Court Docs Reveal Kazaa Logging User Downloads

Dan Warne writes "The most explosive documents in the ongoing Kazaa court case have emerged today, including logs of discussions between parent company Sharman and the Estonian developer of the Kazaa Media Desktop. They include extraordinary admissions like: "Reporting will make Kazaa look like spyware, as soon as it becomes evident we record downloads and playbacks, users will flee to competitive networks" and then "One can argue that we have knowledge of copyrighted material being downloaded in our network and have to install filters. If we are reporting [gold] files, then technically we could do the same for every file." Finally, "RIAA [could] collect the IP addresses for everyone who has searched for or downloaded that file." Despite the Kazaa developer's concerns over these issues, Kazaa went ahead with the logging." (More below.)

Warne continues "APC Magazine journalist Garth Montgomery, who has covered every day of the trial in the Australian Federal Court, says: "In a nutshell, this has got to rate as the most explosive document revealed. It makes it damn near impossible to maintain the separation theory that Sharman and Altnet rely on in terms of business independence and technical infrastructure. The control they exercise over the system is complete." Montgomery has also scanned in all the documents and made them available in PDF format, including the confidential Kazaa purchase contract and technical specifications for the Kazaa Media Desktop."

WOW

[castlec (546341)]

It looks like bye-bye kazaa. It will soon join Napster (The real one, not roxio).

use earth station 5

[leuk_he (194174)]

They use encryption and promise you will be anonymous. "ES5 hides your IP address while you are uploading and downloading files"

pS, ;)

IPX time baby!

[nadadogg (652178)]

Hey, sweet, if no one can see my IP address, that means I can't communicate with them via tcp/ip, which means a return to IPX/SPX, just like playing starcraft on a lan pre-TCP patch. Hells yeah!

Re:WOW

[badasscat (563442)]

It looks like bye-bye kazaa.

And really, good riddance. If they're logging all their users' downloads, installing all kinds of adware, spyware, and other crapware on your systems (which they also admitted in court documents), and just generally acting not only as a bad corporate citizen but also an evil software developer in terms of their own users' interests, then this is most definitely not a company we need in existence in the world.

Whether you're for or against P2P in general (I'm for it), the world will be better off with Kazaa completely out of the picture.

Re:WOW

[Deathlizard (115856)]

If these prove to be legit, and Kazaa has to cough up logs, then the fun is over.

Frankly, Good for them. I never trusted Kazaa one second. There was something about it that I didn't like but could never really pinpoint on what it was outside of spyware infestation. Personally I was a ED2K fan until leeching made the devs put Anti-leeching programming into ED2K. Now all the ED2K clients are so stingy it takes days to get a file started.

I wonder how far back the logs go. With data like that the RIAA/MPAA could have a field day suing users.

Re:WOW

[G-Licious! (822746)]

I wonder how far back the logs go. With data like that the RIAA/MPAA could have a field day suing users.

I wonder how often they'll sue 127.0.0.1.

Re:WOW

[chrish (4714)]

I hope they go after that peer bastard who's always resetting my IRC connections.

Once again...

[laughingcoyote (762272)]

...I am reminded of why I use a reputable, private bittorrent server and alternative (read: under-the-radar) means of P2P. Hasn't this been suspected about Kazaa for quite some time?

Re:Once again...

[laughingcoyote (762272)]

Piratebay is hardly private, although I think your response is a bit of a troll-if they were doing that, they'd hardly have any users left, not to mention they'd be on PG's blacklist by now.

Evidence of what you're claiming aside, though, I've never used piratebay, although I have had a look at their legal correspondence. The site I use has, to my knowledge, not had its url posted here, and I'm not going to change that today.

A good private tracker, registration and ratio required, is a good degree of protection. I've never gotten -one- hit against my protowall while using those torrents.

Re:Once again...

[cpt kangarooski (3773)]

Entrapment is far more limited than people normally think. Basically it's where you're enticed to do something you would otherwise not have done, as opposed to merely being given an opportunity to do something you would've done elsewhere anyway.

