Forgot your password?
typodupeerror
Music Media The Internet Your Rights Online

Software To Stop Song Trading 595

Posted by CowboyNeal
from the watching-the-watchmen dept.
Shippy writes "Palisade Systems is about to launch new software that can identify and block copyrighted songs as they are being traded online. However, the article fails to mention that it will also stop legal song downloads. The software blocks anything that's copyrighted, whether you already own the song in another format or not. Here's some snippets from the article: 'If installed in a university, for example, it could look inside students' emails, instant messages and peer-to-peer transfers...', and 'Jacobson said the identification process would not work on an encrypted network, such as is used in several newer file-swapping programs. However, the Palisade software could also act to block those applications from using the network altogether.' Great."
This discussion has been archived. No new comments can be posted.

Software To Stop Song Trading

Comments Filter:
  • And, thusly... (Score:5, Insightful)

    by McCrapDeluxe (626840) on Thursday April 22, 2004 @10:58PM (#8946194) Journal
    Encrypted protocols increase in popularity.
    • What is needed.. (Score:5, Interesting)

      by bcore (705121) on Thursday April 22, 2004 @11:03PM (#8946231)
      ..is a P2P app that can run over an SSL connection, disguised as web traffic. I'd bet that could beat this thing. Does such a thing exist?
      • by dolphinling (720774) on Thursday April 22, 2004 @11:09PM (#8946279) Homepage Journal
        What's wrong with just plain FTP over SSL? No one's going to be blocking FTP anytime soon...
        • Or SSH (Score:5, Interesting)

          by Sycraft-fu (314770) on Friday April 23, 2004 @12:36AM (#8946755)
          I would LOVE to see a university try to block that. A small private one might (and I emphize might) be able to get away with it but a big one? Forget about it.

          Hell, our university REQUIRES SSH for many things. You can't telnet to the e-mail cluster any more, it's SSH only. Likewise the webmail is SSL only. You just don't have a choice, you'll use the encryption or you'll not use the system. My department is working on going to that. Going to be no telnet, no FTP, no unencrypted IMAP or pop. Everything will be SSH, SFTP (which is also SSH), or SSL. Unencrypted communications will be in-building only, or for things like the main website. You want to access any systems, you'll do it with an encrypted protocol, or use an encrypted VPN tunnel to get a local address.

          So either SSL or SSH would work well. They are just too useful and used for too many things. Try and shut that down and you'll find backlash like you can't believe.
          • Why bother? (Score:3, Insightful)

            by trezor (555230)

            Why bother with encryption? Just set up some phony malformed files (and keep your mp3s rared whatever) and share all your bandwidths worth.

            The system is supposed to work on audio-finger printing. I can imagine how easy a system like this could be DOSed. Now imagine all P2P users worldwide doing this (P2P-app prepares this stuff). It'd be the biggest DDOS of all time.

            This censorship mayhem is so ambitious it's bound to fail.

        • Re:What is needed.. (Score:5, Interesting)

          by syousef (465911) on Friday April 23, 2004 @12:42AM (#8946800) Journal
          "What's wrong with just plain FTP over SSL? No one's going to be blocking FTP anytime soon..."

          I work as an IT consultant in Australia and work on site most of the time. Our clients - banks and insurance companies - certainly do do block FTP and SSL. They usually block anything that isn't HTTP or HTTPS on port 80. This is a genuine frustration for me as I often want to send log files and software to the HQ of the software firm I work for.

          To make matters worse one client I worked for had a policy of restricting access to external email and other content (games, porn etc.). They used web filter software which I won't name here for now. Lots of legitmate sites I'd want to get to for genuinely work related purposes were also blocked.

          I wouldn't be at all surprised if this is the method adopted by large educational institutions in the end. They won't be able to fight large corporates for very long with the limited funding they do have. It will only take a handful of large law suits to sway them towards censorship.

          Its an interesting world we live in now. It seems to have become standard practice somewhere in the late 90s to make product and then intimidate or sue your customers.
      • by Rikus (765448)
        > ... disguised as web traffic

        And it won't look the least bit suspicious when the host is connected to several other hosts, transferring encrypted data at full-speed 24 hours a day.
      • by rixstep (611236) on Friday April 23, 2004 @01:51AM (#8947108) Homepage
        What we should do...

