How The DMCA Is Enforced 552
Hank Scorpio writes "Bob Cringley's latest column talks about a company, BayTSP, that performs most of the enforcement of the DMCA on the Internet. This is the company that collects data about who is sharing music or movies online, and this is the company to go after when you get busted! They claim to "go to the same places any user could go, look at the same files anyone else could look at, and we only probe the ports on your computer that you have made public." Interesting."
Step 1 to Solve Problem Company (Score:5, Funny)
Step 1 complete.
Excellent
Step 2 to Solve Problem Company (Score:3, Funny)
A) we pick a state, one that's comfy and not to small
B) Take it over
c) Start over with compotent people
and
D) Watch the rest of the world imprison itself in stupidity
---Darn, sounds a bit too much like Atlas Shrugged.
Re:Step 2 to Solve Problem Company (Score:3, Funny)
Would these people be able to spell?
I'd expect so, but do you think maybe he was referring to someone who could cook a fruit based dessert [about.com]?
Re:I think that already exists... (Score:3, Funny)
mirror (Score:2, Informative)
How is this not illegal? (Score:5, Informative)
Re:How is this not illegal? (Score:4, Insightful)
Isn't a public port part and parcel with permission to access said port?
Re:How is this not illegal? (Score:4, Informative)
In the UK it has to be shown that the person making the attempts to connect had knowledge that their attempt was unauthorised.
Computer Misuse Act 1990 [hmso.gov.uk]
1.--(1) A person is guilty of an offence if--
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at--
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.
Re:How is this not illegal? (Score:3, Funny)
I postulate that this post probably prevents precise pronunciation due to the poster's propensity to push the "p" key.
Re:How is this not illegal? (Score:3, Funny)
No no no no no no no no no no no no no!!!!!
Just because a port is listening on a machine doesn't mean it's "public" anymore than me bending over in the shower in the locker room is an invitation for you to insert your junk into my anus.
Re:How is this not illegal? (Score:3, Informative)
Uh, yeah, actually it does, if they don't have it posted no trespassing or make obvious attempts to deter people from coming on the property.
Re:How is this not illegal? (Score:2)
I don't work for the company (or even know anything about them), but this is how I assume that they are doing it--it's how I would do it (if I were a sell-out, low-life, rat-fink, evil bastard that is).
Re:How is this not illegal? (Score:2)
am I the only one who sees the futility in this argument? define permission as it applies to the legality of ones actions
Re:How is this not illegal? (Score:2)
Re:How is this not illegal? (Score:2)
Where do I start? (Score:5, Funny)
Hmmm, So we go after people for crimes they have yet to commit, is what he is arguing. Someone should make a movie about that.
Ishikawa, the FBI thinks terrorists are sharing information by hiding it in images posted on eBay using a process called steganography.
What a penis. I guess he doesn't keep up on research.
If you look at Mark Ishikawa's business card, you'll notice that it lists no street address for his company, BayTSP, just [...] a post office box in Los Gatos, CA, but could really be anywhere in the Bay Area.
Or it could be located here: BayTsp (BAYTSP-DOM) 3150 almaden Expressway #234 San Jose CA,95118 US
Just publicly available information, Right Ishikawa?
Re:Where do I start? (Score:2, Informative)
(You'll need an AOL/Netscape "screen name" in order to view the image)
Re:Where do I start? (Score:5, Insightful)
Logic error (as others have pointed out). Allow me to demonstrate:
Correlation is not causation.
However, that said I think people who ar turned on by kiddie porn have a problem, and people who DISTRIBUTE kiddie porn are criminals.
But let us not go down the slippery slope of incorrectly reasoning to justify our actions, 'mkay?
Re:Where do I start? (Score:3, Funny)
You seem to be having trouble typing, both hands are on the keyboard, right? :)
Re:Where do I start? (Score:3, Insightful)
>Hmmm, So we go after people for crimes they have yet to commit
Collecting Kiddy Porn is illegal in most states though, so there's still a crime.
Can't somebody just embed a virus in an image that mails the personal info of these perverts to the FBI or something? - phorm
Re:Where do I start? (Score:2, Interesting)
In an image no. Viruses imbedded in images are pretty pictures. I think I can find a picture of ebola for you. Good news. The picture wont make you sick.
