U of Wyoming Fingerprinting All P2P Traffic

mk2mk2 writes "News.com has an article on how they're preparing to shut down P2P sharing of copyrighted content: 'For months, the digital equivalent of a postal censor has been sorting through virtually all file-swapping traffic on the University of Wyoming's network, quietly noting every trade of an Eminem song or "Friends" episode.'" It's scary until one realizes that most P2P traffic isn't encrypted, like back when everyone still used telnet.

Is it scarry ?

[barwil]

I don't think so. Everybody who is using the Net should be aware that he/she can be watched. P2P networks do not encrypt data because the idea behind it is to share. If you want to find out who is sharing files you don't have to monitor the traffic. You can just join the party :) It means that no encryption would help. If you share your copyrighted material you can be watched by the RIAA and their friends. I don't personally think it's dangerous for the p2p users (there are too many of them out there) but it's good to know barwil

Re:Quoth

[chazzf]

From the perspective of college system administrators everywhere, yes. I'm with network support at a small liberal arts college and let me tell you, our connection slowed to a crawl when the students discovered p2p. We don't have enough bandwidth to support that kind of thing, and with the RIAA and MPAA sending out cease-and-desist notices, we really don't have the legal wherewithal either...

KDX

[Large Green Mallard]

KDX is a new file sharing program... it isn't P2P, more of a server analogy like Hotline.

One of it's advantages is that all the traffic is strongly wencrypted. Homepage is at http://www.haxial.com/main.html

Disadvantage being that the people responsible for it wouldn't know a user-interface if it bit them in the ass. It is customisable, but it doesn't match the host OS's GUI.

impossibility

[antiprime]

If monitoring and blocking tools were widely introduced, new software programs could easily develop ways to encrypt or scramble the data in transmission in order to make it unrecognizable by Audible Magic's tools or other databases.

Encryption is just the tip of the iceberg. I can easily compress and encrypt any file, then slap on a header that claims it's a benign .jpg of astronomical images, or pass it through a filter that makes it look like bad poetry, or make it a self-inflating-decrypting executable. You simply cannot write a program that will automatically filter all content, without simply denying all communication.

Re:oh my!

[Anonymous Coward]

Its a joke, but shit like that actually costs MORE money than the stupid music.

People downloading good quality TV shows and movies are probably using orders of magnitude more bandwidth than people downloading many, many more songs.

Re:Quoth

[Politburo]

To provide more empirical data to the other reply, Rutgers University's policy is to allow 2GB over any 7 day period downloading, and 512MB over any 7 day period uploading. This makes it pretty much impossible to serve anything but small files (they but the dorms into private address space last year as well), but allows enough room to get most things done on the internet, legit or illegal. And no, it doesn't matter if you spent your 2GB downloading Linux ISOs. The policy is meant to save bandwidth, not stop piracy.

If you exceed the limit, you cannot access the internet for a week. University resources may still be accessed, which allows for basic internet access through X or port forwarding, etc.

Re:Well, heres the new testbed for freenet.

[mmol_6453]

In the US, it's legal for you to record the conversation, if the person on the other end called you.

And you only own the part of the phone system on your side of the d-mark, which is that little gray box on the outside of your house where the phone company's wires come in.

Not just about copyrights

[GnoMoreGnuPuns]

Generally, the majority of campus internet traffic these days is related to file sharing. Almost every colleges and university in the States has had to employ some method for dealing with this, from governing bandwidth distribution to simply upgrading infrastructure. Curbing the distribution of copyrighted data is not just about folding to the RIAA ... it's a pragmatic solution to a huge problem.

Re:There's always another way...

[Hast]

What happens if, instead of listening to traffic on a single protocol, they just listen to all traffic, regardless of the headers? Which they, being in control of the routers, are perfectly capable of doing.

Actually they probably can't do that. At least not without some pretty extreme hardware.

Typically you get to a point where you have to use RAM buffers to save data and then have multiple network listeners which swap so they can save the data to disk. If you have a large amount of traffic you soon get to a point where you can't store all data.

But sure, it's their network, so they can do what they want. Just as long as they don't mind me using encrypted channels. ;-)

Re:Better solutions!

[Anonymous Coward]

I can say that this is in fact true. Our university has a very nice direct connect hub. We even deliberately limit our bandwidth usage to stop it clogging up the network. So far it looks like our computer guys are turning a blind eye to it, since they have to pay for external traffic and we're helping to cut it down.

Re:Won't work!