        Is use steganography.

        We embed an MP3 inside a JPEG.

        Then, just to really screw them up, we embed the JPEG inside an MP3.
      • The trend among content-filtering firewalls is to filter SSL sessions by splitting them in two - one from the client to the firewall and another from the firewall to the server. If the session cannot be split, it's rejected.

        Eventhough it's client-friendly man-in-the-middle attack, which defeats the whole purpose of SSL, there is a demand for this functionality.

        --

        The way it works is the client installs extra root CA certificate, and the firewall is given its own CA-enabled certificate derived from the for
    • Re:And, thusly... (Score:5, Insightful)

      by NtroP (649992) on Thursday April 22, 2004 @11:17PM (#8946329)
      The article claims that the software could block encrypted communications, apparently indescriminantly. I wonder how that would affect legit transfers like scp, ssh or vpn connections.

      I'm probably talking out of my butt here, but what if, instead of the entire "stream" being encrypted, just the "content" was, with a one-time, mutually agreed upon key? How would their software know the difference? It would never have the same "fingerprint" twice. Would it just block any traffic that looked like random noise?

      I can see this software pissing a lot of sysadmins off - could you ever be absolutely sure those "ghosts" you've been chasing weren't this software being over zealous?

      The parent is right though. This will just prompt those who wish to trade on P2P to take it to the next level. Especially now that the "Big Five" labels are trying to force Apple to charge $2.50 per song! If that happens I will stop buying songs from iTMS and say "screw the bastards, release the hounds", P2P here I come!

      • Re:And, thusly... (Score:5, Insightful)

        by LostCluster (625375) * on Thursday April 22, 2004 @11:38PM (#8946463)
        There's no way that any piece of software would be able to peek into encrypted sessions... so the only option this software would have would be a "deny all".

        Seems like this could be useful as something a college could threaten installing unless P2P violators knock it off... but would be trading off quite a bit of legit functionality to ensure zero violations.
        • Re:And, thusly... (Score:3, Informative)

          by kmonsen (606584)
          And, it would be quite illegal as well, or? I thought that was one of your wonderfull new laws that med cracking codes illegal. So it would be enough to just encrypt it in a simple way, since it is illegal for them to try to decrypt the files.
        • Re:And, thusly... (Score:3, Interesting)

          by Clovert Agent (87154)
          Network security devices do this with SSL by proxying the connection so you think you're connecting to the remote site by SSL, but in fact it's only as far as your perimeter, where it's managed (scanned, audited, etc) and sent over a new SSL connection.

          There are lots of ways a P2P app could prevent that from happening of course. But then it might be easier to detect and block outright. Cat and mouse, as always.
      • Steganography (Score:5, Interesting)

        by markan18 (718118) <sm@bigserver.hopto.org> on Friday April 23, 2004 @12:00AM (#8946589)
        maybe we just need to rename songs as .doc or .jpg. If that crap can still catch them, cram the song into real images or insert them into real office documents.

        One may insert them into icmp packets (ping still allowed??). What if i encrypt all my email, will encryption be outlawed? The war on file sharing is turning into a war on drugs, we all know how effective it is.

        I think anyone can still get packets and or out a given network can download and upload songs or anything. those big 5 labels are causing real damage trying to police the internet and deserves to die real fast
    • Re:And, thusly... (Score:5, Interesting)

      by Nadsat (652200) on Friday April 23, 2004 @12:37AM (#8946762) Homepage
      Yes, McCrapDeluze: what you describe is the blowback, the reaction against the controllers.

      Technology tries to liberate. Technology was once thought of as the essence of freedom's revolution itself. Recall Apple/1984... recall www-idealism. Then technology turns against itself and tries to control. Porn regulation, satillite cameras, fingerprints, RIAA server-side 'intellectual property' monitoring. Liberation vs. control. Hacktivists and regulators engaging in battle royal.