In an mpeg file however is another story. You can force someone to automaticly load a website from an mpeg file. Easy way for the feds to log whos looking at the kiddie porn. This is not a virus but part of the mpeg standard so not illegal.
Also it was a while ago but there was a virus released that was imbedded in in a "kiddie porn" executable which sent personal information from the machine infected to, and dont quote me on this, scottland yard, it was to the brits im pretty sure at any rate. Because it infected the machine with a virus that collected data and sent it out it didnt make any friends with the cops it informed either and the virus scanners scan for it.
I used to work for a large usenet provider. One day they decided to shut down the known kiddie porn newsgroups which I cant argue with. Beyond being deplorable if you know about it and dont do anything about it you lose your common carrier status protections. for the next few weeks we would get calls about how "I cant access one of the newsgroups I used to read". We'd eventually get out of them which newsgroup and which point they would happily give us there username and there address for verification. This was popular with the feds. Morons.
Ok, all humor aside this Mike fellows a major dick IMHO. He doesnt agree with the law but he'll make a quick buck off it. Sounds like he and the law get along splendly. He gets lots of death threats? Thats the problem with todays kids, no follow through.
If he doesnt agree with the law thats fine. But to say you dont agree with it and then act on its behalf makes your an immoral sellout.
Re:Where do I start? (Score:2)
Driking milk is not a crime.
Under current US law having kiddy porn is a crime.
Therefore they are not going after people who may commit a crime they are going after people who *have* commited a crime. He is merely stating that in his opinion this crime can predict another , IMO worse, crime.
Now if you want to argue about whether it should be a crime or not that is another discussion. But for purposes of what he said they are going after people who have commited a crime and as a result he thinks may commit more crimes.
This guy is still scum but at least go after him in the areas where he is wrong rather than making up something he did not say.
Re:Where do I start? (Score:3, Insightful)
OK, here's another one. Nearly 100% of people who commit grand theft auto were at some point cited for speeding. Therefore, speeding is a precursor to more serious car-related crimes.
Re:Where do I start? (Score:2)
Let's say they start searching the computers of all criminals they arrest, regardless of their crime. I bet the percentage of non-pedophile criminals with kiddie porn is down in the single digits. Same goes for non-criminals
The main reason child pornography is illegal (as I follow it, IANAL), is that children are not only considerably younger than the legal age (18), but also because they don't possess the mental maturity to make any decisions involving their involvement in pornography, much less what it really is. Therefore, the trick is to go after the perpretrators of the child porn, but since there would be no child porn were there no demand, simply make the demand illegal.
It doesn't take too many "BARELY LEGAL!!" websites and magazines to realize that were possession and distribution of child pornography not illegal, it would surely be a huge market.
Re:Where do I start? (Score:2, Insightful)
Re:Where do I start? (Score:4, Informative)
Two of them are in an IP range owned by garageband.com and two of them are in a range owned by SuperBusiness NET, Inc., a Nevada corporation. The nameservers for SuperBusiness Net's ARIN range are... the identical ones for baytsp.net and the tech email is noc@baytsp.com.
A google search for "SuperBusiness Net, Inc" yields a link to an ISP who claims credit for the sbusiness.net domain. The sbusiness.net whois record yields... the same Nevada PO Box as the superbusiness Net, Inc. IP range.
The NS records for sbusiness.net point to web1000.com, a "free hosting service with no ads" that seems to have a strong presence in the porn serving arena.
What, exactly, is the relationship between SuperBusiness Net, Inc. and web1000.com is unclear but they share phone numbers on their whois addresses, though their PO Boxes are different.
So, boys and girls, what have we learned?
Mike Ishikawa is running at least:
BayTSP.com
BayTSP.net
SBusiness.net
an
web1000.com
His BayTSP.net seems to be more substantial than his BayTSP.com presence but the web1000 infrastructure is truly massive and if, in fact, he runs that corporation, it's via there that he's likely running his scans.
huh? (Score:2, Informative)
it'd be fun to dig up their netblock from ARIN and create snort rules to look for sweeps on their part, then publish them.
OrgName: BayTSP.Com
OrgID: BAYTSP
ASNumber: 14478
ASName: BAYTSP
ASHandle: AS14478
Comment:
RegDate: 1999-12-20
Updated: 1999-12-20
TechHandle: MI70-ARIN
TechName: Ishikawa, Mark
TechPhone: +1-408-399-0600
TechEmail: marki@baytsp.com
interestingly, their netblock isn't easily available, and their website is externally hosted at sonic.net. anyone got some better clues on where these guys are attacking from?
