Paramount Sues Ohio Man For $100,000

ematic writes "A hapless tech-novice finds himself in a US$100,000 lawsuit with Paramount Pictures for allegedly uploading the movie, Coach Carter, to eDonkey. Paramount had the police seize his four computers, but nothing was found. The tech-novice maintains his innocence, and contends that he is a victim of a drive-by upload. According to the ChannelCincinnati story, the victim 'is either a slick film pirate or an unwitting victim of someone who fits that description.'"

Re:What the...

[Otterley]

Any party involved in civil litigation has a legal right to obtain discovery regarding any manner that is relevant and not privileges and which may lend credence to a claim or defense. See Federal Rules of Civil Procedure 26(b)(1) [cornell.edu].

In this case, it would certainly cover examining computers for evidence of copyright infringement.

Re:Motive?

[TheLink]

I do zero out unused blocks on some of my drives from time to time.

This is especially when I am about to make full image backups of my drives. If you zero out the unused regions the drive image compresses much better.

Otherwise you end up using space to backup up deleted data. In some cases you do want to do that, but not always.

Re:2 things:

[cpt kangarooski]

What makes you think that the numbers are the product of something else? Why can't it be arbitrary?

In fact, statutory damages for copyright infringement in the US are arbitrary. They range from $750 - $30,000 ordinarily, rarely go as low as $200, and can fairly easily go as high as $150,000. And that's per work infringed, not the number of infringements (i.e. make a million copies of a movie, and it only counts once; make one copy each of two movies, and it counts twice).

Even where only the minimum amount (almost inevitably $750 per work) is claimed by the plaintiff, multiplying this by a large number of works (e.g. 100 songs is $75,000) can still be very significant to individuals.

Regarding proof, this is a civil case, not a criminal one. While the plaintiff (not prosecutor) has to prove that the defendant infringed, he merely has to show that it is more likely than not that the defendant infringed. Open WAPs aside, the person who uses your WAP most is likely to be you, especially if you don't show that it was in fact someone else, that the files were never on your system, etc. I'm plenty sympathetic here, but honestly, I think the odds are at least marginally in favor of the perpetrator not being a third party, and that's all it takes to satisfy the relevant standard.

Re:Motive?

[Archangel_Azazel]

I could go and actually look all this up, but I'm tired...sorry you'll have to get it from my memory ;-)

Deleting a file doesn't actually get rid of the info. I believe it simply rids the FAT (File Allocation Table) of the entry for that file. The actually 0's and 1's are still there. As for just 0'ing over a section... I remember reading somewhere that the NSA uses wiping software that blasts a sector with random 0's and 1's something like 7 times before it's considered secure.

Hope this helps!

A.A

Re:Plausible deniability

[cpt kangarooski]

Ah, it must be amateur attorney hour again.

The legal system expects everyone to abide by the law. If they do not, ignorance of the law is no defense.

In a case where A sets up an open WAP, and B uses it in an illegal fashion, then the appropriate defendant is B; A hasn't done anything wrong. However, where enough evidence points to A as more likely being the culprit than B, A is the one that is liable for what has happened. This is because as far as the courts can figure out, A actually did it. Remember, the courts aren't perfect and they aren't psychic. Sometimes they punish the wrong person.

So yes, if you have an open WAP, you are exposing yourself to liability because it generally appears that traffic to that WAP from the ISP is your traffic, and not someone else's. You certainly are not protecting yourself; that comes from locking it down so that the only person using it is yourself, and you then don't break the law.

I think your confidence in the decision of factfinders in civil trials is utterly misplaced. They have to do the best with what they have, and the standard is low, and quite friendly to the plaintiff. A mere 51% chance that it was the WAP owner and not someone else, and that's sufficent.

Nearby home?

[JumperCable]

It appears that our man in question, living in Blue Ash resides near where this dot on the map sits. [google.com]

Although trees to obscure some of the houses, it appears fairly dense. Also the plot size for houses along his stretch are about 40-45 feet in width and 160 feet in depth. How unrealistic is it that someone in a nearby house (or kid) that is fully aware of the risks, is taping into his wireless access point?

802.11g suggests that you can get up to 200 feet and still connect. Minus walls etc about how many houses do you think could have done it? What about the distances on other wireless standards?

Re:Motive?

[el americano]

You should be using file system aware backup software.

I use partimage [partimage.org] off a CD [sysresccd.org] for Windows or Linux partitions.

Zeroing or randomizing unused drive space is for privacy only.

partimage has limited FS support

[ThreeDayMonk]

I use partimage off a CD for Windows or Linux partitions.