      Sure there are always loopholes and entropy... but I fear the capability of technology to regulate and control will become so strong and so automated that only the most astute hacktivists or fleeting script kiddies will find sanctuary, leaving the rest of the populace to graze like sheep on genetic grass.
      • I think you've got the problem absolutely right. This is a direct consequence of two things: big media business abusing its monopoly, and a certain type of Joe Public breaking the law. In both cases, these are not good things, but they are done because the perps think they can get away with it.

        As has often been said (but rarely heard) in these parts, the correct solution to this situation is to fix the problem, not to try to circumvent it by ever more devious means. The music industry should be compelled

    • Who needs encryption? Just move from Songname.mp3 to Songname.mp3.zip/rar/ace/lzh/whatever. The compression should remove any 'fingerprint'.

      Makes for a few challenges but it would easily defeat the system by the sounds of it.
  • by tsunamifirestorm (729508) on Thursday April 22, 2004 @10:59PM (#8946196) Homepage
    to spend money and give students a paid subscription for music downloads (some colleges have) then spend money tracking file sharing?
    • by FlipmodePlaya (719010) on Thursday April 22, 2004 @11:13PM (#8946304) Journal
      Actually, it would be cheaper to do neither. The U of Rochester, up here, is doing that, and they are under constant criticism for the program. People tend not to like money being spent on music for others (Windows users who live on campus) as opposed to their education, after they had paid for the latter. I don't see why a University is liable for the actions taking place over its network anyway... Make the students agree not to do it, so you can't be blamed, and let the RIAA hang them if they do.
      • by UID1000000 (768677) on Thursday April 22, 2004 @11:47PM (#8946527) Homepage Journal
        This is a good point. Frankly make them sign a contract or a LOI stating that if they do anything illegal that they have to indemify the university of any illegal actions and take full recourse for the aforementioned.

        But if 90% of their traffic is P2P why not make it all internal traffic thus eliminating bandwidth costs? If there is a way to do this for instance block the ports that P2P programs use, hell block all the ports except 80 and then setup a VPN client with all ports open but restrict traffic to being only internal. Then the bandwidth load is reduced by 90% and the traffic (which would probably cut down) might come down by as much as 60-70%.

        If new items need to be introduced to the P2P networks on the campus then the students should have to go out and use their own, their parents or some cafes' then they can bring it back into the closed school network.

        What do you think of that?
      • Frankly, it would be much easier to simply not give the students free internet access. Make them buy their own account, just like everyone else does in the real world. Then crack down hard on inappropriate use of the university network. I fail to understand why students and universities need special exceptions to the rules the rest of have no problems with.
    • by FsG (648587) on Thursday April 22, 2004 @11:16PM (#8946322)
      Simpler, perhaps, but not a particularly good idea. What gives my college the right to decide what kind of music I'm going to listen to, and whom I'm going to buy it from? Despite common belief, not all music is owned by the RIAA, and I certainly wouldn't want a part of my tuition going into the pockets of these monopolists.
    • by Alsee (515537) on Thursday April 22, 2004 @11:24PM (#8946390) Homepage
      spend money and give students a paid subscription for music downloads

      Pointless so long as the RIAA refuses to sell anything except DRM crippled crap.

      Even if the college did jack up their fees and force such a subscription on me, I'd still take free non-crippled files (P2P) in prefference to "free" (pre-paid) crippled files.

      If they offered ordinary MP3's they'd attract more customers. The RIAA's refusal to sell a non-crippled product is purely self destructive. It's not like they've ever kept a single song from reaching P2P by refusing to sell MP3's. Using DRM only accomplishes one thing - driving away customers.

      -
  • by DigiShaman (671371) on Thursday April 22, 2004 @10:59PM (#8946198) Homepage
    I guess it's time to start bridging those WiFi networks around the world. If you can't beat em, fuck em. I start file sharing over WiFi networks. I look forward to the days of local BBSes again. (WiFi BBS?)

  • Encrypt everything (Score:5, Informative)

    by Zorak Man (732141) on Thursday April 22, 2004 @11:00PM (#8946208)
    Encrypt IM [sourceforge.net] encrypt file sharing [sourceforge.net] encrypt your email [keyserver.net]
    • Encryption only works if other people do it too.

      I use GPG. Nobody else that I know does, and so I cannot encrypt email to them.

      How many people really use WASTE?