PATCRP
Re:huh? (Score:2, Interesting)
I've gotten into trouble for this. The first thing I did when I hooked up with RoadRunner was nmap people on my subnet, just out of curiousity, to see what kind of computers people were running. My intention was never to break into someone's box, mind you. Just to see if people were running webservers, etc.
Is this illegal? In some places. Is this unethical? Some would say "yes", although I say "no". Is this against RR's TOS? As I found out, undeniably yes. So I can't nmap people. I still get scanned hourly by Nimda, Code Red, SubSeven, and every other worm/virus under the sun, and it's always by the same people. Yet they haven't been threated to have their plug pulled...go figure.
So if I get in trouble for seeing what's "publicly available" (e.g., if a webserver's running), why can this fucking company do it without fear of consequence? Because they have a lame m.o. to hide behind? Because it's their "job" to check up on me?
All I can say is it's actually a GOOD THING in a sense that there's so many ignorant users out there today. If the internet was like how it was back in the BBS days (or even pre-AOL), everytime someone got scanned by these assholes retribution would be interesting, to say the least.
Welcome to my firewall! (Score:2, Informative)
Assuming they have a class C netblock, this means you can block 209.204.138.* and eliminate most probing from them.
Anyone else know of any other netblocks or IPs that belong to them?
mod this up!!! (Score:2)
Re:Welcome to my firewall! (Score:5, Insightful)
Um, no.
Their web site is hosted by sonic.net. Blocking that only means their web server can't probe your systems.
I'd bet they're using a variety of cable modems and DSL connections with dynamic IPs to do the probing.
Re:Welcome to my firewall! (Score:3, Insightful)
This may be their business address, but no self-respecting enforcement company is gonna do all their searching and spying from their business IP.
In fact, I'd wager you'd have better luck blocking *all* of AOL, Verizon -- and any other big ISP you can name.
I suspect they, too, tend to overthink their anonymous abilities and probably figure that they can blend in much easier if they get some big-name ISP account (maybe even off-shore) and hit you with what looks like just another script-kiddie attack from just-another big-name ISP IP block. They're probably right in doing it this way, but I bet they leave some pretty tell-tale signs that -- once folks figure it out -- will make them easier to block.
Of course, I might be wrong. Maybe the anonymity sniffers are really closer to 'anonymous' than the people who think they're surfing anonymously.
Maybe this outfit does indeed have some kickass, wicked spycraft that they're pulling.
Re:Welcome to my firewall! (Score:2)
Re:Welcome to my firewall! (Score:2)
For those who dont support PBS (Score:3, Informative)
I certainly have no idea where the company lives, but I know why Ishikawa has so many enemies. It is because BayTSP acts as the primary enforcer for the Digital Millennium Copyright Act (DMCA), a law that is widely reviled in the technical community.
The DMCA, which was put in effect in 2000, was an attempt by the U.S. Government to bring copyright law into the cyber age. But many people -- including, oddly, Mark Ishikawa -- think the DMCA goes too far by making it illegal for me to even tell you how to circumvent encryption or copy protection technologies. It makes the very passing of knowledge against the law whether or not that knowledge is ever used.
"It's a very flawed piece of legislation," says Ishikawa, who predicts that the government will rewrite the copyright law again "in eight or nine years" to correct the mistakes in the DMCA. But until then, the DMCA is the law of the land, and Mark Ishikawa is the Internet's top cop.
BayTSP is paid anywhere from $200 to $50,000 per month by owners of intellectual property -- primarily software companies, movie studios, and record companies -- to find who is illegally copying, distributing, or helping to distribute without permission their intellectual property. For example: Adobe Systems arranged to have Russian programmer Dmitry Sklyarov arrested at the 2001 DefCon security conference in Las Vegas for violating the DMCA by showing how to circumvent copy protection in Adobe's eBook software. The arrest was made on information supplied by BayTSP.
Now I am not in any way a fan of the DMCA. The purpose of this column this week is not to examine the DMCA, but rather, to gain some understanding of how it is enforced. BayTSP is an interesting company, and coming to understand how it does what it does can be very useful as you will shortly see. So please don't write to me complaining about the DMCA. Write to your Congressional representatives.
