Slashdot Log In
How The DMCA Is Enforced
Posted by
timothy
on Thu Sep 19, 2002 03:03 PM
from the brass-tacks dept.
from the brass-tacks dept.
Hank Scorpio writes "Bob Cringley's latest column talks about a company, BayTSP, that performs most of the enforcement of the DMCA on the Internet. This is the company that collects data about who is sharing music or movies online, and this is the company to go after when you get busted! They claim to "go to the same places any user could go, look at the same files anyone else could look at, and we only probe the ports on your computer that you have made public." Interesting."
This discussion has been archived.
No new comments can be posted.
How The DMCA Is Enforced
|
Log In/Create an Account
| Top
| 552 comments
(Spill at 50!) | Index Only
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
|
2
Step 1 to Solve Problem Company (Score:5, Funny)
Step 1 complete.
Excellent
How is this not illegal? (Score:5, Informative)
Re:How is this not illegal? (Score:4, Insightful)
Isn't a public port part and parcel with permission to access said port?
Re:How is this not illegal? (Score:4, Informative)
In the UK it has to be shown that the person making the attempts to connect had knowledge that their attempt was unauthorised.
Computer Misuse Act 1990 [hmso.gov.uk]
1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.
Where do I start? (Score:5, Funny)
Hmmm, So we go after people for crimes they have yet to commit, is what he is arguing. Someone should make a movie about that.
Ishikawa, the FBI thinks terrorists are sharing information by hiding it in images posted on eBay using a process called steganography.
What a penis. I guess he doesn't keep up on research.
If you look at Mark Ishikawa's business card, you'll notice that it lists no street address for his company, BayTSP, just [...] a post office box in Los Gatos, CA, but could really be anywhere in the Bay Area.
Or it could be located here: BayTsp (BAYTSP-DOM) 3150 almaden Expressway #234 San Jose CA,95118 US
Just publicly available information, Right Ishikawa?
Re:Where do I start? (Score:4, Informative)
Two of them are in an IP range owned by garageband.com and two of them are in a range owned by SuperBusiness NET, Inc., a Nevada corporation. The nameservers for SuperBusiness Net's ARIN range are... the identical ones for baytsp.net and the tech email is noc@baytsp.com.
A google search for "SuperBusiness Net, Inc" yields a link to an ISP who claims credit for the sbusiness.net domain. The sbusiness.net whois record yields... the same Nevada PO Box as the superbusiness Net, Inc. IP range.
The NS records for sbusiness.net point to web1000.com, a "free hosting service with no ads" that seems to have a strong presence in the porn serving arena.
What, exactly, is the relationship between SuperBusiness Net, Inc. and web1000.com is unclear but they share phone numbers on their whois addresses, though their PO Boxes are different.
So, boys and girls, what have we learned?
Mike Ishikawa is running at least:
BayTSP.com
BayTSP.net
SBusiness.net
an
web1000.com
His BayTSP.net seems to be more substantial than his BayTSP.com presence but the web1000 infrastructure is truly massive and if, in fact, he runs that corporation, it's via there that he's likely running his scans.
Re:Where do I start? (Score:5, Insightful)
Logic error (as others have pointed out). Allow me to demonstrate:
Correlation is not causation.
However, that said I think people who ar turned on by kiddie porn have a problem, and people who DISTRIBUTE kiddie porn are criminals.
But let us not go down the slippery slope of incorrectly reasoning to justify our actions, 'mkay?
Re:Welcome to my firewall! (Score:5, Insightful)
Um, no.
Their web site is hosted by sonic.net. Blocking that only means their web server can't probe your systems.
I'd bet they're using a variety of cable modems and DSL connections with dynamic IPs to do the probing.
For those who dont support PBS (Score:3, Informative)
I certainly have no idea where the company lives, but I know why Ishikawa has so many enemies. It is because BayTSP acts as the primary enforcer for the Digital Millennium Copyright Act (DMCA), a law that is widely reviled in the technical community.
The DMCA, which was put in effect in 2000, was an attempt by the U.S. Government to bring copyright law into the cyber age. But many people -- including, oddly, Mark Ishikawa -- think the DMCA goes too far by making it illegal for me to even tell you how to circumvent encryption or copy protection technologies. It makes the very passing of knowledge against the law whether or not that knowledge is ever used.