      As for AIM encryption, how many people are using gaim, have the encryption plugin compiled in (which frequently doesn't work with the latest version of gaim), and don't mind the occasional compatibility problems the encryption plugin causes with other AIM clients? I've come to the conclusion that the *only* instant-messaging protocol that I know
    • by Anonymous Coward
      You brought up something interesting there.
      How many "encrypted" file-sharing tools are there?

      * Waste [sf.net]
      * Mnet [sf.net]
      * Freenet
      * Entropy

      From what I know most of these are either not very popular (Waste, Mnet) or not suited to distribute large files (Freenet, Entropy).

      Am I misinformed?
  • Hmm... (Score:5, Interesting)

    by LordK3nn3th (715352) on Thursday April 22, 2004 @11:01PM (#8946214)
    How does this effect pay-for programs like iTunes?

    Also, is this RIAA-only songs being blocked, or other songs? Copyrighted doesn't always mean "undistributable". Someone may hold the copyright to something but may actually let people distribute it-- am I wrong there?
  • by rdsmith4 (767227)
    This will never work - if it does in fact suppress the legal transfer of imformation, it's clearly counterproductive and stands little chance of ever being implemented. Universities are more reasonable than that!

    ...right?

  • by Bhull (644157) on Thursday April 22, 2004 @11:01PM (#8946216)
    how do i tell this software that i want people to trade MY copyrighted music? if they block my file swapping would that be some sort of anticompetitive thing? just because the RIAA and its labels own the majority of music being traded doesnt mean that all the music being traded belongs to them.
  • 'finger print' (Score:5, Interesting)

    by Mattwolf7 (633112) on Thursday April 22, 2004 @11:02PM (#8946222)
    But how can it determine?

    Palisade's version of the technology sits inside a network, rather than inside a file-swapping program. If installed in a university, for example, it could look inside students' emails, instant messages and peer-to-peer transfers, seeking audio "fingerprints" that could be compared with information in Audible Magic's database.

    If I send my friend an mp3 of me playing some music how can it tell that from me sending a copyrighted work? Is it reading the 'finger print' and then checking byte by byte? Isn't that going to kill traffic... But couldn't it be beaten by adding one extra byte to the file? Sending in another format?

    • Re:'finger print' (Score:3, Insightful)

      by jparp (316662)
      Apparently, you have to be a little more createive.

      Supossidly it uses a technique called, Mel-Filtered Cepstral Coefficients to look for patterns in the audio output of the file. that is they dont check-sum the file, they play the file, and use there fingerprint technology on the way the file sounds when it is played.

      This still has many problems. As other posters already pointed out, encrypting, archiveing, or simply renaming the extension of the content, would make it difficult to find. Unless of course,
  • MY Rights?? (Score:4, Insightful)

    by Anonymous Coward on Thursday April 22, 2004 @11:02PM (#8946225)
    When did trading copyrighted music online become one of my "rights"?

    Funny, on slashdot GPL violators are on step below Charles Manson, while copyright infringers of music, movies, and software are somewhere below jaywalkers.

    • When did trading copyrighted music online become one of my "rights"?

      When the internet was invented.

    • well uhh... they aren't checking for VIOLATORS sir... they are checking for ALL copyrighted material in the database... Transfering a song from one of my machines to another of my machines for my personal use, via EMAIL/P2P intercepted, and cancelled because it is copyrighted material is not protecting the copyright holder, it's preventing my fair use.
    • Re:MY Rights?? (Score:3, Insightful)

      by PhxBlue (562201)

      When did trading copyrighted music online become one of my "rights"?

      I think the fair question is, when did you lose the right to trade copyrighted music online? Especially under circumstances that are already allowed by Fair Use?

      • Re:MY Rights?? (Score:5, Insightful)

        by JamieF (16832) on Friday April 23, 2004 @05:14AM (#8947731) Homepage
        >when did you lose the right to trade copyrighted music online?

        That depends on what you mean by "trade". If you're talking about allowing anonymous strangers to make complete copies of songs from your computer that are copyrighted and not authorized for this kind of distribution by the copyright holder, then you never had that right. There is no such right. The rights belong to the copyright holder, except for fair use. Allowing unlimited copies to be made for free and given to anonymous individuals is not fair use.