Mark Ishikawa came to the data security business from the Dark Side, having been busted years ago for breaking into the network at the Lawrence Livermore National Laboratory. Preferring employment to jail time, he became a security consultant for the Lab and a lot of other places. Eventually, Ishikawa started a large ISP and web hosting company that he sold at a profit. Now he runs BayTSP.
BayTSP's business falls into two areas -- law enforcement and anti-piracy -- and it uses the same tools for both businesses. These tools are spider programs that scour the most traveled parts of the Internet looking for users who are offering to others files that are either illegal to even own or at least illegal to share. An example of the former is child pornography. BayTSP tracks for the FBI the global carriage of kiddy porn. When a big child pornography bust takes place, it is generally on the basis of evidence gathered by BayTSP.
"There seems to be an increase in child abductions and murders in the U.S.," says Ishikawa, "and when the abductors are caught and you look on their home computers, you inevitably find kiddy porn. So it is a precursor to this bad behavior, and just as the Internet makes it easy to distribute child pornography, it effectively encourages these criminals. We are working to end that."
BayTSP's spider programs use patented algorithms to scour public web sites looking for pictures, video, and music files. "Our algorithms are adaptive," claims Ishikawa. "You can cut a picture in half and we'll still find it, matching the cut-down version against a database of originals, effectively matching the electronic DNA of the target."
One thing BayTSP's spider programs don't do is sit at the Internet peering points sniffing all packets as they go by. "That would be wiretapping, which is illegal," he says. "All we do is go to the same places any user could go, look at the same files anyone else could look at, and we only probe the ports on your computer that you have made public."
Now we get to the part I find especially interesting, and where I think there is a lot of confusion among users. This has to do with how BayTSP finds out who is distributing kiddy porn or pirated music files. If you think your activities on the Internet are anonymous, you are wrong. When BayTSP finds an IP address that appears to be the source of child pornography or pirated music or video files, under the DMCA, it can subpoena ISP logs. These logs can directly connect even dynamic IP addresses to user accounts, making it clear very quickly who owns the offending account. Every ISP keeps these http logs, and even products for so-called anonymous surfing aren't effective in circumventing the technique.
"We have 100 percent coverage of peer-to-peer file sharing," Ishikawa claims. "If you are illegally sharing copyrighted materials, we know who you are."
Then why aren't there more arrests? In part, this is because the intellectual property holder who is paying BayTSP gets to set its own comfort threshold for exactly how much file sharing is too much, and how BayTSP should deal with offenders. "Adobe only wants to send out cease and desist orders, while some movie studios want to put people in jail," Ishikawa says. "There are people on the Net offering 50,000 to 60,000 files at a time for sharing. These people will get busted for sure."
For lesser offenders, under the DMCA an intellectual property holder can make your ISP remove the offending content from its servers. So while you may not go to jail, you might find that your Gnutella songs are no longer available. Repeat offenders lose their accounts completely. One issue is how quickly ISPs remove the offending material. "Sony wants it gone in an hour, but Uunet takes two weeks," says Ishikawa.
According to Ishikawa, we'll see major arrests in October of people who have been illegally (and flagrantly) sharing movies. With the evidence already gathered, the game is afoot, meaning this week is too late to stop sharing those movies and expect to get away with it. This might be a good time to get a lawyer.
Not even Osama bin Laden can escape the gaze of BayTSP. According to Ishikawa, the FBI thinks terrorists are sharing information by hiding it in images posted on eBay using a process called steganography. Doesn't that sound a little too sophisticated for al-Qaida? Can that picture of a dented Ford F-150 pickup with a For Sale sign really be saying, "Bomb the infidel Cringely's house?" Maybe, maybe not.
"The FBI has us looking for certain specific things," says Ishikawa, "but we haven't found anything yet."
Re:For those who dont support PBS (Score:3, Insightful)
Look its the civilian police.... (Score:3, Insightful)
What exactly do they mean by probe? By that do they mean they illegally try to gain access to my computer? Violate my privacy? So if I have a ftp server up and running do they start trying to guess the passwords and logins?
Last time I checked port scans were being treated as illegal by certain large companies. Are they doing this to us as well?
Re:Look its the civilian police.... (Score:2, Interesting)
Some Judges really don't like this behavior on the part of the Police since it may/may not be unconstitutional from the Due Process angle.
