Court Docs Reveal Kazaa Logging User Downloads

Dan Warne writes "The most explosive documents in the ongoing Kazaa court case have emerged today, including logs of discussions between parent company Sharman and the Estonian developer of the Kazaa Media Desktop. They include extraordinary admissions like: "Reporting will make Kazaa look like spyware, as soon as it becomes evident we record downloads and playbacks, users will flee to competitive networks" and then "One can argue that we have knowledge of copyrighted material being downloaded in our network and have to install filters. If we are reporting [gold] files, then technically we could do the same for every file." Finally, "RIAA [could] collect the IP addresses for everyone who has searched for or downloaded that file." Despite the Kazaa developer's concerns over these issues, Kazaa went ahead with the logging." (More below.)

Warne continues "APC Magazine journalist Garth Montgomery, who has covered every day of the trial in the Australian Federal Court, says: "In a nutshell, this has got to rate as the most explosive document revealed. It makes it damn near impossible to maintain the separation theory that Sharman and Altnet rely on in terms of business independence and technical infrastructure. The control they exercise over the system is complete." Montgomery has also scanned in all the documents and made them available in PDF format, including the confidential Kazaa purchase contract and technical specifications for the Kazaa Media Desktop."

WOW

[castlec]

It looks like bye-bye kazaa. It will soon join Napster (The real one, not roxio).

Once again...

[laughingcoyote]

...I am reminded of why I use a reputable, private bittorrent server and alternative (read: under-the-radar) means of P2P. Hasn't this been suspected about Kazaa for quite some time?

I could care less

[Dancin_Santa]

Kazaa has always been the seamy underbelly of the internet. While Napster at least had a little swagger as the slick pirate software, Kazaa has been plagued from the start with spyware and other malware.

Good riddance.

They are...

[pmc]

... so dead.

And stupid. They knew that they were walking a very narrow path with respect to legality. They had to be like Caesar's Wife - not only pure but seen to be pure. But instead they took their behaviour well over the line into things that they knew were illegal. And then recorded the fact that they were doing it.

Breathtaking.

Wow

[gowen]

These people are stupid. Not only do they discuss matters as whether they're arguably criminal conspirators / facilitators -- but they do so in on the record documents, as opposed to quiet chats in the cafeteria.

That's Richard-Nixon-tastic.

I'm not surprised

[Televisor]

They've been walking a tightrope for years....looked like it just snapped.

They had it coming

[Pan T. Hose]

I was assisting in installing KazaA once. It was like: "What do you think," the librarian asked me. "According to this EULA they could log our downloads," I said. "So? Is it good or is it bad?" (She's so cute!) "Bad. I do not authorise it. Remove it, add to the black list, never bother me again." Now, if anyone is screaming bloody murder because a program does something that was explained explicite or implicite during the installation, one is not the brightest individual under the Sun if you ask me.

Re:I could care less

[Anonymous Coward]

You mean "I couldn't care less", meaning how much you care is already so miniscule (or zero) that it is impossible to care less. "I could care less", on the other hand, means you care a lot, or at least enough for it to be possible to care less than you do.

Who installed Kazza Media Desktop???

[NoSuchGuy]

Seriously only internet newbies, grandmas & grandpas installed the Kazza Media Desktop. All other installed Kazza Lite (No Adware!) or eDonkey.

Later all eDonkey [edonkey2000.com] users switched to Overnet [overnet.com] and later on to eMule [emule-project.net] and BitTorrent [bitconjurer.org]

An open source P2P application is more safe in use than a closed source application because clever people can read and understand the code.

Oh I forgot:
1) Idea
2-6) see above
7) ???
8) No Profit
9) Sued by RIAA/MPAA...

I wonder...

[GreatBunzinni]

...if other "reputable" download services like soulseek are up to the same wrongdoings as kazaa. How can anyone know for sure?

Skype

[c0p0n]

Yeah, you're right :D. This also downs the credibility of Skype to the ground.

The revolution will not be webcast

[flopsy mopsalon]

What strikes me as remarkable is that anyone thinks so-called "lawsuits" of this nature will in any way stem the Niagra-like flow of files being shared on computer networks.