"It's a very flawed piece of legislation," says Ishikawa, who predicts that the government will rewrite the copyright law again "in eight or nine years" to correct the mistakes in the DMCA. But until then, the DMCA is the law of the land, and Mark Ishikawa is the Internet's top cop.
BayTSP is paid anywhere from $200 to $50,000 per month by owners of intellectual property -- primarily software companies, movie studios, and record companies -- to find who is illegally copying, distributing, or helping to distribute without permission their intellectual property. For example: Adobe Systems arranged to have Russian programmer Dmitry Sklyarov arrested at the 2001 DefCon security conference in Las Vegas for violating the DMCA by showing how to circumvent copy protection in Adobe's eBook software. The arrest was made on information supplied by BayTSP.
Now I am not in any way a fan of the DMCA. The purpose of this column this week is not to examine the DMCA, but rather, to gain some understanding of how it is enforced. BayTSP is an interesting company, and coming to understand how it does what it does can be very useful as you will shortly see. So please don't write to me complaining about the DMCA. Write to your Congressional representatives.
Mark Ishikawa came to the data security business from the Dark Side, having been busted years ago for breaking into the network at the Lawrence Livermore National Laboratory. Preferring employment to jail time, he became a security consultant for the Lab and a lot of other places. Eventually, Ishikawa started a large ISP and web hosting company that he sold at a profit. Now he runs BayTSP.
BayTSP's business falls into two areas -- law enforcement and anti-piracy -- and it uses the same tools for both businesses. These tools are spider programs that scour the most traveled parts of the Internet looking for users who are offering to others files that are either illegal to even own or at least illegal to share. An example of the former is child pornography. BayTSP tracks for the FBI the global carriage of kiddy porn. When a big child pornography bust takes place, it is generally on the basis of evidence gathered by BayTSP.
"There seems to be an increase in child abductions and murders in the U.S.," says Ishikawa, "and when the abductors are caught and you look on their home computers, you inevitably find kiddy porn. So it is a precursor to this bad behavior, and just as the Internet makes it easy to distribute child pornography, it effectively encourages these criminals. We are working to end that."
BayTSP's spider programs use patented algorithms to scour public web sites looking for pictures, video, and music files. "Our algorithms are adaptive," claims Ishikawa. "You can cut a picture in half and we'll still find it, matching the cut-down version against a database of originals, effectively matching the electronic DNA of the target."
One thing BayTSP's spider programs don't do is sit at the Internet peering points sniffing all packets as they go by. "That would be wiretapping, which is illegal," he says. "All we do is go to the same places any user could go, look at the same files anyone else could look at, and we only probe the ports on your computer that you have made public."
Now we get to the part I find especially interesting, and where I think there is a lot of confusion among users. This has to do with how BayTSP finds out who is distributing kiddy porn or pirated music files. If you think your activities on the Internet are anonymous, you are wrong. When BayTSP finds an IP address that appears to be the source of child pornography or pirated music or video files, under the DMCA, it can subpoena ISP logs. These logs can directly connect even dynamic IP addresses to user accounts, making it clear very quickly who owns the offending account. Every ISP keeps these http logs, and even products for so-called anonymous surfing aren't effective in circumventing the technique.
"We have 100 percent coverage of peer-to-peer file sharing," Ishikawa claims. "If you are illegally sharing copyrighted materials, we know who you are."
Then why aren't there more arrests? In part, this is because the intellectual property holder who is paying BayTSP gets to set its own comfort threshold for exactly how much file sharing is too much, and how BayTSP should deal with offenders. "Adobe only wants to send out cease and desist orders, while some movie studios want to put people in jail," Ishikawa says. "There are people on the Net offering 50,000 to 60,000 files at a time for sharing. These people will get busted for sure."
For lesser offenders, under the DMCA an intellectual property holder can make your ISP remove the offending content from its servers. So while you may not go to jail, you might find that your Gnutella songs are no longer available. Repeat offenders lose their accounts completely. One issue is how quickly ISPs remove the offending material. "Sony wants it gone in an hour, but Uunet takes two weeks," says Ishikawa.
According to Ishikawa, we'll see major arrests in October of people who have been illegally (and flagrantly) sharing movies. With the evidence already gathered, the game is afoot, meaning this week is too late to stop sharing those movies and expect to get away with it. This might be a good time to get a lawyer.