There is also starting to be a backlash against those Red Light Cameras for the same reason.
I'll be this company also gets a cut when there is a procescution, like how the Camera makers get most of the fine.
Re:Look its the civilian police.... (Score:2)
The police can not use evidence collected in a way that is illegal, and if the police can't search your hard drive for kiddie porn or copyright infringements without a warrant, he shouldn't be able to either. Any evidence collected this way should not legally be admissable in court.
If you're one of the people who should be worried about being arrested next month, keep that in mind.
This is a private company? (Score:5, Insightful)
Shouldn't investigating and collecting evidence for criminal cases (which is what their doing, the DMCA is the law of the land whether we like it or not) be the responsibility of a government law enforcement agency?
It looks like we slashdotted them. (Score:2)
I wonder if they have any job openings. Evil is fun.
Made Public? (Score:2, Interesting)
The federal law says that they have to cause damage via unauthorized, or under-authorized access, or intend to cause damage to be guilty of federal computer fraud crimes.
My question is, does intending to make me spend money defending myself constitute intending to cause damage?
Re:Made Public? (Score:2)
Yes and no. (IANAL)
If they don't have even the barest inklings of a case, and file a suit anyway that they know they're going to lose, then probably yes.
If they do have even the slightest inkling that there's something untoward about you, and believe that you have probably committeed a tort against them (or a crime), then defending yourself is just part and parcel of how life works.
Re:Made Public? (Score:2)
IANAL:
Yes, that's an actionable cause. It's called Barratry [xrefer.com] in the past, now I think they use Harrisment by Process, or maybe "Corporate Attack Dog".
Only probing the address he made public... (Score:5, Interesting)
3150 almaden Expressway #234
San Jose
CA,95118
US
Domain Name: BAYTSP.COM
Administrative Contact, Technical Contact:
Ishikawa, Mark M (MI70) marki@BAYTSP.COM
Ishikawa,Mark
PO Box 1314
Los Gatos, CA 95031-1314
US
408-399-0600 408-979-7969
Record expires on 11-Jun-2004.
Record created on 11-Jun-1999.
Database last updated on 19-Sep-2002 16:19:51 EDT.
Hi Mark (Score:2)
anyone else?
Re:Hi Mark (Score:5, Informative)
Doesn't mean he was one, of course. He definitely used to be 'chief operating officer' of Infonent.com, Inc. His current fax is (408)979-7969... and an example of his current work is here [216.239.51.100].
Of course, he also gets mentioned in Sex Tracker [sextracker.com] press releases. He claims to be an 'anti-porn advocate' [dailyreviewonline.com], which is interesting, given the work he does protecting the valuable intellectual property of Cinnamonbunz, 'the largest collection of sexy, erotic models!' and Suze Randall the erotic photographer.
I wondered if this [lycos.com]had anything to do with him (if it does, he's got some nerve 'I hope you don't mind me taking a graphic from your homepage!') particularly given the reference to driving [toyotaatlantic.com] and the Skyline Blvd. address again. He works for an erotic photographer [ainews.com], amongst others.
Let's see what else; if that is him, he has a web page on AOL of all places [aol.com]
. Plugging that new information into Google we also get maki177@aol.com as a potential address; if you search Google for maki177, you discover 'makiboy' is an alias apparently used by whichever Mark Ishikawa this one is, and taking this chain of improbability to its logical conclusion we discover makiboy@hotmail.com, NYC Jock/Ballet Sissy [sexboards.com], and, last but not least, In Search Of... Men Seeking Men. [vwh.net] The last includes the interesting blurb, "would like to hear from or meet other trim, athletic guys, 18 - 30s, who enjoy footed nylon or lycra tights. Shiny lycra is best, but nylon is okay too, as long as the tights are footed."
Oh, and he lies to his ballet-loving pals about his age
Hey, makiboy, it's all publicly available information. Now you see why people don't go snooping - they might come to the wrong conclusion - if this is wrong?
Answers on a postcard please to:
"We lurve those tights!",
19020 Skyline Blvd.
Los Gatos, CA 95033
The small print: Half of this information is speculative, uncertain, and totally devoid of context. Don't think of it as fact. But it's a similar style to the information he'll use to report you to the cops - therefore, I would consider it to be poetic justice of a sort.
