<   Prior Home         Share Blog Bloke     Share Blog Bloke Tips       Share to Twitter       Share to Facebook       Share to Twitter       Share to Google Plus       Share to LinkedIn       Pin this       Get Updates            
        Next   >  

RIAA: -

The New Super Spy

(here is an article from SpywareGuide.com)

We have talked a lot about spyware, malware and adware programs that are being installed by some file sharing applications. There exist some obvious drawbacks for users as many services install BHO’s, or throw-up pop-up ads in order to monetize the file sharing service. After all nothing in life is every truly free and there is usually a price that has to be paid by someone, somewhere down the line. Now the price is starting to get steep for some users as the Recording Industry Association of America has went on a rampage of lawsuits against individual’s who are sharing copyrighted files via P2P networks.

Who or what is RIAA?
The Recording Industry Association of America (RIAA) is the trade group that represents the U.S. recording industry. According to their website their mission is “to foster a business and legal climate that supports and promotes our members’ creative and financial vitality.” Their members are the record companies that comprise the most make up most of the music industry. To give you an idea about the RIAA’s reach their members create, manufacture and/or distribute approximately 90% of all legitimate sound recordings produced and sold in the United States. In short the RIAA is a corporate behemoth.
So what is the scoop?

If you or someone in your household has used Kazaa, Grokster or any other file-swapping software application recently and you have left your computer open to the internet then you do run, albeit a somewhat remote, legal risk. The RIAA continues their mission to single out users for lawsuits on the grounds of infringement.

Here’s a quick look at how the RIAA conducts their digital spying missions. Savvy spyware enthusiasts will note how some of the methodology mimics the same techniques used by anti-spy authors in matching digital footprints against target lists.

Shared Folders- The world’s gateway to your PC.

If you have a shared folder on Kazaa, Morpheus, Grokster or using any other service your file sharing activity can be monitored by the outside world- this includes the RIAA. The RIAA now uses automated tools that search for files and compare it to their “hit list”. When it finds a person sharing a file on this list, it downloads all or some of the files to verify the content. Once verified they take screenshots of the information on the person’s shared folder. Naturally this evidence, with date and timestamps, is what will surface in court.

Next they capture the IP address of the person sharing the files. While using proxy servers can complicate this type of investigation the information usually isn’t that hard to get. Remember your IP address can tell people a lot of information about your connection. For example, what city region you are connected from and what ISP you are using. When cross-referenced with ISP records a party can correlate your online activities with the ISP’s records to verify your machine was involved. This is not always a bad thing as this can be very useful to triangulate in on hackers or fraudsters but it certainly makes you wonder about your privacy doesn’t it?

Digital Footprints- They are real.
The RIAA hasn’t stopped with simple IP address gathering and they are now taking cues from the current spyware versus anti-spy battle to refine espionage techniques to trap users. Once they have the file they can check the artist’s name, title, and any metadata information attached to the files, looking for information that may indicate what piece of software has been used to create the file or any messages left behind by the original file ripper. Often your favorite song player can show you this metadata. Interestingly enough this same technique can be used for documents like the one’s created in Microsoft Word to ferret out all kinds of interesting information about who created a document or has read a document or signed off on a document. Remember that even if you can’t see the information documents and files hold many digital clues for those with trained eyes.

The RIAA analyzes, in minute detail, some of the files’ contents to ferret out information to match against their databases of “hashes,. Hashes work like digital fingerprints. These hashes can identify songs that were swapped online as far back as the Napster era. Investigators check these fingerprints against their databases and look for matches. A positive match means the file has more than likely originated from the original Napster file they built.

Once they have collected all the digital fingerprints, IP addresses, and screen shots they head to court to get a subpoena. (The term comes from the Medieval Latin sub poena, which means “under penalty”.) While some ISPs are fighting the subpoenas, most have been forced to comply. The bottom line is to never, ever rely on your ISP for privacy.

So what can you do about it?

If you want to continue safer digital sharing the easiest thing to do is to disable the “sharing” or “uploading” features on your software application that allow other users on the network to get copies of files from your computer or your music directories. For help on how to do this for popular applications check the Duke University list below.