[sh!va]

But if P2P usage makes it such that researchers can't get the resources or bandwidth do actually do their work or are significantly impacted

This is the most foolish thing I've heard. There are things called packet shaping algorithms. There is a reason we have diffserv. There is no reason why dorm or other traffic can just be given lower priority than "important" research traffic (which is exactly what is done at my University, btw)

As for the larger question of whether p2p traffic needs encrypting etc, here are some things to consider:
1. The whole idea behind p2p is to tell everyone what you're sharing. So an easier way is to just use the standard kazaa client or a clone to query each user for what they're sharing. Run this in daemon mode and you have a rather up-to-date list of what everyone on campus has / had and at what time.
2. So the only remaining thing is: you're downloading something and you don't want anyone to figure out what you're downloading. In theory, you could use SSL. But it won't do much. If I really wanted to find out what you're downloading, I'd look at your SSL connection, figure out what IP you're hitting, query them over the P2P network to find out list of exported files. I can calculate approximate filesize from the packets that you're receiving and just compare that to get a very good estimate on what you're downloading. Also, by default, files that you download are immediately shared, so I could always just query you and compare filelists.

My point in writing that whole thing was simple: p2p networks are not meant to be private. SSL doesn't give you any protection since anyone would be able to get this simply by querying you over the p2p network.

Re:oh my! (girls)

[phorm]

I'd be more worried when somebody's prof finds of a homemade copy of "Me and my dormroom buddies get it on.mpg" starring one of the students. That or just when the computer admin gets it... not sure who is scarier.

Reasons why this won't work

[shut_up_man]

Oh they're so cheerful and earnest about their technology, I feel like a bit of a cad...

• The net is not a college network. Traffic can pass through millions of different routes, which means they'll need sniffers at millions of different points in the net, in every country, at every ISP, in every town, on every backbone, etc. It's unlikely that everyone in the world would suddenly agree on something, particularly to do with monitoring.
  
  
• For the system to be effective, all these sniffers need to communicate constantly, exchanging user data, song info and fingerprint information. The traffic hit on the wider internet would be severe.
  
  (of course, a way to get around the traffic hit would be to build a smaller, slightly less expensive internet just for the sniffer communications, but the costs for that would be pretty painful)
  
  
• The local storage and processing power of these internet sniffers would have to be several orders of magnitude over their college sniffer. "...it creates a copy of all the traffic flowing past" which at major backbones would be just stupidly, massive, incredibly huge.
  
  (Relating points 2 and 3 will mean the only thing the internet will be capable of anymore will be sniffer communication, but I suspect that would suit these guys)
  
  
• The money cost of putting these huge sniffer machines all over the world would be astronomical. As in, about the cost of the internet so far. No-one is going to pay it, least of all ISPs, users or record companies. Maybe the Queen, but I doubt it.
  
  
• Their library of 3.5 million songs is simply puny when put up against the weird tastes of all the black t-shirt-wearing music freaks in every dark corner of the world. Plus... new songs would have to be uploaded as they are released to every sniffer point, making the net explode once again.
  
  
• Their fingerprinting technology sounds dodgy, just like every other fingerprinting technology ever invented. Does it match 256kbit and 128kbit versions of songs? LAME and Xing? How about VBR? How about mp3s and oggs? How about wmvs? With or without ID3 tags? Not to mention trimmed versions, album versions, live versions, covers, remixes, etc.
  
  
• Modern P2P networks like Kazaa download files from multiple sources, which would render the sniffer useless. 30% from this IP, 25% from that, 45% from another, are they all part of the same file, or separate pieces? Which way do they go together? Do you get 30% of the thumbprint from one piece? It's all broken.
  
  
• If the sniffers were implemented, they would be the biggest target for cracking since the RIAA's website. They'd be DOSed off the net, rewritten as warez ftp points, porn image servers, IRC chat servers and Shoutcast servers every third day.
  
  
• Changing protocols, creating new protocols, garbling data, encrypting data - all these would break the sniffers and are easy to implement, but I doubt they'll ever be needed, as there are too many other barriers in the way.
  

Re:There's always another way...

[OMEGA Power]

While it is technically possible for a university to monitor all network traffic it is impractical due to the about of computer power and storage needed to record the billions of packets that pass through a large university everyday and the manpower needed to review the massive ammounts of data (think multiple terrabytes a day) this would collect.

Also, in general, universities strive to protect the intelecual freedom and privacy of their students and faculty (although U Wyoming seems to be an exception). For example the univeristy I attend (UMD) includes the following language in their AUP (which can be found in it's entierty at http://www.inform.umd.edu/aug/ [umd.edu]:

"To the extent possible in the electronic environment and in a public setting, a user's privacy will be preserved. Nevertheless, that privacy is subject to the Maryland Access to Public Records Act, other applicable state and federal laws, and the needs of the University to meet its administrative, business, and legal obligations."

While this language is admitadly quite weak it is better than nothing and would prevent monitoring of this kind unless it is determined that ISPs are liable for copyright infringment commeted by their users.

Re:We need to respect and uphold copyright laws

[Jezral]

Let's take an example of a new program... Unless it's in the public domain, then it's copyrighted.

When you release a copyrighted work, you get to set the terms of how it is to be used. This we call a license.

All licenses are extensions of copyright, including the GPL. The GPL builds upon the basic copyright laws, and further sets restrictions on what you can do with the program/sources.