Did they move in, or move out? (Score:2)
3150 Almaden Expressway, Suite 234
San Jose, CA
Office, 4,537 square feet
$1.95 FS
6 privates, 2 conference room, kitchen, open area, divisible
1,882-2,655 sq. ft., monument sign, PLUG N PLAY
Avail. Now [borelli-inv.com]
"Probing His Open Ports...." (Score:5, Interesting)
public websites
Public information - Mark Ishikawa
http://www.toyotaatlantic.com/Team.asp?ID=43 - toyota racing team same cell #
Ishikawa, Mark M (MI70) marki@BAYTSP.COM
Ishikawa,Mark PO Box 1314
Los Gatos, CA 95031-1314
US 408-399-0600 408-979-7969
BaySpider BayTSP.com
Contact: Mark Ishikawa (CEO)
3150 Almaden Expressway #234
San Jose, CA 95118 USA
Phone: +1(408)979-7900
Fax: +1(408)979-7969
E-mail: sales@baytsp.com
World Wide Web: http://www.baytsp.com/
BayTSP.com Intellectual property protection: About BayTSP: Contact Us
15466 Los Gatos Blvd. Suite 109-368 Front Desk Fax Toll Free 1.877.9BAYTSP
Information Career Opportunities Investment Opportunities Sales Information Your
Thoughts spiderbites@baytsp.com
Phone # listing for Ihsikawa in CA
Results:
MARK M ISHIKAWA
LOS GATOS CA 95030
(408) 399-4361
Results:
MARK M ISHIKAWA
LOS GATOS CA 95030
(408) 399-4391
Results:
MARK M ISHIKAWA
LOS GATOS CA 95030
(408) 399-4571
http://www.clerkrecordersearch.org/
16346860 07/08/2002 1 RELEASE LIEN ISHIKAWA, MARK M (E) COUNTY OF SANTA CLARA TAX COLLECTOR (R)
16147701 03/08/2002 1 CERT AMOUNT DUE ISHIKAWA, MARK M (R) STATE OF CALIFORNIA FRANCHISE TAX BOARD (E)
16088662 02/01/2002 1 CERT AMT DUE ISHIKAWA, MARK M (R) COUNTY OF SANTA CLARA TAX COLLECTOR (E)
16088661 02/01/2002 1 CERT AMT DUE ISHIKAWA, MARK M (R) COUNTY OF SANTA CLARA TAX COLLECTOR (E)
15957939 11/13/2001 8 DEED OF TRUST & ASSIGN RENT ISHIKAWA, MARK M (R)
HOUSEHOLD FINANCE CORP CA (E)
14624059 01/28/1999 1 RELEASE LIEN ISHIKAWA, MARK M (E) FRANCHISE TAX BOARD (R)
14595929 01/13/1999 1 REQUEST FOR NOTICE DEFAULT ISHIKAWA, MARK M (R)
BARRETT, JOHN C (R)
14595928 01/13/1999 1 RELS TAX LIEN ISHIKAWA, MARK M (E) UNITED STATES (R)
14595927 01/13/1999 1 RELS TAX LIEN ISHIKAWA, MARK M (E) UNITED STATES (R)
14595926 01/13/1999 4 DEED OF TRUST & ASSIGN RENT ISHIKAWA, MARK M (R)
BARRETT, JOHN C (E)
A possible alternate email address for
Mr Ishikawa.
Mark Ishikawa
Los Gatos, US
marki@valuserve.com
Now I am not saying The above are all the same
Mark Ishikawa, but at least some mark ishikawa lives in santa clara county and seems to not pay his taxes.....
Oh where, oh where has my privacy gone???
We only probe public ports... (Score:4, Insightful)
A number of people have pointed this out. However, if this was a valid legal/ethical statement, then that would be the perfect justification for any electronic crime. A hacker says, "I wasn't doing anything illegal! I was only probing the ports that they made public!"
I like the argument in a way. It says, "Hey, I didn't go beyond my authorization to do this. Their site already had the authorization wide open for me to do this!" On the other hand, it can be used to justify anything.
Re:We only probe public ports... (Score:2)
The differenc being that when one leaves a port opened unintentionally they are not explicetely or implicitely inviting in unwanted "guests".