Grokster
http://www.oit.duke.edu/helpdesk/filesharing/grokster.html

Morpheus
http://www.oit.duke.edu/helpdesk/filesharing/morpheus.html

KaZaA
http://www.oit.duke.edu/helpdesk/filesharing/kazaa.html
(Warning: Some versions are reported to contain adware)

Aimster/Madster
Windows http://www.oit.duke.edu/helpdesk/filesharing/aimster.html
Mac OS http://www.oit.duke.edu/helpdesk/filesharing/aimster_mac.html

Mactella
http://www.oit.duke.edu/helpdesk/filesharing/mactella.html

Gnucleus
http://www.oit.duke.edu/helpdesk/filesharing/gnucleus.html

Gnotella
http://www.oit.duke.edu/helpdesk/filesharing/gnotella.html

LimeWire
MacOS http://www.oit.duke.edu/helpdesk/filesharing/limewiremac.html
Windows http://www.oit.duke.edu/helpdesk/filesharing/limewirewin.html

BearShare http://www.oit.duke.edu/helpdesk/filesharing/bearshare.html

iMesh http://www.oit.duke.edu/helpdesk/filesharing/imesh.html

WinMX http://www.oit.duke.edu/helpdesk/filesharing/winmx.html

Also be sure you don’t have filenames of artists that are RIAA members since these are the artists they are targeting. You should check their site (http://www.riaa.com/about/members/) to get an idea just what artists could lead you into hot water. You might also wish to turn off the “supernode” feature that many file sharing applications offer since the RIAA seems to be going after Supernodes on P2P networks. Consult your file sharing software application documentation for details on how to turn off supernode functionality.

Most importantly remember to use caution and common sense. While the chances of being targeted with a lawsuit are remote they do exist. You must evaluate if it is worth taking the risk. The safest choice is to ensure that you are not sharing copyrighted information. Unfortunately punitive damages and legal settlements can easily outweigh the damage that annoying adware can cause.

Written September 24th, 2003 by | Filed under: Miscellaneous Blog Tips

Thanks for Sharing     Share - enable java in your browser Share to Twitter            

Did you enjoy this article? Keep up to date with Blog Bloke Tips the moment it's published by email. Your Privacy is Guaranteed and will not be shared with anyone.


Keep it real with Blog Bloke Thanks for reading the original Blog Bloke. You can read more about me here. Contact me if you have any questions, tip requests or if you would like to be a guest blogger. Keep it real every day and subscribe to the newsfeed, share with friends or follow me.

    Subscribe to the Newsfeed     Share to Twitter     Share to Facebook     Share to Google Plus     Pin this     Share to LinkedIn


RIAA: -

The New Super Spy

(here is an article from SpywareGuide.com)

We have talked a lot about spyware, malware and adware programs that are being installed by some file sharing applications. There exist some obvious drawbacks for users as many services install BHO’s, or throw-up pop-up ads in order to monetize the file sharing service. After all nothing in life is every truly free and there is usually a price that has to be paid by someone, somewhere down the line. Now the price is starting to get steep for some users as the Recording Industry Association of America has went on a rampage of lawsuits against individual’s who are sharing copyrighted files via P2P networks.

Who or what is RIAA?
The Recording Industry Association of America (RIAA) is the trade group that represents the U.S. recording industry. According to their website their mission is “to foster a business and legal climate that supports and promotes our members’ creative and financial vitality.” Their members are the record companies that comprise the most make up most of the music industry. To give you an idea about the RIAA’s reach their members create, manufacture and/or distribute approximately 90% of all legitimate sound recordings produced and sold in the United States. In short the RIAA is a corporate behemoth.
So what is the scoop?

If you or someone in your household has used Kazaa, Grokster or any other file-swapping software application recently and you have left your computer open to the internet then you do run, albeit a somewhat remote, legal risk. The RIAA continues their mission to single out users for lawsuits on the grounds of infringement.

Here’s a quick look at how the RIAA conducts their digital spying missions. Savvy spyware enthusiasts will note how some of the methodology mimics the same techniques used by anti-spy authors in matching digital footprints against target lists.

Shared Folders- The world’s gateway to your PC.

If you have a shared folder on Kazaa, Morpheus, Grokster or using any other service your file sharing activity can be monitored by the outside world- this includes the RIAA. The RIAA now uses automated tools that search for files and compare it to their “hit list”. When it finds a person sharing a file on this list, it downloads all or some of the files to verify the content. Once verified they take screenshots of the information on the person’s shared folder. Naturally this evidence, with date and timestamps, is what will surface in court.

Next they capture the IP address of the person sharing the files. While using proxy servers can complicate this type of investigation the information usually isn’t that hard to get. Remember your IP address can tell people a lot of information about your connection. For example, what city region you are connected from and what ISP you are using. When cross-referenced with ISP records a party can correlate your online activities with the ISP’s records to verify your machine was involved. This is not always a bad thing as this can be very useful to triangulate in on hackers or fraudsters but it certainly makes you wonder about your privacy doesn’t it?