        Maybe the song is copyrighted, but the copyright holder has authorized free online copying of the song. Maybe you know the person you're giving the copy to, and you know 100% for sure that they have a legal license to that song, such as from owning a CD. Those are mitigating circumstances.

        Just because it's easy to commit a crime doesn't make it not a crime anymore. Little old ladies don't fight back as much big beefy ex-cons when you try to mug them, but that doesn't make it less illegal, or less wrong. It just makes it easier.
    • Re:MY Rights?? (Score:3, Informative)

      by brucmack (572780)
      Because trading copyrighted music online doesn't have to be illegal:

      1) It could be paid for (iTunes or by tax on recordable media).
      2) The copyright holder could wish for the file to be openly shared.
      3) The copyrighted music has already been purchased on other media.
  • Umm... (Score:5, Insightful)

    by Ryan.Merrill (548437) on Thursday April 22, 2004 @11:02PM (#8946226)
    Wait... it did say that it can look into student's emails and instant messages right? So basically it is giving the University free right to look into student's messages and claim that they are merely looking for illegal songs. There has got to be something that can be done by the students at these universities to block this. This is a total invasion of privacy. If any university tries to impose this onto the students attending, the students must do something. Hopefully we haven't lost all of our rebellious nature.
    • Re:Umm... (Score:3, Informative)

      by batura (651273)
      Uh, dude, they already have this right. This has been around in the user agreement at Universities for quite some time. When I went to the Dorms at UW, I believe I signed on to this with my living agreement, not to mention that you probably agree to this when you receive your computer account.
  • Stenography (Score:4, Funny)

    by dduardo (592868) on Thursday April 22, 2004 @11:03PM (#8946230)
    I wonder how this technology will hold up against stenography. Let me think about it for a moment. Hmm...
  • by digitalvengeance (722523) * on Thursday April 22, 2004 @11:04PM (#8946232)
    From the article:

    "seeking audio "fingerprints" that could be compared with information in Audible Magic's database."

    We've tried database-oriented filters to stop spam in the form of keyword lists and the like for years, yet spam is more of a problem today than it was 5 years ago. Why won't the same techniques that let spam slip past our filters let content slip past these filters? Add a byte here or there, run a very light encryption routine over a file and bam - one broken filter.

    Even if the networks that use encryption in the protocol itself are stopped - encryption on the file level can be used on insecure networks and this software becomes useless.

    Josh
  • by ChangeOnInstall (589099) on Thursday April 22, 2004 @11:04PM (#8946235)
    ...of an SSH tunnel? :)
  • by neurosis101 (692250) on Thursday April 22, 2004 @11:05PM (#8946241)
    Despite the restrictions of the softwared, I'd bet that a University for sure will pick this up. Eventually what will happen is some people on the network won't be able to download some voice recording or some file send to themselves or something and a big fuss is going to erupt. That or some privacy issue is going to kill it.

    The university I attend has explicit privacy rules, available for everyone to read. If I recall correctly this sort of thing would violate those rights awarded by the school and as soon as someone brings it up it'll disappear.

  • so archive it (Score:5, Insightful)

    by tintub (733763) <slashdot&rainsford,org> on Thursday April 22, 2004 @11:06PM (#8946252)
    Is this software going to intercept any archives (.rar, .tar.gz, .zip etc.), unarchive them and check them? I'm not against such software - Universities have a right to disallow file trading on their networks, just as I have a right to use an ISP which doesn't use such software for my home connection. However, I just think that this won't work, at least not without blocking or hindering so much legitimate use that everyone revolts against it.
  • by mfh (56) on Thursday April 22, 2004 @11:09PM (#8946278) Journal
    > They want to take the position of not filtering out all peer-to-peer [traffic], stopping copyrighted works but not the other content."

    Here's the problem: how do RIAA and MPAA distinguish, legally, between copyrighted material that is permitted (fair-use), and that which is not? I'm talking about articles, fair-use media vs. illegal-to-distribute-or-possess copyright media. How do these watchdogs inform the public of such differences? The onus is truly on the RIAA/MPAA if you ask me. The story, strangely, is "Copyright © 2004 CNET Networks, Inc. All Rights Reserved," which begs to question... how can a twelve-year-old truly understand this discombobulated law?

