to be found not in mass-marketed image advertunesing, but in lovingly crafted songs by talented, yet overlooked artists.

    I'd say more but I'm off to get the soundtrack to 'Spiderman'! That generic mispelled band name rap/rock angst filled warmed over grunge-RoK is super hot! And yet cool at the same time!

    The RIAA says: "Go ahead and listen! We'll make more!"

  • They are spoofing the top 100 albums on P2P networks? Fine, the top 100 sucks anyway.

  • Terrorists! (Score:2, Funny)

    by SaturnTim ( 445813 )
    CAn we accuse the recording industry of being terrorists now? They are attacking the internet. They are trying to bring down a computer network by inserting "trojan horses" of false data into them. Shouldn't this be prevented under the DMCA or something?

    Oh, and last time I checked, it's not legal to break the law just because the other people are "bad". ;)

  • I encountered a few of these mp3s a while back.

    My suspicion is that it's with the RIAA, because otherwise the songs in question would be undownloadable from Audiogalaxy's filters. I did recall wondering why Eminem's Without Me was the only non-filtered song that I could get, then tossing it away in disgust when I listened to the repeat.

  • Awesome (Score:3, Insightful)

    by Perianwyr Stormcrow ( 157913 ) on Monday June 10, 2002 @05:08PM (#3675202) Homepage
    I love to see cool, random stuff like this happening on these sorts of networks... this sort of nearly prankish interaction is the proper spirit for the duel between recording companies and P2P services.

    Not only does it not involve lawyers in any way (a deal maker right there) but it also creates a robust meta-game within the service- can you find the real mp3? Can you develop a reliable way to repeat that process?

    As long as no one goes to court or Congress when they start to lose, this is the way things ought to be.
  • by zulux ( 112259 ) on Monday June 10, 2002 @05:23PM (#3675287) Homepage Journal
    I've been spoofing a real Slashdot poster for the last two years - as long as the checks come in, I recommend Windows XP - with .NET technology!

  • I tried to download Star Wars: Episode 2 in the days before its release and ended up with a trailer for J-Lo's Enough, looped over and over for the appropriate amount of time to make it the same file size as the real Episode 2 avi. At the time, I had assumed that some evil individual was just f-ing with people, but maybe it was a marketing ploy?
  • If you look at the P2P networks as they currently stand, they are quite raw and chaotic. Somewhat like the concept behind open source development, the same openness that allows the lables to exploit a weakness in P2P is forcing the developers of these networks to identify and fix the weakness.

    People are making joking comments about putting in a slashdot like moderation system or CRC checks on the files, but both of those are good options. A CRC check on the file to determine exact duplicates will prevent anyone from downloading the same spoofed file twice (imagine you check an option that marks the file as 'bad' and all the files of the same size and CRC are removed from your view). A moderation system would work even better, but in that lay a whole new realm of problems (how do you prevent spoofed moderation?).

    Still, I think from this sort of thing will emerge a solution and the next generation of P2P networking. Well, I hope.
  • Great! Now I have to go home and find out if the repetitive drivel I downloaded was really Britney Spears' music or if it was something planted there by the record companies...
  • Could it be, as Salon suggests, a suburban mom, who does not agree with controversial lyrics, or would it be the label, trying to prevent piracy and promote the new album at the same time?

    If a suburban mom is more clueful than the record execs, then game over, man.

  • I just burned a copy of this for a friend (finally got off my ass) so that's why I remembered this

    A few years ago, Public Enemy came up with a remix album, Bring The Noise 2000. 27 tracks, moslty remixes, but a couple new ones to keep it interesting. They wanted to release it, their record label Def Jam, said no. OK, we've got these tracks, and we want folks to hear em. So they converted to MP3 and released them on the net. I was lucky enough to get them all, not a bad album.

    Once Def Jam found out, they told PE to stop. Basically, their contract says Def Jam has the rights to all their songs. Kind of weird, yeah, they technically own (in an IP sense) the tracks, but they don't want to do anything with them. PE didn't deprive them of revenue, because they didn't want to sell them. This rift cemented PE dropping the label and they released a single called Swindler's Lust, which contained the chorus If you don't own the masters/the Masters own you. They went to AtomicPop, and released one album There's A Poison Going On with the previously released as MP3 Swindler's Lust track before Atomic Pop kinda imploded. The album was for $8 dowloaded, $10 for a physical one with Chuck D's autograph (which I bought). I later saw the album for $17.99 at Virgin Megastore.