By using Napster, Gnutella or a slew of other P2P apps which open ports on your computer for sharing files, you are explicitely inviting guests, wheher wanted (other P2P file sharers) or unwanted (BayTSP spiders, FBI). You have knowingly opened ports on your system and allowed files to be shared. Even if you don't understand how P2P applications and networks actually work you aren't shielded from the responsibilities of having the files available to be illegally copied.
We only enter unlocked homes... (Score:4, Interesting)
If my mom flips a switch on OS X to allow personal web sharing, and doesn't understand that this means someone can traverse her iTunes library, then just because some guy can exploit that security breach doesn't mean that she violated the DCMA any more than someone who forgot their purse on a bench, and someone photocopied the book they found inside.
What a numbnut (Score:2, Insightful)
"Mark Ishikawa came to the data security business from the Dark Side"
Came from the Dark Side? Sold out to it more like
"So it is a precursor to this bad behavior"
So, by this logic, is owning a computer.
what happened to the Constritution? (Score:2, Insightful)
They read sites to check for possible coded messages. They scan computers for useful info and turn it over to corporations for suits and to law enforcement for arrest. Would have thought for sure to get those kinds of searches you'd need a warrant.
Oddly enough, on a related note, many of the tickets from the cameras at intersections have been thrown out because the systems were overseen/administered by private companies. Wouldn't this same tactic work against most legal actions based on info from BayTSP?
Re:what happened to the Constritution? (Score:2)
Thought we had a right to be considered innocent till proven guilty and a right to not be subjected to unreasonable search and seizures?
IANAL, but I'm guessing it's some kind of open door principle - e.g., that the police can arrest you if they can see a dead body in your house through an open door. If you're file sharing, you are by definition inviting people to examine the files you're sharing, and so don't have much right to say "but I didn't mean for BayTSP to see what files I was sharing, only everyone else on the planet."
Anybody who is a lawyer, please feel free to correct if I'm mistaken.
On a Publicly Accessible Server, It's Public (Score:2)
Maybe I'm just being silly but... (Score:3, Insightful)
Shouldn't they be getting in trouble themselves for either 1, downloading kiddie pr0n, or 2, compairing the images to a database collection of kiddie pr0n the've collected over the years?
I know, they are doing it for the greater good and are not redistributing kiddie pr0n but it still sounds funny...
Re:Maybe I'm just being silly but... (Score:2)
Maybe you meant to read the article?
"BayTSP tracks for the FBI the global carriage of kiddy porn. When a big child pornography bust takes place, it is generally on the basis of evidence gathered by BayTSP."
So, at some point, they need to possess child pornography. While the FBI cannot grant permission for a non-sworn officer to commit a crime (and even in those cases they have limited discretion, usually simple possession of controlled substances and the like), they most likely just have an understanding with the relevant District Attorney. The FBI chooses whom to arrest, and the DA decides which cases to prosecute, and they simply won't arrest or prosecute BayTSP because it's not in their best interests.
Re:Maybe I'm just being silly but... (Score:2)
Here in Boston, we just sent an FBI agent--name of Connolly--up the river for having "understandings" like that with some of the local wise guys.
Granted, they were into kneecaps, not kiddy porn, but I'm hard pressed to see the difference in principle--or law.
BayTSP is small potatoes (Score:4, Informative)
Age Old Search (Score:2)
Bet ya, they're looking for Jimmy Hoffa.
AT LAST! IT HAPPENED! (Score:2)
how to block baytsp (Score:5, Informative)
http://bitzi.com/lookup/ZYNHYUHEI3VQHUJTTT
or, if you want to do this yourself, here's the info:
209.204.130.0 netmask 255.255.132.0 (baytsp)
209.122.130.0 netmask 255.255.255.0 (baytsp)
the first block (209.204)seems to be the one they're using, my security manager shows 58 hits
there with none on the second block.
A better way of doing it? (Score:3, Interesting)
Would it be possible to redirect bayTSP to a different directory rather than blocking them? It seems to me that by blocking, you are just initiating a battle of blocking/moving to different ip address space and/or advanced techniques of getting past the block. If you can fool bayTSP with a trojan directory, it will return no copyright infringement here rather than blocked from access. This could slow down the implementation of counter-measures that are sure to happen.
Re:A better way of doing it? (Score:3)
2 security options, accept connexion or deny connexion.
they don't necessarily know that they are being blocked,
however. on gnutella, many clients don't have the option
of letting you browse a host's files like you can on kazaa.
even the clients that do let you do this (like shareaza),
it's configurable, so the user might simply have allow
host browsing turned off.