    That's the problem with the whole thrust of the RIAA argument against P2P (that the illegal trading of this copyrighted material hurts business). What about Internet articles? These articles are copyrighted works, published to the Internet by their respective owners, but quite often articles are mirrored by websites like Slashdot. Sometimes the copyright owners like this mirroring, and other times they do not (they seem to flip flop on it, depending on the source). Therefore, the lack of consistancy *should* make it extremely difficult to win a copyright case, although somehow the owners always win.

    IANAL, yet my argument is that two distinct laws ought govern copy protection, because this fork-in-the-road is quite ambiguous. Firstly, how are any of us to know the status of copyrighted materials downloaded? What if we download a song over P2P, expecting the song to be one of the songs that are fair-use, and we pass the song along to a ton of other people? Secondly, how do we distinguish between the legality copyrighted articles that are online and music, and the fair-use music?

    Because there exists no truly accurate copyright-status repository, I think all the people under suit from a watchdog might have some ammunition.Without a bona fide/impartial database of illegal filenames and md5 checksums to verify your current P2P files, how can you be responsible for these files?

    Furthermore, if you downloaded a song from P2P, you should legally be able to upload it back to that P2P, if you truly believed the files to be fair-use, which could truly be any file.
    • quite often articles are mirrored by websites like Slashdot

      Slashdot doesn't mirror anything, it just links to the article at source. The reason for that is copyright - slashdot doesn't have permission to mirror the article. Stuff published on the net is still copyrighted unless specifically mark as being public domain.

      Linking to an article in no way copies it, and so cannot be prevented by copyright law. There is no inconsistency here - if slashdot copied the article verbatim and hosted it on their own s
  • by zymurgy_cat (627260) on Thursday April 22, 2004 @11:09PM (#8946282) Homepage
    Uh, correct me if I'm wrong, but how can one stop all "secure" file swapping communications w/o killing off unrelated important stuff? I tunnel through anonymizer.com when I surf, and I imagine any file sharing program worth its salt could do a similar type thing through the same port (22). Wouldn't they end up not only killing file sharing but also people checking their bank accounts, registering online, buying stuff on Ebay, etc?

    As for looking into email, sheesh! Public key encryption will avoid that, and any attempt to block those types of communications would be rather stupid and overreaching.
  • by Poilobo (535231) on Thursday April 22, 2004 @11:10PM (#8946287) Homepage
    If this is based on fingerprinting technology it would be pretty trivial to cutoff the Type 1 and Type 2 tags, reverse the content and stick'em back on. Reverse the process after downloading. Of course you could always UUencode the song and add a zip extension to it or a multitude of other tricks to hide what your doing.

    Never underestimate the power of broke, bored, determined college students.
  • RTFA, - Geez.... (Score:3, Interesting)

    by byronne (47527) on Thursday April 22, 2004 @11:20PM (#8946354) Homepage
    neither RIAA nor Audible Magic had given them a demonstration of the filtering tools. Industry trade group P2P United says it has repeatedly contacted the company asking to see the filters in action.

    Ikezoye said he still has not demonstrated the technology for the peer-to-peer companies.


    This brings up a ton of questions:
    - What are they looking for in the content of P2P traffic?
    - What defines copyrighted or 'controlled' material? Bootlegs won't be in there...
    - If it ain't installed in the client, where is it installed?
    - Will this work on server based P2P like soulseek?
    - What possible gain is to be had by filtering this?

    Studies have already shown that CD sales increase where there is a market of 'try before you buy'. (Australia, for example) When is the RIAA going to wake up and realize that the biggest marketing tool in history is at their command and they don't have to do a damn thing to prevent it?
    Radio killed the vinyl star? Nope.
    Video killed the radio star? Um, nope.
    MP3 killed the video star? Maybe, but absolutely to the artists' benefit and not some fat f*ck from Clear Channel.

    Filtering is way too invasive to even be considered an option. Sheesh.
  • Legal P2P? (Score:3, Insightful)

    by LostCluster (625375) * on Thursday April 22, 2004 @11:20PM (#8946362)
    If they've got software that can "name that tune" as it passes by in MP3... isn't that the holy grail for legalizing P2P?