Digital Footprints- They are real.
The RIAA hasn’t stopped with simple IP address gathering and they are now taking cues from the current spyware versus anti-spy battle to refine espionage techniques to trap users. Once they have the file they can check the artist’s name, title, and any metadata information attached to the files, looking for information that may indicate what piece of software has been used to create the file or any messages left behind by the original file ripper. Often your favorite song player can show you this metadata. Interestingly enough this same technique can be used for documents like the one’s created in Microsoft Word to ferret out all kinds of interesting information about who created a document or has read a document or signed off on a document. Remember that even if you can’t see the information documents and files hold many digital clues for those with trained eyes.

The RIAA analyzes, in minute detail, some of the files’ contents to ferret out information to match against their databases of “hashes,. Hashes work like digital fingerprints. These hashes can identify songs that were swapped online as far back as the Napster era. Investigators check these fingerprints against their databases and look for matches. A positive match means the file has more than likely originated from the original Napster file they built.

Once they have collected all the digital fingerprints, IP addresses, and screen shots they head to court to get a subpoena. (The term comes from the Medieval Latin sub poena, which means “under penalty”.) While some ISPs are fighting the subpoenas, most have been forced to comply. The bottom line is to never, ever rely on your ISP for privacy.

So what can you do about it?

If you want to continue safer digital sharing the easiest thing to do is to disable the “sharing” or “uploading” features on your software application that allow other users on the network to get copies of files from your computer or your music directories. For help on how to do this for popular applications check the Duke University list below.

Grokster
http://www.oit.duke.edu/helpdesk/filesharing/grokster.html

Morpheus
http://www.oit.duke.edu/helpdesk/filesharing/morpheus.html

KaZaA
http://www.oit.duke.edu/helpdesk/filesharing/kazaa.html
(Warning: Some versions are reported to contain adware)

Aimster/Madster
Windows http://www.oit.duke.edu/helpdesk/filesharing/aimster.html
Mac OS http://www.oit.duke.edu/helpdesk/filesharing/aimster_mac.html

Mactella
http://www.oit.duke.edu/helpdesk/filesharing/mactella.html

Gnucleus
http://www.oit.duke.edu/helpdesk/filesharing/gnucleus.html

Gnotella
http://www.oit.duke.edu/helpdesk/filesharing/gnotella.html

LimeWire
MacOS http://www.oit.duke.edu/helpdesk/filesharing/limewiremac.html
Windows http://www.oit.duke.edu/helpdesk/filesharing/limewirewin.html

BearShare http://www.oit.duke.edu/helpdesk/filesharing/bearshare.html

iMesh http://www.oit.duke.edu/helpdesk/filesharing/imesh.html

WinMX http://www.oit.duke.edu/helpdesk/filesharing/winmx.html

Also be sure you don’t have filenames of artists that are RIAA members since these are the artists they are targeting. You should check their site (http://www.riaa.com/about/members/) to get an idea just what artists could lead you into hot water. You might also wish to turn off the “supernode” feature that many file sharing applications offer since the RIAA seems to be going after Supernodes on P2P networks. Consult your file sharing software application documentation for details on how to turn off supernode functionality.

Most importantly remember to use caution and common sense. While the chances of being targeted with a lawsuit are remote they do exist. You must evaluate if it is worth taking the risk. The safest choice is to ensure that you are not sharing copyrighted information. Unfortunately punitive damages and legal settlements can easily outweigh the damage that annoying adware can cause.

Written September 24th, 2003 by | Filed under: Miscellaneous Blog Tips

Thanks for Sharing     Share - enable java in your browser Share to Twitter            

Did you enjoy this article? Keep up to date with Blog Bloke Tips the moment it's published by email. Your Privacy is Guaranteed and will not be shared with anyone.


Keep it real with Blog Bloke Thanks for reading the original Blog Bloke. You can read more about me here. Contact me if you have any questions, tip requests or if you would like to be a guest blogger. Keep it real every day and subscribe to the newsfeed, share with friends or follow me.

    Subscribe to the Newsfeed     Share to Twitter     Share to Facebook     Share to Google Plus     Pin this     Share to LinkedIn


Got an opinion? Let's be real and start a conversation:

It's your turn to tell Blog Bloke what you think, ask a question or suggest another blog tip. Don't forget the comments policy and I'm looking forward to reading what you have to say.

Share     Share this article with your friends

Subscribe to Better Blog Tips Newsfeed   SUBSCRIBE to Bloke Bloke's Articles (Newsfeed)

Subscribe to Better Blog Tips Newsfeed   Subscribe to only Comments for this Article | TrackBack URL

You can also use these html tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>