Not even Osama bin Laden can escape the gaze of BayTSP. According to Ishikawa, the FBI thinks terrorists are sharing information by hiding it in images posted on eBay using a process called steganography. Doesn't that sound a little too sophisticated for al-Qaida? Can that picture of a dented Ford F-150 pickup with a For Sale sign really be saying, "Bomb the infidel Cringely's house?" Maybe, maybe not.
"The FBI has us looking for certain specific things," says Ishikawa, "but we haven't found anything yet."
Look its the civilian police.... (Score:3, Insightful)
What exactly do they mean by probe? By that do they mean they illegally try to gain access to my computer? Violate my privacy? So if I have a ftp server up and running do they start trying to guess the passwords and logins?
Last time I checked port scans were being treated as illegal by certain large companies. Are they doing this to us as well?
This is a private company? (Score:5, Insightful)
Shouldn't investigating and collecting evidence for criminal cases (which is what their doing, the DMCA is the law of the land whether we like it or not) be the responsibility of a government law enforcement agency?
Only probing the address he made public... (Score:5, Interesting)
3150 almaden Expressway #234
San Jose
CA,95118
US
Domain Name: BAYTSP.COM
Administrative Contact, Technical Contact:
Ishikawa, Mark M (MI70) marki@BAYTSP.COM
Ishikawa,Mark
PO Box 1314
Los Gatos, CA 95031-1314
US
408-399-0600 408-979-7969
Record expires on 11-Jun-2004.
Record created on 11-Jun-1999.
Database last updated on 19-Sep-2002 16:19:51 EDT.
Re:Hi Mark (Score:5, Informative)
Doesn't mean he was one, of course. He definitely used to be 'chief operating officer' of Infonent.com, Inc. His current fax is (408)979-7969... and an example of his current work is here [216.239.51.100].
Of course, he also gets mentioned in Sex Tracker [sextracker.com] press releases. He claims to be an 'anti-porn advocate' [dailyreviewonline.com], which is interesting, given the work he does protecting the valuable intellectual property of Cinnamonbunz, 'the largest collection of sexy, erotic models!' and Suze Randall the erotic photographer.
I wondered if this [lycos.com]had anything to do with him (if it does, he's got some nerve 'I hope you don't mind me taking a graphic from your homepage!') particularly given the reference to driving [toyotaatlantic.com] and the Skyline Blvd. address again. He works for an erotic photographer [ainews.com], amongst others.
Let's see what else; if that is him, he has a web page on AOL of all places [aol.com]
. Plugging that new information into Google we also get maki177@aol.com as a potential address; if you search Google for maki177, you discover 'makiboy' is an alias apparently used by whichever Mark Ishikawa this one is, and taking this chain of improbability to its logical conclusion we discover makiboy@hotmail.com, NYC Jock/Ballet Sissy [sexboards.com], and, last but not least, In Search Of... Men Seeking Men. [vwh.net] The last includes the interesting blurb, "would like to hear from or meet other trim, athletic guys, 18 - 30s, who enjoy footed nylon or lycra tights. Shiny lycra is best, but nylon is okay too, as long as the tights are footed."
Oh, and he lies to his ballet-loving pals about his age
Hey, makiboy, it's all publicly available information. Now you see why people don't go snooping - they might come to the wrong conclusion - if this is wrong?
Answers on a postcard please to:
"We lurve those tights!",
19020 Skyline Blvd.
Los Gatos, CA 95033
The small print: Half of this information is speculative, uncertain, and totally devoid of context. Don't think of it as fact. But it's a similar style to the information he'll use to report you to the cops - therefore, I would consider it to be poetic justice of a sort.