The first example that springs to mind is the Space Madness episode of Ren and Stimpy. Stimpy would normally never press the History Eraser Button, but when he's not only deliberately put in proximity to it, and the narrator keeps pushing his face in it, that's basically how much effort is needed for something to be entrapment.

Just being undercover -- that's not entrapment.

You could probably google for a discussion of the issue with some good case cites or something.

Re:Once again...

[taxevader (612422)]

Your post should be mentioned whenever there is debate on the meaning of 'jumping to conclusions'. It defines it perfectly.

Where did he post anything about stealing peoples property? You're as bad as the xxIA.. p2p is evil, its STEALING, which even in the case of piracy (of which the parents post in NOT talking about) is not stealing.. its copyright infringement.

p2p can be used for many legitimate purposes.

Re:Once again...

[bonch (38532)]

You're as bad as the xxIA.

People demonize the RIAA in order to remove the guilt they feel and paint someone else as the bad guy doing wrong in order to justify their actions.

p2p can be used for many legitimate purposes.

But 99% of the time, it's not.

Why would someone on a P2P network worry about downloads being logged by the servers if they weren't trading anything illegal? Come on, we're not stupid. I wouldn't give a crap if some Kazaa server recorded that I shared Slackware 10.1. Did you know--gasp--Slashdot is logging your actions on its site right now? Horrors!

Re:Once again...

[isorox (205688)]

If you trade pirated media on the service, then neither you nor it are "reputable"

What? Like Gold Dubloons and Pieces of Eight?

Re:Once again...

[NardofDoom (821951)]

Excuse me, but I pay my own electric bill, those electrons are fully owned by me.

Re:Once again...

[fyngyrz (762201)]

Actually, electrons transit very slowly down a wire, and as AC service is generally 50 or 60 hz, and there is generally considerable distance between where your wiring begins and your electrical power demands begin, I'm afraid we're all using the electrons already present in the wiring -- not those "sent" by a power company. At least if we own our homes, we own our electrons, too. I know I paid for all my wiring. :-)

Think of electrons in a wire as a pipe full of ping-pong balls glued to each other. The electric company is just pushing and pulling on ping pong balls they have, so that the ping pong balls you have will move.

Re:Oh, Lordy, here we go again

[russotto (537200)]

While a common technique, "argument by comparing your opponent to a child" really isn't particularly rigorous.

And complaining about those who object to calling infringment "stealing" twisting words is getting it entirely backwards. It's those who call infringement "stealing" who are trying to sidestep the entire question about what, if anything, is being done wrong.

If you want to say that copyright infringment is immoral behavior, you have to make that argument. Not declare the case closed by calling it "stealing" and ridiculing anyone who objects to the metaphor.

Re:Oh, Lordy, here we go again

[bonch (38532)]

If you want to say that copyright infringment is immoral behavior, you have to make that argument. Not declare the case closed by calling it "stealing" and ridiculing anyone who objects to the metaphor.

Nobody defines it becuause it's brain-dead obvious. The fact you've clouded your own mindset to the point you feel it's not obvious is telling. For instance, taking Doom 3 without paying for it is immoral. A lot of people spent years working on that game to make a living, and you're taking it while not paying for it--that makes it immoral.

It's brain-dead obvious.

These are basic concepts of right and wrong taught when we're three years old. This moral relativism, pro-piracy spiel I sometimes see on Slashdot where "I'm so used to the convenience of downloading that I've justified it in my mind so that I'm not doing anything wrong" is pretty childish. Funny how this attitude disappears when Slashdot posts articles about companies using GPL source code. Not only is it referred to as "stolen" code, but the companies are dumped on for violating the GPL copyright! By your reasoning, why should anybody follow the GPL? What's wrong with breaking it?

This generation of computer users seems to be all about "Gimme that, it's mine! Gimme that, it's mine!" The sense of entitlement is amusing and creates these sorts of hypocritical situations.

Re:Oh, Lordy, here we go again

[Yartrebo (690383)]

You haven't countered the parent's argument. You just ignored the parent and gave the same argument again.