As with the United States' ill-fated experiment with "Prohibition" back in the 1930s or whenever it was, attempts to pressure a legitimate society-wide demand with artifical "legal" constraints simple result in a Newtonian counterforce of equal strength

Mark these words it is only a matter of time before the RIAA and company unleash one legal sully too many and the citizenry responds with clandestine acts of violence and possibly even people and/or animals.

It is clear that the individuals behind Kazaa are just a bunch of crooks trying to get rich of bootlegged goods, but so were the rum-runners of yore, and in the end, after much bloodshed and suffering , it was seen that rum could indeed be run legally with out the "sky", as it were, "falling". Let us hope those in power today come to a similar realization soon.

Re:So...

[laughingcoyote]

-Likely- not, the general consensus, to my knowledge, is that a filename is not enough grounds to sue-the company suing must prove -content-. I doubt the Kazaa logs contain a bitprint of each file, likely just an IP address and filename.

Of course, that wouldn't stop them assembling a "people to watch" list-but in reality, I imagine that the **AA's have bots that host on Kazaa and every similar and compile such a list from every IP that comes through 'em. It would be trivial to write such a thing.

But as to launching a lawsuit based just on Kazaa's logs-likely not enough evidence.

Out of Context

[N8F8]

Folks, lelieve it when you see it. Make sure to read the caveat at the bottom of the page: Folks, take these ramblings as the virtually unedited observations from each day of the Kazaa trial. At best, it's anti journalism. The other side is going to misconsture everything in their favor and present it that way to be as damaging as possible.

Re:open source

[Moskie]

How does Kazaa being closed source make a difference here? Kazaa was tracking requests/downloads server-side... which means, I would think, that there isn't neccessarily any logging going on in the client.

It could have been completely open source, and Kazaa could still keep track off all the requests that your client made.

Re:Who installed Kazza Media Desktop???

[andyr]

only internet newbies, grandmas & grandpas installed the Kazza Media Desktop. All other installed Kazza Lite

The server still tracks your downloads.

Re:Once again...

[wheatwilliams]

You use a "reputable" service that facilitates your stealing other peoples' property?

That's an oxymoron.

If you trade pirated media on the service, then neither you nor it are "reputable", by definition.

Re:I could care less

[Hogwash McFly]

No no, this isn't language evolving, it's just stupidity. What next, people don't feel like articulating apostrophes? People don't feel like distinguishing between they're/there/their (although an alarming number don't already)?

Any time I see someone utter or write the incorrect version of the phrase I picture the kind of person who says the latest catchphrase or buzzword without a clue to its origin and/or meaning.

Call me a snob, but I'm proud of our beautiful language (yet still more forgiving of American English than a lot of my fellow Brits).

Re:The revolution will not be webcast

[phaze3000]

What strikes me as remarkable is that anyone thinks so-called "wars on drugs" of this nature will in any way stem the Niagra-like flow of narcotics.

As with the United States' ill-fated experiment with "Prohibition" back in the 1930s or whenever it was, attempts to pressure a legitimate society-wide demand with artifical "legal" constraints simple result in a Newtonian counterforce of equal strength.

History has shown us that the government and their backers are quite prepared to fight battles they have no hope of winning.

Re:Once again...

[taxevader]

Your post should be mentioned whenever there is debate on the meaning of 'jumping to conclusions'. It defines it perfectly.

Where did he post anything about stealing peoples property? You're as bad as the xxIA.. p2p is evil, its STEALING, which even in the case of piracy (of which the parents post in NOT talking about) is not stealing.. its copyright infringement.

p2p can be used for many legitimate purposes.

Re:Once again...

[Anonymous Coward]

Why the hell is this marked informative?

Your ability to setup a bunch of different programs and scripts has NOTHING to do with privacy.

Privacy is all about trust and knowledge of the people you're talking to. Nothing to do with removing logs and setting up eggdrops.

It's SO OBVIOUS that this site is moderated by young children now, you can see them reading the parent and thinking "Oh yea, I can do that, I totally agree"
He's trolling about rooting a server then handing out logins to his l33t mates.

You probably can't mod this post down any lower, but please think about modding the parent down. Or if you choose not to do that, please post here why it's informative.