Given that, according to the link you gave, partimage's support for NTFS is experimental and for HFS beta, the grandparent's method of zeroing, dd'ing and compressing seems a safer bet if it's not one of the stable supported file systems.

Yes, yes, I'm sure that it will probably work, but sometimes you need to be sure. After all, a backup that won't restore properly isn't a lot of good.

Re:Motive?

[trezor]

Deleting a file doesn't actually get rid of the info. I believe it simply rids the FAT (File Allocation Table) of the entry for that file.

In the case of FAT it doesn't even do that. Get any decent filesystem editor and you will see that only the first letter in the filename has been replaced by another character telling the OS to ignore the entry. That's why you had to provide the first letter in the filename when undeleting with any given recovery tool back in the DOS days.

In the case of NTFS, I do believe that the actual filesystem-entry is removed. Because undelete in NTFS takes freakin' decades. Even for small amounts of data.

Re:Motive?

[HoosierPeschke]

Windows - http://www.tolvanen.com/eraser/ [tolvanen.com] Linux - http://wipe.sourceforge.net/ [sourceforge.net]

Re:Motive?

[pantherace]

The problem is that if someone is sufficiently interested, zeroing it out will not actually provide security, because the physical bits will retain a small charge in the direction of their prior value. According to the rumor mill, NSA, and possibly others can retrive data after up to 7 rewrites. Admittedly, one has to wonder what you are up to to get that much interest in your hard drive.

The zeroing before backups is a good idea. It's also good to use inside emulators like qemu, which support holes in the files, so if you copy a file, it doesn't take up the whole space.

MAC addresses don't work that way.

[bigtallmofo]

I'll practice some restraint and avoid calling you "stupid" or "dumb" like many, many other people have done for other reasons.

Then figure out that persons MAC address, and spoof it with MAC change on ur router/firewall

Instead, I'll just point out the flaw in your plan. MAC addresses don't traverse over routers. If there are any routers between your workstation and a server, the server sees "your" MAC address as the router on the same subnet as that server. Your spoofing trick would be a colossal waste of time.

I advise you to study the ARP protocol and really learn what a MAC address is and how it works.

Flaky alibi or not

[bmh129]

The burden of proof is still on the plaintiff, even in civil court, though to a lesser extent. It is not a crime or a tort to share your wireless internet access with a neighbor, whether on accident or on purpose.

It will be a sad day in America if a judge rules otherwise.

Re:Seriously

[infinite9]

He'd have to file bankruptcy.

Actually, thanks to the new bankruptcy laws that went into effect on October 17th, he would most likely be forced into a chapter 13 where he would be required to make payments on possibly the entire amount through the courts for the next seven years. If I were the target of this sort of corporate oppression, I would seriously consider moving my family to a different country.

Re:2 things:

[cpt kangarooski]

I thought that large scale copyright infringement was indeed a criminal offense, where does it change from being civil offense only to criminal?

It doesn't change; that would be silly.

Rather, some minor infringement is only civil, and then above a certain threshold, it becomes both a civil and criminal offense (much in the same way that going around hitting people with a stick is both kinds of offense).

The thresholds are:

1) Willful infringement of a copyright for commercial advantage or financial gain (including the gain of anything of value, such as trading for copies of other works, in particular warez trading boards)

2) Making or distributing copies of 1 or more works in a 180-day period, where the sum total retail value of all of the works in the period is over $1,000.

There are some other ones as well, but these are the main ones. And frankly, these thresholds are not all that high.

if the law is both civil and criminal, shouldn't the companies then be required to prove actual damages instead of statutory ones? (In a criminal case that is.)

Only the government can bring and prosecute a criminal case. And they aren't interested in damages, which is good, since they can't get any. Instead, they can get fines and jail time for the defendant.

Re:MAC addresses don't work that way.

[v1]

Spoofing the mac may not be effective for masking yourself from the target machine, but may be very effective in masking yourself from being identified by an investigator. Imagine spoofing the MAC of your wireless card, and connecting to your neighbor's access point, using his laptop's wireless mac address. It would be a farily tight frame, with your neighbor's wap log files indicating his MAC during the time/date of the intrusions. Possibly enough for "reasonable doubt." Unfortunately this is almost trivially simple to do. (on a Macintosh or unix box anyway)

sudo ifconfig en1 lladdr 00:11:22:33:44:55

(requires Mac OS 10.3.6'ish or later, works fine on 10.3.9, nonfunctional in 10.3.5)