You're not saying why it's obvious (apparently it isn't obvious enough for the parent, or for me, or for most people for that matter). You're even using the language you're trying to defend in your argument, which is classical circular reasoning.

Also, you're attacking the person, not the argument, by calling him childish and stuffing words into his mouth.

As far as a counter-argument goes, you haven't even produced an cohesive argument, so why bother.

Re:Once again...

[by Anonymous Coward]

Why the hell is this marked informative?

Your ability to setup a bunch of different programs and scripts has NOTHING to do with privacy.

Privacy is all about trust and knowledge of the people you're talking to. Nothing to do with removing logs and setting up eggdrops.

It's SO OBVIOUS that this site is moderated by young children now, you can see them reading the parent and thinking "Oh yea, I can do that, I totally agree"
He's trolling about rooting a server then handing out logins to his l33t mates.

You probably can't mod this post down any lower, but please think about modding the parent down. Or if you choose not to do that, please post here why it's informative.

Woah

[Jim_Callahan (831353)]

You mean that when I use an electronic network to transfer information, that information travels in orderly patterns that can be tracked? What happenned to the magical fairy of the internet that made all things miraculously anonymous?(/sarcasm)

Re:Woah

[flosofl (626809)]

No, the Internet was supposed to survive the outages of nuclear warfare, not guarantee complete anonymity. Complete anonymity will be used for theft, guaranteed.

Bzzzt! Wrong! This is one of the biggest Urban Myths out there right now. It seems I see this every copld months or so.

The internet began as a RFP in ARPA(long before ARPA became DARPA). It was started as way to:

1 - eliminate the need for 4 different terminal types on one desk.(that was how the idea germinated)

2 - Facilitate the sharing of information beteween gov't contractors and researchers who had ARPA grants.

3 - A way to timeshare systems for researchers who would not oridinarily have access to such systems.

It was US centric at the beginning and ARPA and ARPA's subcontractors/researchers only.

ARPA net was not designed for fault tolerence of command/control during a nuclear war. That was the impetus behind Paul Baran's development of the idea of packet-switching networks (that wasn't his name - the term "packet" came from Davies who sorta developed the same idea concurrently). He could never drum up support for the idea with ATT (really the only entity that could impliment it at the time). They said it was stupid idea. ARPA later grabbed the idea of packet switched networks and used it because it lent a robustness to otherwise unreliable lines of communications and the IMPs that terminated each line. The fact of the fault tolerence in terms of catastrophic destruction due to war is simply a coincidental side effect when you take into account the reasons the ARPA project was using packet switched networks.

Sorry. Got on my high-horse there. I just can't stand when people say that ARPAnet was designed in a distributed manner to survive a nuclear war. Not true. It was the basis of Paul Baran's conceptual model of a packet switching distributed network.

I could care less

[Dancin_Santa (265275)]

Kazaa has always been the seamy underbelly of the internet. While Napster at least had a little swagger as the slick pirate software, Kazaa has been plagued from the start with spyware and other malware.

Good riddance.

Re:I could care less

[wheany (460585)]

Okay, does that mean that I really should get over it or that I should not get over it? This new English is confusing...

Re:I could care less

[Hogwash McFly (678207)]

No no, this isn't language evolving, it's just stupidity. What next, people don't feel like articulating apostrophes? People don't feel like distinguishing between they're/there/their (although an alarming number don't already)?

Any time I see someone utter or write the incorrect version of the phrase I picture the kind of person who says the latest catchphrase or buzzword without a clue to its origin and/or meaning.

Call me a snob, but I'm proud of our beautiful language (yet still more forgiving of American English than a lot of my fellow Brits).

open source

[jeif1k (809151)]

I think stuff like that shows you why closed source software can't be trusted. I bet bigger companies do similar sorts of things as well, as part of their "software updates" and all the other network traffic they generate.

Re:open source

[Moskie (620227)]

How does Kazaa being closed source make a difference here? Kazaa was tracking requests/downloads server-side... which means, I would think, that there isn't neccessarily any logging going on in the client.

It could have been completely open source, and Kazaa could still keep track off all the requests that your client made.