Re:Who installed Kazza Media Desktop???

[novakyu]

I give up, how is compiling it yourself a valid measure of security? Or do you honestly pour through every line of code following all logic and scrutinizing every letter for possible undesirable consequences, bugs, backdoors, etc? Riiiiight.

Well... in theory, you can look through the source to find any malicious code, and since they know you can look at the source, they won't even try programming adware-like capacity into it.

Also, in theory, if you have a software firewall, hackers will see the firewall and just know that your machine is totally secure (seeing that you took care to install a firewall) and just give up attacking. In theory.

Re:Management ignored the developers?

[ceeam]

Shut up and get back to coding, you worthless piece of shit!

With best regards, Management.

It's not an oxymoron.

[Anonymous Coward]

It's not an oxymoron. Perhaps you need to look up the word "reputable". I will help: it means having a good reputation, being honorable.

If this underground bittorrent service has both a good reputation and it is honorable (ie: they are not screwing their users), it is reputable. It doesn't matter that you don't like what they are doing, or that it is illegal.

I'll thank you to stop pissing on my language and twisting it for your own purposes. I'm having enough bloody trouble with marketroids making the word "buy" mean "license".

The dangers of decentralized business?

[defile]

As I remember reading, Kazaa was such a hard legal target to bring down because of how decentralized the business is. Servers in one jurisdiction, employees in another, the company registered in a third, bank accounts in another, and onwards, etc.

While it offers an extraordinarily complex legal knot to untangle for anyone trying to bring a suit against them, once they do land in court, the company's internal workings will all be well documented because everyone communicates through email or IM. Oops.

Re:Who installed Kazza Media Desktop???

[trawg]

Seriously only internet newbies, grandmas & grandpas installed the Kazza Media Desktop. All other installed Kazza Lite (No Adware!) or eDonkey.

Newsflash - the groups of people that you've named account for the vast majority of users on the Internet, explaining why Kazaa was (is?) the number 1 p2p network.

Later all eDonkey users switched to Overnet and later on to eMule and BitTorrent

I don't know anything about eMule/Overnet but I assume they're traditional p2p software, the same as BitTorrent - in that you can see what you're downloading and from whom. So your next comment about open source p2p apps being "more safe in use than a closed source application because clever people can read and understand the code" is only true if you're defining "safe" as "less likely to be infected with spyware/adware/affected by crashes/exploits".

Open source p2p applications that follow the "traditional" model of just connecting to peers and sharing requested files directly aren't "safe" if you mean in terms of avoiding prosecution - what you're sharing can still be tracked pretty easily.

Open source applicatons like MUTE [sourceforge.net] or Freenet [sourceforge.net], on the other hand... Of course, they have their own issues [sourceforge.net].

Re:glad i never used kazaa

[bcattwoo]

In a democracy, laws (should) reflect what everyone wants, which is appearantly free music.

You sure that everyone wants free music? Or just a majority? I am dubious even that is true.

Nonetheless, in a democracy the laws should not necessarily reflect what the majority wants. Foremost they should in fact make sure that the majority does not infringe on the rights of the minority. If "everyone" wants a free Porsche, to kick the Jews out of the country, prevent black men from marrying white women, and lock up the gays, should we make it so? I know these are extreme examples, but they make the point that laws should not always reflect the majority view.

Re:Stop the Bullshit Now

[Anonymous Coward]

Parent poster here. I was inferring just your point about the cost, they'd destroy themselves meeting legal obligations like Napster did.

It wouldnt be that bad though in reality, sadly. In fact, judging by the lead programmers own figure of 2 searches/second per thousand peers (On a network of 3.5 million concurrent users), and assuming 500 bytes can store the data (IP Address of client, supernode, event type, seach string and timestamp) the figures are:-

Searches/Second: 7000
Searches/Day: 604,800,000
Searches/Year: 220,752,000,000

Now... @ 500 bytes/entry:-

Tb Gb Mb Kb b
Bytes/Year : 110,376,000,000,000 (110tb)
Byes/Day : 302,400,000,000 (302gb)
Bytes/Second : 3,500,000 (3.5mb)

Those are just rough figures, I used 1000 instead of 1024 etc, but still it gives an idea of the scale. 550tb of data can be stored using LTO ultrium cartridges for a mere $80/400gb, so for just $110,000 they could log everything.