    All it would take is some authorizing legislation, and every time a P2P song passes through the toll booth, a few pennies (quanity specified in the law) get transfered to the song owner. Those pennies can either be asorbed by the ISP as part of their service, or they can pass it along to the customer as part of their bill.

    There you go. If it can block it, it can log it too...
  • by Mskpath3 (764785) on Thursday April 22, 2004 @11:25PM (#8946399)
    You know, I'm not one to break out the Star Wars quotes lightly, but : "The more you tighten your grip, Tarkin, the more star systems will slip through your fingers." What a dopey system. Everyone knows that the only way you're going to stop this kind of thing is through draconian legislation! :)
  • by Anubis333 (103791) on Thursday April 22, 2004 @11:40PM (#8946490) Homepage

    So this software would make backing up your data illegal? I have all my CDs ripped, and I ftp them to another drive at another location frequently. This would stop any student from sending any of his MP3's to a computer at home for back up. That sounds fair.
  • Carnivore? (Score:3, Interesting)

    by kyoko21 (198413) on Thursday April 22, 2004 @11:40PM (#8946491)
    Is it just me or does this sound like RIAA bought their own version of Carnivore?
  • by Anonymous Coward on Thursday April 22, 2004 @11:51PM (#8946547)
    I was working for Palisade when they developed the first version of PacketHound.

    Actually, I should say when they stole PacketHound, since it was actually created by a coworker in his off hours, outside of Palisade. The CEO at the time fired this guy and sued the developer to gain the rights to PacketHound. Kind of ironic that they stole something that is supposed to prevent stealing!

    Like Palisade's original product, called ScreenDoor, PacketHound is just a packet sniffer that sends out TCP RST packets to disrupt connections. Palisade (and Iowa State University) actually have a patent [uspto.gov] on this, even though there have been firewalls and other programs (like Snort) which do the same thing, and predate the patent.

    Palisade itself is a tiny company that is milking this one patent/idea for most of its products. But they are somehow good at getting press...
  • by uv_light (750273) on Thursday April 22, 2004 @11:56PM (#8946571)
    as someone noted before, encrypt everything. It is not just good idea for file swapping, also, it is good practice incase of information leak.

    anyway, that's not my point, I think it would be good idea if people can change the software slightly so that it block different thing, *cough*spam*cough*, it might be more constructive than blocking `any` kind of copyrighted material. Well of course, it would be nice there is no censoring of information, but we are too far away from that.

    if you like this, thank you. If you don't, sorry I took your time to read this.
  • by Peterus7 (607982) on Friday April 23, 2004 @12:05AM (#8946610) Homepage Journal
    (It already is one...)

    Music is shared. The industry finds way to block it, but in doing so pisses people off. New P2P app. Random corporate ups ante, finds new way to find out identity of P2P user. New P2P program that blocks ID. People post about it on slashdot. People make funny comments, and get modded up. Piracy increases, RIAA makes new blocking program. Cowboy Oneal finally decides that he's sick of it all and declares a ban on P2P relating articles.

    Anyways, down to real business: The more people try to stop people from downloading files, the more it becomes damaging to themselves. Not only are they blowing money on quick fix solutions that do nothing but piss people off and force them to resort to other methods, but in the end their problem is that people are going to download their crap no matter what. If they stop them from downloading, they sure as hell won't buy it, so they might as well let them be.

    Now, I'm not saying that's the right solution, or there is a solution, but I think trying to stop it and potentially messing people up all over the board is just a haphazard and dangerous way of doing things. Go back to the drawing board... And as much as I hate to admit it, but I feel by the time they solve P2P, Mac will be in control of the market, we'll be insectoid alien slaves, and Elvis will have returned, and will have posted a story on the truth about aliens here.

  • by m0ng0l (654467) on Friday April 23, 2004 @12:07AM (#8946618)
    GMail looking inside e-mails? Isn't this just doing the same thing? What is to stop them from releasing a "new, improved" version of this software to allow universities to look inside e-mails for other things? Phrases that look like part of a term paper, that I *may* be plagarizing (sp?)