They are...

[pmc (40532)]

... so dead.

And stupid. They knew that they were walking a very narrow path with respect to legality. They had to be like Caesar's Wife - not only pure but seen to be pure. But instead they took their behaviour well over the line into things that they knew were illegal. And then recorded the fact that they were doing it.

Breathtaking.

They're just clueless

[Moraelin (679338)]

Well, the recording part is the part that's really sad. It's such massive lack of clue, it's... well, come to think of it, probably standard for management.

And wth is with all these companies and collecting data about their users? Everyone must track you, profile you, and make you go through an intrusive registration just to (for example) download a patch to a product you've bought.

Now I _know_ that you're not really anonymous on the Internet, they can collect a ton of data about you, bla, bla, bla, Sure, they _can_. But do they even have a _legitimate_ use for that data? I.e., one that doesn't boil down to "we can sell the list to spammers later."

Most of the collected data nowadays (and again I don't only mean Kazaa) is plain useless for anything even resembling an aggregate statistic.

E.g., in Kazaa's case can they even do an automated aggregate statistic over the filenames? How? There must be hundreds of different ways to write the same filename, so good luck telling whether more people download Britney Spears or Eminem. Or which genre do people download more. And even if (ad absurdum) they could get an aggregate statistic, what would they do with that data?

E.g., in the case of some companies' intrusive registration forms and out-of-hand data collection, wth are they gonna do with such pieces of trivia as my house number or telephone number? _How_ does one use that in an agregate statistic?

I mean, "How many people bought our product in Europe vs USA?" is a statistic. "How many people with an even house number bought our product?" is at most useless trivia. There is _no_ useful information in there.

Dunno, reminds me of dogs chasing a car. They have no idea what they'd do with it if they caught one, but they just must do it anyway.

Sad.

Re:They're just clueless

[hrieke (126185)]

Just to point out that in the business world, there are no completely useless stats. I keep a DB at work called LDLS - Lies, Damn Lies, and Statistics - which is used by every program that I write to track down all the little odds and ends that management wants to track. (They told me to create a metrics DB, I selected the name.)

On spelling, you can use a soundex function to reduce all to simular sounding groupings.

Collection of personal information like house number or telephone number- these can be mapped back to a phycial real-world location and then shown with other statitical information.

Try this out- to go Google and enter in your home phone number ( (xxx)-xxx-xxxx format ) and watch Google return your home address, and then be able to map near by businesses.

And since you can break things down by areas, and know what is being viewed / downloaded where, that information has value to others trying to sell stuff to you- Sherman networks knows that you liked SNL with Ashly Simpson- so in theory they could sell your name / address to companies that sell SNL videos and to record companies that produce crappy singers. Plus I'm sure Ms. Simpson would love to know that she's even more famous for just being famous.

Go read up on data mining sometime.

Re:They're just clueless

[YrWrstNtmr (564987)]

Try this out- to go Google and enter in your home phone number ( (xxx)-xxx-xxxx format ) and watch Google return your home address, and then be able to map near by businesses.

You can remove [googleguide.com] your phone number from that feature.

"If you wish to remove your listing from Google's PhoneBook, complete the name removal form, which you can find at Name Removal [google.com] or by searching for [ remove phone number Google ].

Wow

[gowen (141411)]

These people are stupid. Not only do they discuss matters as whether they're arguably criminal conspirators / facilitators -- but they do so in on the record documents, as opposed to quiet chats in the cafeteria.

That's Richard-Nixon-tastic.

So...

[calyptos (752073)]

So does this mean that they can get the logs and go after people who have illegal downloaded media?

Probably. Got your ticket to Brazil ?

[anti-NAT (709310)]

Other contries to consider are Mexico and Argentina.

Re:So...

[TapeCutter (624760)]

Don't know officer, I have no idea what is on my HDD, full of junk, a million and one kids use the PC, Brittney who? ...hey stop unplugging my machines, evidence what fucking evidence, no I'm not cussing at YOU, hey lettme go, owww that hurts man, resisting arrest..."watch you head sir"...what the Fu****POW***zzzzz.