Now, I know what you're thinking, thats a shitload of dough. But don't forget, the whole case against Sharman they've been able to muster so far is that they've been making shitloads of dough on the system, so this is just easily affordable.

Pritt was right to be wary. It should never be able to stand in court in a sane world, but thanks to all those Hillary Rosens, we can now point at a bannana, call it an Orange, claim fruity infringement, discard facts and settle for large amounts of cash with teenage children. Do you think the fact that Kazaa would require developing a massive new technology just to log the actions of their existing technology, when they've got a department of programmers so stretched that they've got Estonian email addresses :)

This kind of recursive and fact defying legalese is just the way American courts work, and it's a sad fucking state of affairs to Austrailia go this way too.

Whether they're nice, or not . . .

[QMO]

. . . it's got to be one of the worst jobs in the world.

If you're a policeman (policeperson?), and doing your job right, you want to serve, to help people, to protect.

Then you have to stop, for speeding, one of these citizens that you want to help, and they start lying and trying to weasel their way out of something that they knew they were doing illegally, like a bratty 3-year old, only probably with worse language. The citizen ends up in his weaselly arguments at the conclusion that it is your fault that he was speeding in the first place. You are level-headed enough to write the ticket anyway. Three days later the police chief calls you into his office and explains that the speeder was the mayor's nephew, circuitously asks about ways to let the nephew off the hook. Now, you have to either stand up for your word, the law, and your principles, and risk losing your job, or knuckle under to petty corruption and lose a little more self-respect.

I think it wouldn't take very long for me to get cynical with a job like that.

You know...

[Stick_Fig]

Did it ever, honestly, occur to them that these are the kind of things that may come to light in a court of law, especially considering the sort of business they do?

I think it's safe to say that just by association, it further sullys the reputation of their competitors, too.

Re:Oh, Lordy, here we go again

[russotto]

While a common technique, "argument by comparing your opponent to a child" really isn't particularly rigorous.

And complaining about those who object to calling infringment "stealing" twisting words is getting it entirely backwards. It's those who call infringement "stealing" who are trying to sidestep the entire question about what, if anything, is being done wrong.

If you want to say that copyright infringment is immoral behavior, you have to make that argument. Not declare the case closed by calling it "stealing" and ridiculing anyone who objects to the metaphor.

Re:Wow

[Hatta]

I think Nixon was more of a paranoid asshole than a crook.

He was a politician, they're all crooks.

Re:WOW

[gamma male]

and second, giving clients with no chunks to download a Very high priority so that they can get something to share quicker

That almost seems like a good idea, but what's to stop someone from saying "Hey, I don't have any chunk of file X, can you give me chunk 2?" "Hey, I don't have any chunk of file X, can you give me chunk 3?"

What would be a good idea is 1) only give out the first chunk to clients claiming to not have anything, and optionally 2) track what blocks clients claim to have. If you've given them all of block 3 and they say they only have block 1, give them block 3 only. Similarly keep track of all the data one's sent a particular client and only give them data from the block you started to until they start responding to others that they do indeed have the data.

This way if there was corruption of data on the line and they had to delete the block, they can still possibly get the block instead of being blacklisted because they were unfortunate enough to have corruption. However the extra tracking might be more hassle than it's worth. It wouldn't be too hard to have a leacher remember who gave them what and respond appropriately to them when they're inquiring what blocks they have vs. need.

Re:P2P=Stealing? It's going the other way now.

[TractorBarry]

And the real reason the *AA are trying to get P2P banned is not because they're losing revenue (they're not, their profits are up) but because P2P threatens their distribution monopoly.

If P2P really kicks off then they're not going to be able to "push" their latest crap at people any more. Using P2P transfers everything to a "pull" model and, who knows, people may actually start looking for new interesting stuff on their own. Before too long independent artists/small time players will get equal access to "ear space".

And once their distribution monopoly is cracked they'll go the way of the dinosaurs. They know this, we know this. That's why they're after P2P.