    OK, so whats the point?
    1) record labels are kind of slimey. They sign you, give you a huge advance against your sales, and that locks you in. Odd that they talk about "artists rights" in P2P talks when they generally squash artists rights themselves. See: Prince and that whole T.A.F.K.A.P. crap, that was due to a fight with Warner about him using his born name.

    2) the entire industry is ripping us off on CDs. I get an autographed copy sent to my house for $10, meanwhile I have to spend $14-$18 for anything at a store. CD's are cheap as hell to burn, no moving parts. A cassette needs oxide layers on plastic, glued to two leaders, on a two part spool, with a case, fasteners, and the little sponge thingy to ensure contact with the read head. But CDs are still $3-4 more? Hows this happen, how does every label still charge $18? No one got the bright idea that their costs have dropped in the last 10 years so lets see if we can cut the price some?

    3) Related to #2, CDs cost too much. Labels worry about dropping sales, make the cost reachable to folks. $10 is a good price point, and if a small label thinks that's profitable (maybe not Atomic Pop did go under, but it may be to other factors) a multi-national conglomerate can make money at that point. I have 200 CDs or so, just bought some last week, but they cost too much.

    I'm not justifying piracy, you play by the rules. It's just in this case, the decks stacked a lot to the house, and I'm not too surprised there are folks who cheat also.
  • Given these precedents for spoofing and the extraordinary measures record labels undertake to prevent music piracy, it's easy to wonder why spoofing, or even more invasive tactics, aren't used more. - Salon Article

    Because geeks aren't just expensive to retain; we're also difficult to hire for "invasive tactics".

    To your average geek, "Hacker for the RIAA" ranks even lower than the sysadmin at Monsterhut. We may have achieved a veneer of profesionalism and a healthy contempt for the juvenile antics of "black hats," but deep within the subconscious of every SAGE-certified, ethics conscious techie echoes the annoying, high pitched laughter of their l33t f03; tormeting his dreams with fevered promises of glory from electronic vandalism.

    On the other hand, doing dishonest work for the man appeals to no such rebellious inclinations.

    The RIAA would LOVE to deploy fleets of sophisticated viruses, send out worms to delete their files, and so on. The only reason they don't is because they can't hire enough talent to actually do it. The number of people the RIAA could convince to do this for them pales in comparison to the number of teenagers who will do it out of sheer unfocused malice. The RIAA's efforts to destroy filesharing barely register as a blip against the backdrop of random pranksterism.

    The upshot - your scruples makes a difference! Don't go work for the RIAA; hold out for a job with dignity. It does make a difference.

    On the other hand, judge not lest you yourself be judged. Before you heap too much condecension on the 13 year old bragging on the IRC channel where you're trying to talk about anime, go dig up some of your old posts from when you were that age [google.com].
  • i think that truly spoofing P2P network protocols would be much funnier. being that the gnutella protocol is open, it wouldn't be too hard to put together a gnutella client that gave out bogus file information (saying it has files that it really doesn't) and responding to file requests by putting together mp3s that are just a repeating "don't steal music" message for the length of the track.

    THEN, you could make your collect song name information (so that it'd have a nice big list of songs to fake, to trap more people) by running searches on some number of requests come through the network.

    you could probably fake CRC's too, by having your client just report whatever the other clients are reporting.

    hell, if you were the RIAA, you could offer free music in return for people running this spoofing client on their computers based on how much bandwidth you've contributed. i think that people would trade idle computer time for free legit music downloads.

    i'm not saying that i'm against p2p networks, or even piracy for that matter. i just think it'd be interesting to see somebody go this far.

  • Maybe they run clients with files like this to collect ip addresses and usernames of people downloading in preperation for a big lawsuit or public flogging?

  • Hmmm... (Score:2, Insightful)

    by MrLizard ( 95131 )
    If a jeweler leaves out fake jewels, and a thief takes them, does the thief have the right to be upset?