Just one more excuse to bash the door down.

Disclaimer: Cops are generally good people, in fact I have relatives who are cops.

glad i never used kazaa

[dj42 (765300)]

Creepy stuff. Not that the logs are all the useful -- considering just how many people and IPs will be in them. That's like getting a list of 5 million people... you can't send them all to jail and/or fine them. Or... can they?

They had it coming

[Pan T. Hose (707794)]

I was assisting in installing KazaA once. It was like: "What do you think," the librarian asked me. "According to this EULA they could log our downloads," I said. "So? Is it good or is it bad?" (She's so cute!) "Bad. I do not authorise it. Remove it, add to the black list, never bother me again." Now, if anyone is screaming bloody murder because a program does something that was explained explicite or implicite during the installation, one is not the brightest individual under the Sun if you ask me.

Management ignored the developers?

[vought (160908)]

Despite the Kazaa developer's concerns over these issues, Kazaa went ahead with the logging.

News Flash!

Management may at times ignore developer concerns, although developers can have insight into the customer base not obvious to management.

It's been that way at every company I've worked at...and usually ended up in tears.

Tears for customer support, that is.

Film at 11.

Who installed Kazza Media Desktop???

[NoSuchGuy (308510)]

Seriously only internet newbies, grandmas & grandpas installed the Kazza Media Desktop. All other installed Kazza Lite (No Adware!) or eDonkey.

Later all eDonkey [edonkey2000.com] users switched to Overnet [overnet.com] and later on to eMule [emule-project.net] and BitTorrent [bitconjurer.org]

An open source P2P application is more safe in use than a closed source application because clever people can read and understand the code.

Oh I forgot:
1) Idea
2-6) see above
7) ???
8) No Profit
9) Sued by RIAA/MPAA...

Re:Who installed Kazza Media Desktop???

[andyr (78903)]

only internet newbies, grandmas & grandpas installed the Kazza Media Desktop. All other installed Kazza Lite

The server still tracks your downloads.

Just KMD?

[lachlan76 (770870)]

Is it just KaZaa Media Desktop that is affected by this, or is it done on the server end, thereby logging downloads by ALL clients, such as giFT-Fastrack?

The revolution will not be webcast

[flopsy mopsalon (635863)]

What strikes me as remarkable is that anyone thinks so-called "lawsuits" of this nature will in any way stem the Niagra-like flow of files being shared on computer networks.

As with the United States' ill-fated experiment with "Prohibition" back in the 1930s or whenever it was, attempts to pressure a legitimate society-wide demand with artifical "legal" constraints simple result in a Newtonian counterforce of equal strength

Mark these words it is only a matter of time before the RIAA and company unleash one legal sully too many and the citizenry responds with clandestine acts of violence and possibly even people and/or animals.

It is clear that the individuals behind Kazaa are just a bunch of crooks trying to get rich of bootlegged goods, but so were the rum-runners of yore, and in the end, after much bloodshed and suffering , it was seen that rum could indeed be run legally with out the "sky", as it were, "falling". Let us hope those in power today come to a similar realization soon.

Re:The revolution will not be webcast

[phaze3000 (204500)]

What strikes me as remarkable is that anyone thinks so-called "wars on drugs" of this nature will in any way stem the Niagra-like flow of narcotics.

As with the United States' ill-fated experiment with "Prohibition" back in the 1930s or whenever it was, attempts to pressure a legitimate society-wide demand with artifical "legal" constraints simple result in a Newtonian counterforce of equal strength.

History has shown us that the government and their backers are quite prepared to fight battles they have no hope of winning.

logged IP addresses

[mincognito (839071)]

If you read the article carefully, unlike the submitter, you will find that gold files (and all searches?) were logged while 'illegal' downloads *could* have been logged. But the article is very vague. Where are those scanned documents??

Glad...

[BrookHarty (9119)]

Glad I only use Kazaa for porn!

Thats my story and I'm sticking with it. (That was a bad pun...)