Here's the catch...
If copyright ceases to have an enforcable meaning, then all licenses also cease to have enforcable meanings.
Everything reverts to public domain, where anyone can do whatever they want with the program/source.

So, when we dilute copyright by pirating movies, music, games, and so on, we work towards the day of public domain.

Is this a good thing? Depends on your point of view...but it would destroy the GPL's "must share" power.

-- Tino Didriksen / ProjectJJ.dk

Re:There's always another way...

[Anonymous Coward]

They only get royalties off of those CD's marked "Music CDR". Of course most dummies I talk to think those are "better for recording music", but the techie people know the difference and will buy regular, cheap CDR's, which don't give a dime to the RIAA.

UW's resnet..

[Nemith]

is free! There is no extra charge when you live in the dorms or a on campus fraternaty or sorority. This gives the students even less say on what the bandwidth can be used for.

I used to work directly under Brad Thomas and actually setup cricket [sf.net] to monitor the bandwidth on campus and as far as I know this is still working. The Packeteer software was added while I was working there while this new finger printing was added later. I know that the bandwidth from the dorms (as high as 50MB when unlimited) was killing voice and video trasmissions for remote schooling. Something definatly had to be done, they are not just evil.

Also I remember a couple of times where abuse@uwyo.edu would be hit by Sony records asking us to shutdown someones computer sharing illegal music on the net. Few switch commands later, *BAM*, the kid was disconnected until he removed the material. Kinda a fun job :). Kinda wish I was still there

Re:Makes me hate my job at a University

[The Ape With No Name]

Get a Packeteer. Start shutting down ports and banning MAC addresses. Carve the link into a student only side and a staff only side. Get the Student Judiciary involved and your General Counsel as well. They will start behaving properly. You hold all the cards. The network is a privilege not a right.

Re:Quoth

[Nemith]

Read the article buddy. They did do that, that what the Packeteer program was for. But the problem was that the programs and the students themselved were finding ways around it.

Kazza started hopping ports, very had to throttle the ports then. Also the students found ways to get around this, like httptunnels. Or the one I used at UW. I had a work machine that was unthrottled, so I setup a Socks server on my machine at work(I worked for the Network team at UW) and tunneled all my traffic though that. Worked great, expecially since all the other traffic was slow

I know now that they are having such a problem with bandwidth that internet access in the dorms is slow for anyone and anything you just can block a couple of ports and call it good.

Re:oh my!

[Nemith]

Acutally it's not the Music that Brad Thomas and UW is worried about. It's the bandwidth. I belive UW only has one 155mbit ATM link to the net. This link is shared with voice, video, and remote backups. When I was working for brad thomas he was having paying people complain about video being choppy so something had to be done. Now with ports jumping all around the place it is harder to find p2p programs which have a sponge effect on the outpound pipe.

Re:Great! keep up the good work.

[Kirby-meister]

I guess it's too late to mention this is only for upload traffic that leaves the network (it costs more money when data leaves the network than when it stays in).

Re:Quoth

[alecto]

You've obviously never tried to download a new .0 release of Red Hat the day of its release :).

And downloading ISOs from an unknown source can be hazardous--which is why you always check the MD5 checksum against the one posted on the official site. So you grab 600MB ISOs from multiple people who are (ideally) closer to you on the network than the official site, and grab a 1KB file of MD5 sums from the official site, and all is well.

Re:Well, heres the new testbed for freenet.

[davmoo]

Some others have already replied to this, but I'm going to reply too anyway, just because it gives me the warm fuzzies to do so.

And sorry, you're wrong on both counts, but thanks for playing along anyway.

I won't swear to this for all 50 states, but I know for a fact that in both Indiana (where I currently live) and Kentucky (where I used to live), if you're talking to me on my phone line, I can legally record that call any stinking time I want to, whether you know I'm recording or not. And which one of us originated the call is irrelevant. And if you come over to my house and use my phone to call your Aunt Bertha, I can still legally record it without either of you knowing it.

And a company can listen in on, and record, any conversation they want, so long as the policy that they are doing so is spelled out to the employees beforehand. They can also monitor what you do on the office computer, etc etc. And there are a number of court decisions affirming the rights of a company to do so.

I'll bet money that buried somewhere deep in that University of Wyoming Student Handbook there is a clause that says "its our network, we'll snoop it any damned time we want, and we'll block anything we want too", or words to that effect. If you don't like them snooping on you, then the solution is simple...don't use their network.

Uh no

[NDPTAL85]

You are seriously mentally deficient if you think students own ANYTHING that the University owns. Tuitions don't even cover the total costs of getting an education, and haven't for decades. Ever hear of Endowment funds? If anything, the alumni own the universities along with corporate donors, the government, and philanthropic individuals.

And no there won't be riots. Not as many students think stealing someone else's intellectual property is as important as being able to get your class mate drunk enough to date rape her.