    It only suprises me it took them this long to figure it out. Massive media companies have massive money, which means massive hardware and bandwidth. They can flood the networks with garbage at an incredible rate. Hell, they could just ask their employees to allow the company to use their (the employees) home machines as ersatz servers, meaning, the fake files would come from tens of thousands of sources. Give everyone who signs up for this 'Share the Trash' program a shot at a free dinner or an extra day off, and most of the workers will be happy to go for it. Don't even bother trying to keep it secret -- making people believe there's nothing valuable on the P2P networks will be part of the strategy.
  • Misleading (Score:2, Interesting)

    by inerte ( 452992 )
    Doesn't work:

    Reason 1) Most p2p clients return the most popular files, so if someone downloads a fake, they will delete. Unless RIAA or whetever is running a p2p farm.

    Reason 2) Someone said something about CRC. A lot of clients do what is called we usually call hashing, with SHA1, Tiger (even bitprint), etc... But it's widely used to compare versions of the same file, regardless of the title. No Gnutella client currently supports search by hash, but Edonkey does (also urls like edonkey://HASHNUMBER)

    Anyway, fakes are usually useless. And all they do is incite the user to go to sites like ShareReactor [sharereactor.com] and read the new and the forums. So the user begins to meet with other people, form a community, learn more and more how to do p2p the right way.

    Oh, btw, Morpheus 1.9 will be out soon. Probaly a crap release like the first Preview Edition, which is a Gnucleus [gnucleus.com] clone.

    Also, search by hash and download of segments (unfinished parts of a file from other computers) are expected soon to be deployed on Gnutella. I just hope the damn GDF decides this fast, since it's really the next step that should be taken (IMHO).
  • by Istealmymusic ( 573079 ) on Monday June 10, 2002 @06:51PM (#3675776) Homepage Journal
    I realize most of the MP3 kiddies use mediocre peer-to-peer networks like FastTrack; this kind of "spoofing" is made possible by the lack of name brands on such P2P programs. Name branding is just as important in the realm of content trading of movies and music as it is in corporate America.

    FastTrack (Grokster, Kazaa, iMesh) relies on trusting it's users to provide authentic content. Anyone can share anything they want, mislabelled as they wish. Multi-sourcing exists on FastTrack, but only with up to around 10 users at most due to it's centralized structure.

    Audiogalaxy, on the other hand, is centralized and can multisource from thousands of users, and group them together based on sharing of identical files (determined by a modified MD5 hash). Britney Sphere's latest single I'm A Slave For You [audiogalaxy.com], 128kbps, 3:36 is currently shared by 2627 users. That's way more than you'll get on any FastTrack or WinMX network. And since Audiogalaxy downloads the most popular version, it is very difficult to inject bogus crap -- in fact, you'll need to have more users sharing the fake files than legit. As a whole, users often remove fake files leaving the legit shining brightly through.

    Regardless, it's all irrelevant once one enters the real MP3 scene on IRC and FTPs. Not just anyone can share files on most channels, only approved xdcc bots [iroffer.org] can. In addition, they only share specific "releases". Groups base their reputation solely on the quality of their releases. New groups on the scene often put out re-encodes and other junk which is nuked on a global scale. No site worth it's salt carries it. Well-established teams, on the other hand, are respected and sites carry their content, where sites are either +m IRC channels or ratioed FTP sites.

    In conclusion, there is no need for peer-to-peer. Multisource downloads are a fad. We have enough bandwidth already. The protocols to distribute and disseminate content has been here for years: FTP and IRC. And they both work better and resist spoofing more effectively than whatever new protocol an inspirating programmer puts out this decade.

  • by jabber ( 13196 ) on Monday June 10, 2002 @07:30PM (#3676073) Homepage
    Just think, the cost incurred by the RIAA in hosting all that crap music. The number of systems needed to saturate the P2P systems, the storage of the files, the bandwidth needed to make their nodes get hit more often than ones with 'valid' content, the cost of making the files, the administration of the project..

    All of that costs money. And what does that result in?

    RIAA: "Due to the cost of combating digital piracy, profits are down again, Mr. Senator. Frankly, we'd rather that money went to a more worthy cause. *wink* *wink* Won't you help us out?"
  • by Joel Ironstone ( 161342 ) on Monday June 10, 2002 @08:12PM (#3676323)
    If they were really smart they would generate files with the same name and of exactly the same size as those on the network. Then, as a result of the kazaa multiple download system peopel woudl end up with pieces of garbage interspersed with their movie. The next person who downloads ends up with garbage in different places and so on... the whole system is screwed. How easy would it be to make a piece of software to look for titles, generate random bit streams with those titles and then post them on the p2p network?

A bug in the code is worth two in the documentation.