    FUD off

    At least not going to college anymore, I don't (for now) have to worry about this. What I can see is this software is automaticly presuming you are guilty of music swapping, and searching your e-mail without due process (BTW, IANAL)
    If the courts want to use an e-mail as evidence, do they not have to get a warrant? Why should this be any different?

    harumph.
    Jason A.
  • by ruhk (70494) on Friday April 23, 2004 @12:13AM (#8946650)

    ... this software cannot block file sharing.

    If I decide to encode a song as a text file containing the bit-string of a song and slap that on a web server, what is this software going to do? Oh, sure, the size of that MP3 just jumped by a factor of sizeof(char), but its out there. Maybe it'll be smar t and read the first X bytes of any file it passes? What if the file is multiple parts? I can serve it on my web server. I can toss it up on NNTP.

    In short, the only way this software can stop filesharing is to block the network connection entirely. This is perfectly obvious even to a dimwit like me.

  • by Badanov (518690) on Friday April 23, 2004 @12:16AM (#8946662) Homepage Journal
    Maybe the cry to go to encryption is the wrong way. If it is in fact the intention of trade organizations to scan networks and invade privacy to enforce their rights, maybe it would be better to create a standard that could not encode an audio file but transform it into plain text.

    The wargame company that makes Combat Mission does this to their save game files. The files are encoded not encrypted and the data read in/out into the file is true plain text, but unreadable. You cannot tell this is an encoded file by any means I am aware, but the file loads up smoothly and quickly.

    Seems to me iffin you wanted to defeat this new drive to invade privacy, making a software module that will allow you to store and transport music (and many other kinds of files as well ) files as plain text would be a tremendous blow to those efforts.

  • Fan Mail (Score:4, Interesting)

    by GrEp (89884) <<crb002> <at> <gmail.com>> on Friday April 23, 2004 @12:17AM (#8946668) Homepage Journal
    Please direct all fan mail to the head of Palisade, Doug Jacobson [iastate.edu]. dougj@iastate.edu

    Check out his senate testimony [64.233.167.104](Google Cache). This guy makes a living spooking the spooks.
  • by Eythian (552130) <robinNO@SPAMkallisti.net.nz> on Friday April 23, 2004 @12:34AM (#8946742) Homepage
    iRATE [sf.net] is a program that downloads music that artists have put on the net. These downloads are also taylored to your own tastes, based on comparing what you like with other users. With this, there isn't a need for P2P music file sharing, and risking being sued by the RIAA, as copying this music is sanctioned by the artist. (Unsurprisingly, not much of this music is made by RIAA labels)
  • by The Master Control P (655590) <ejkeever@nerdsha c k .com> on Friday April 23, 2004 @02:38AM (#8947279)
    For starters, I'll be damned if your fscking spybot will ever acess my hard drive. Block all ports by default, opening as needed.

    How, exactly, does a remote program ruffle through my files without my permission, anyway? Mandated backdoors? Screw them.

    If it looks for an audio "fingerprint," how will it react if some 10-year-old wrote a 5K program to insert a random byte every N bytes of the MP3 (or any file)? If I do something as idiotic as flipping all the bits? The ways to foil things that search based on fingerprints are too many to name.

    Who the hell gave you permission to look at my private e-mails? Oh, yeah... I DIDN'T!

    Amendment IV: "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

    How exactly will it react to a file named "Britney-Spears.mp3" that contains nothing but static? Did I mention the violation of privacy?

    They've already admitted that it's completely impotent against encrypted traffic, and there are already encrypted p2p clients.

    For the love of God, don't these control freaks realize when they're beaten?

    OK, I think I've got most of the obvious replies out of the way. It's obvious that the current control freaks "up there" see the Internet, and realize quite well what it can and will do them if they can't nip it in it's budding stages. Kid yourself not: They will wage an all-out war against privacy on the Internet. And as always, all that is needed for evil to win is for good to do nothing.

    Contact your congressperson. Have all your friends do the same. Snail-mail them. E-Mail them. Donate money to their campaigns. Get the word out!

"Indecision is the basis of flexibility" -- button at a Science Fiction convention.

Working...