"Probing His Open Ports...." (Score:5, Interesting)
public websites
Public information - Mark Ishikawa
http://www.toyotaatlantic.com/Team.asp?ID=43 - toyota racing team same cell #
Ishikawa, Mark M (MI70) marki@BAYTSP.COM
Ishikawa,Mark PO Box 1314
Los Gatos, CA 95031-1314
US 408-399-0600 408-979-7969
BaySpider BayTSP.com
Contact: Mark Ishikawa (CEO)
3150 Almaden Expressway #234
San Jose, CA 95118 USA
Phone: +1(408)979-7900
Fax: +1(408)979-7969
E-mail: sales@baytsp.com
World Wide Web: http://www.baytsp.com/
BayTSP.com Intellectual property protection: About BayTSP: Contact Us
15466 Los Gatos Blvd. Suite 109-368 Front Desk Fax Toll Free 1.877.9BAYTSP
Information Career Opportunities Investment Opportunities Sales Information Your
Thoughts spiderbites@baytsp.com
Phone # listing for Ihsikawa in CA
Results:
MARK M ISHIKAWA
LOS GATOS CA 95030
(408) 399-4361
Results:
MARK M ISHIKAWA
LOS GATOS CA 95030
(408) 399-4391
Results:
MARK M ISHIKAWA
LOS GATOS CA 95030
(408) 399-4571
http://www.clerkrecordersearch.org/
16346860 07/08/2002 1 RELEASE LIEN ISHIKAWA, MARK M (E) COUNTY OF SANTA CLARA TAX COLLECTOR (R)
16147701 03/08/2002 1 CERT AMOUNT DUE ISHIKAWA, MARK M (R) STATE OF CALIFORNIA FRANCHISE TAX BOARD (E)
16088662 02/01/2002 1 CERT AMT DUE ISHIKAWA, MARK M (R) COUNTY OF SANTA CLARA TAX COLLECTOR (E)
16088661 02/01/2002 1 CERT AMT DUE ISHIKAWA, MARK M (R) COUNTY OF SANTA CLARA TAX COLLECTOR (E)
15957939 11/13/2001 8 DEED OF TRUST & ASSIGN RENT ISHIKAWA, MARK M (R)
HOUSEHOLD FINANCE CORP CA (E)
14624059 01/28/1999 1 RELEASE LIEN ISHIKAWA, MARK M (E) FRANCHISE TAX BOARD (R)
14595929 01/13/1999 1 REQUEST FOR NOTICE DEFAULT ISHIKAWA, MARK M (R)
BARRETT, JOHN C (R)
14595928 01/13/1999 1 RELS TAX LIEN ISHIKAWA, MARK M (E) UNITED STATES (R)
14595927 01/13/1999 1 RELS TAX LIEN ISHIKAWA, MARK M (E) UNITED STATES (R)
14595926 01/13/1999 4 DEED OF TRUST & ASSIGN RENT ISHIKAWA, MARK M (R)
BARRETT, JOHN C (E)
A possible alternate email address for
Mr Ishikawa.
Mark Ishikawa
Los Gatos, US
marki@valuserve.com
Now I am not saying The above are all the same
Mark Ishikawa, but at least some mark ishikawa lives in santa clara county and seems to not pay his taxes.....
Oh where, oh where has my privacy gone???
We only probe public ports... (Score:4, Insightful)
A number of people have pointed this out. However, if this was a valid legal/ethical statement, then that would be the perfect justification for any electronic crime. A hacker says, "I wasn't doing anything illegal! I was only probing the ports that they made public!"
I like the argument in a way. It says, "Hey, I didn't go beyond my authorization to do this. Their site already had the authorization wide open for me to do this!" On the other hand, it can be used to justify anything.
We only enter unlocked homes... (Score:4, Interesting)
If my mom flips a switch on OS X to allow personal web sharing, and doesn't understand that this means someone can traverse her iTunes library, then just because some guy can exploit that security breach doesn't mean that she violated the DCMA any more than someone who forgot their purse on a bench, and someone photocopied the book they found inside.
Maybe I'm just being silly but... (Score:3, Insightful)
Shouldn't they be getting in trouble themselves for either 1, downloading kiddie pr0n, or 2, compairing the images to a database collection of kiddie pr0n the've collected over the years?
I know, they are doing it for the greater good and are not redistributing kiddie pr0n but it still sounds funny...
BayTSP is small potatoes (Score:4, Informative)
how to block baytsp (Score:5, Informative)
http://bitzi.com/lookup/ZYNHYUHEI3VQHUJTTT
or, if you want to do this yourself, here's the info:
209.204.130.0 netmask 255.255.132.0 (baytsp)
209.122.130.0 netmask 255.255.255.0 (baytsp)
the first block (209.204)seems to be the one they're using, my security manager shows 58 hits
there with none on the second block.
Port scanning? -- Not! (Score:3, Insightful)