"Illegal" downloads are the best free advertising the music "industry" ever had (just look at the relationship between CD sales and downloads from Napster and Audiogalaxy)

Their problem is that they just can't sell the same amount of crappy advertising or rig the playlists any more. Their payola funds will come to nothing and the "indutry" parasites will have to work for a living.

That's why they're crying.

Well, actually..

[raehl]

If you stopped paying your bill, you'd still own the electros, it'd just be harder to get them to move.

Re:Once again...

[bonch]

You're as bad as the xxIA.

People demonize the RIAA in order to remove the guilt they feel and paint someone else as the bad guy doing wrong in order to justify their actions.

p2p can be used for many legitimate purposes.

But 99% of the time, it's not.

Why would someone on a P2P network worry about downloads being logged by the servers if they weren't trading anything illegal? Come on, we're not stupid. I wouldn't give a crap if some Kazaa server recorded that I shared Slackware 10.1. Did you know--gasp--Slashdot is logging your actions on its site right now? Horrors!

Re:Glad...

[Lord_Dweomer]

Interesting comment. You do realize porn is 99.9% of the time just as copyrighted as every thing else people are getting sued for right?

The difference is, porn makers are once again at the forefront of technology and realize "hey, this is what people want, we can't fight them, lets find out some way to make money off of it".

So what happens? You get tons of free porn off Kazaa and the TGP sites, and they manage to get plenty of people to actually pay for those sites to make them money. Especially with these new reality themed pornos that are out there, because when you've seen one girl, you suddenly get curious and want to see them all, so you check out the page to see what other models they have, and hey, you just might decide to sign up because its only a couple of bucks.

As funny as it may sound to some, there's a lot of industries out there that could take some cues from the porn industry.

Re:Once again...

[stonedonkey]

Where did he post anything about stealing peoples property? You're as bad as the xxIA.. p2p is evil, its STEALING, which even in the case of piracy (of which the parents post in NOT talking about) is not stealing.. its copyright infringement.

p2p can be used for many legitimate purposes.

Oh, quit it. Debating for hair-splitting's sake can be a fun mental exercise, but come on. The majority of the P2P/IRC/Usenet community is not using these file sharing capabilities to trade Grandma's recipe for Alaskan upside-down cake. Quit hanging on to a technicality of decency. Sure, I'll get modded down by the screw-the-man idealists, but you know that's how this sharing system plays out in the end. Movies, music, computer games, and porn.

The RIAA/MPAA isn't correct, but neither are the P2Pers. What you've actually stumbled into is morass of legal rhetoric and artistic dogma that hides greed on one side and a refusal to pay for services on the other.

Re:Once again...

[mrchaotica]

I wouldn't give a crap if some Kazaa server recorded that I shared Slackware 10.1.

I would, if they didn't tell me they were going to do it before hand.

Re:Oh, Lordy, here we go again

[mrchaotica]

taking Doom 3 without paying for it is immoral

Yep, stealing a copy of Doom 3 off a store's shelves is immoral, because they have one less copy to sell. But that's not copyright infringment.

Copyright infringment means copying Doom 3, which is different from taking [a copy of] it. Since you appear not to understand this, let me make an analogy: Say you've got a can of soda that you're about to drink. Then I come up to you, take it, and drink it myself. You'd be pretty upset, right? Well, that's because I stole your soda and you don't have it anymore. Now, imagine instead that I take it, magically duplicate it so that now there are two cans of soda, and then give one back to you. So you still have a soda to drink, and now I have a soda to drink too. Would that still be stealing? Moreover, would that even be a bad thing? Keep in mind that you still have your copy, and that there was nobody involved in the transaction except you and me.

Now, the folks at Coca-cola might get upset about that (epecially if I started selling copies), but they would be upset about copyright infringment, not stealing, because of the theory that only they are allowed to make that particular substance.

And that's the difference -- the concept of "stealing" is based on the physical fact that if someone takes an object away from you, you don't have it any more, whereas the concept of "copyright infringement" is based on philosophical arguments and balancing incentives to creation against distribution to society.

Now, you may not understand all that, but it should at least be "brain-dead obvious" that if stealing and copyright infringment were the same thing, I wouldn't have been able to spend four paragraphs contrasting them!