Out of Context

[N8F8 (4562)]

Folks, lelieve it when you see it. Make sure to read the caveat at the bottom of the page: Folks, take these ramblings as the virtually unedited observations from each day of the Kazaa trial. At best, it's anti journalism. The other side is going to misconsture everything in their favor and present it that way to be as damaging as possible.

Can Skype be trusted?

[matthew.thompson (44814)]

IF this sort of action was taken at KaZaa what decisions of a similar nature are being taken at Skype?

I know that I use it for personal calls with no inherrent value but there are compaanies who are starting to use it to cut inter-office and employee communications bills - they could very easily be concerned about this.

Stop the Bullshit Now

[by Anonymous Coward]

I've had enough of /. lately, whats with the unchecked facts? I know it's claimed that its up to the users in comments to identify this, but when the site constantly posts such trashy and unsubstantiated nonsenese it's hard to keep the faith.

For example, they're not actually logging file downloads, nor what you do. All they acknowledged is that they do this for Altnet, which you must have figured out (How can you buy a file from Altnet without the owner knowing about it?), and that they could potentially do this for Kazaa if they were so inclined and able:-

"Pritt: Posting stats to to 3rd party servers...."

it starts. But then, the fact of the matter follows:-

"Of course we won't know about downloads and playbacks of non-signed content, but it doesn't make a difference because:-

1) It's hard to communicate this to lawyers and users.
2) If we are reporting signed files [Ed: Altnet] then technically we can do the same for any file."

See for yourself, http://www.apcmag.com/apc/v3.nsf/0/2F22997D6933B15 ECA256FA1000FB45F/$FILE/TopSearch%20specifications .pdf

Bottom of page 4.

In other words, they only logged what they said they would in the user agreement, but they didn't broadcast it because people who don't check their fucking facts will post it on large public forums for debate, and immediately leap to all the wrong conclusions.

It's not the dynamite people think it is. All it shows is that they can log, it means that the next few moves are foretold:-

1) The argument will be made that they can log, and therefore are complicity.

2) The counter-argument will be that logging on
such a scale is an invasion of privacy, illegal and out of the scope of the user agreement.

3) The argument will be made that the agreed upon logs with the users can be used as evidence against P2P users. It's not a serious logistical blow, but will be the *real* credibility damage Kazaa will face.

The endgame is either a Kazaa concession to log all activity, another sale to a different country or just a block on un-authorized files through a deliberately dis-incentivised weak version of Kazaa noone will want, and the winding down of the network will play to the Napster tune.

The dangers of decentralized business?

[defile (1059)]

As I remember reading, Kazaa was such a hard legal target to bring down because of how decentralized the business is. Servers in one jurisdiction, employees in another, the company registered in a third, bank accounts in another, and onwards, etc.

While it offers an extraordinarily complex legal knot to untangle for anyone trying to bring a suit against them, once they do land in court, the company's internal workings will all be well documented because everyone communicates through email or IM. Oops.

subject goes here

[Heem (448667)]

Bottom line, if you want to download stuff illegaly, do it carefully and non-mainstream. One of these days there will be a sensable way to purchase music that you can burn to cd or otherwise do what you like for a fair price. Until that day comes, don't be a moron about it.

Well, don't be a moron then either.

Re:P2P=Stealing? It's going the other way now.

['Tractor' Barry (788340)]

And the real reason the *AA are trying to get P2P banned is not because they're losing revenue (they're not, their profits are up) but because P2P threatens their distribution monopoly.

If P2P really kicks off then they're not going to be able to "push" their latest crap at people any more. Using P2P transfers everything to a "pull" model and, who knows, people may actually start looking for new interesting stuff on their own. Before too long independent artists/small time players will get equal access to "ear space".

And once their distribution monopoly is cracked they'll go the way of the dinosaurs. They know this, we know this. That's why they're after P2P.

"Illegal" downloads are the best free advertising the music "industry" ever had (just look at the relationship between CD sales and downloads from Napster and Audiogalaxy)

Their problem is that they just can't sell the same amount of crappy advertising or rig the playlists any more. Their payola funds will come to nothing and the "indutry" parasites will have to work for a living.

That's why they're crying.