Misunderstanding of "the web" (Score:2)
"We have 100 percent coverage of peer-to-peer file sharing," Ishikawa claims. "If you are illegally sharing copyrighted materials, we know who you are."
I still don't understand how ISPs log P2P file sharing... that's usually not taking place over port 80. Do they log every packet? Probably not (although if so, it'd be fun to generate a lot of bogus packets with your extra bandwidth).
Re:Misunderstanding of "the web" (Score:3, Informative)
BayTSP breaking the DMCA? (Score:2)
It sounds like Ishikawa is trying to circumvent encryption by piecing a message back together into its original form against the wishes of the orginal owner and storing originals without persmission from the owner.
And what is this guy doing with this massive database of kiddie pr0n? Protecting the public? Yea, that's the ticket. Not buying any used keyboards from this guy. Yeech!
Port scanning? -- Not! (Score:3, Insightful)
Wisdom from my idiot landlady. (Score:2)
Gosh, maybe that's because they aren't there?
This one landlady we had when I was a kid told my Mom, "every time I bring groceries home, I turn the bags upside down over the sink and shake them to get the roaches out, and we've never had roaches!"
My Mom said "have you ever found a roach in a grocery bag?"
And the landlady said "No."
Deep wisdom there.
Only a few years ago (Score:5, Interesting)
Received: from out2.ibm.net [165.87.194.229] by in7.ibm.net id 935310503.141204-1 ; Sun, 22 Aug 1999 08:28:23 +0000
Received: from slip202-135-81-145.bg.th.ibm.net (slip202-135-81-145.bg.th.ibm.net [202.135.81.145]) by out2.ibm.net (8.8.5/8.6.9) with SMTP id IAA12758; Sun, 22 Aug 1999 08:28:16 GMT
Message-Id: <199908220828.IAA12758@out2.ibm.net>
From: (victim)
To: "marki@SBUSINESS.NET" <marki@SBUSINESS.NET>
Date: Sun, 22 Aug 99 15:28:12 +0700
Subject: You provide connectivity to criminal marketing fraud
TO: Mark Ishikawa, Coordinator, SuperBusiness
Dear Mark,
According to traceroute below, you provide connectivity to web1000.com, which operates a system of pornographic internet marketing frauds criminalized under the recent Virginia statute on UCE. They even advertise their webhosting service on the same webpage with the pornography. (I have record copies with me for future use.)
You are now on notice that you are a witting accomplice to web1000's criminal actions.
Please shut off connectivity to this fraud. If you continue to provide connectivity, the Virginia Attorney General can have your California corporate registration revoked for operating contrary to your charter (which is to conduct only legal businesses).
Kind regards,
(victim's signature block)
C:\>tracerte 216.49.10.14
0 bang1br1-tok1.ba.th.ibm.net (152.158.213.46) 187 ms 157 ms 187 ms
1 bang1br1-tok1.ba.th.ibm.net (152.158.213.46) 156 ms 157 ms 218 ms
2 sydn1br1.nz.ibm.net (152.158.248.2) 375 ms 313 ms 312 ms
3 lang1sr1-2-0-1.ca.us.ibm.net (165.87.224.14) 594 ms 500 ms 468 ms
4 lang1br2-ge-6-0-0-0.ca.us.ibm.net (165.87.32.181) 594 ms 468 ms 469 ms
5 sfra1br1-so-0-1-2-0.ca.us.ibm.net (165.87.232.41) 531 ms 500 ms 875 ms
6 sfra1sr2-5-0-0.ca.us.ibm.net (165.87.13.13) 531 ms 500 ms 500 ms
7 165.87.160.225 (165.87.160.225) 500 ms 500 ms 500 ms
8 12.123.12.222 (12.123.12.222) 500 ms 593 ms 500 ms
9 ar3-a3120s1.sffca.ip.att.net (12.127.1.149) 500 ms 562 ms 563 ms
10 12.127.196.94 (12.127.196.94) 593 ms 531 ms 532 ms
11 216.49.0.117 (216.49.0.117) 524 ms 532 ms 531 ms
12 www.webjump.com (216.49.10.14) 523 ms 532 ms 500 ms
C:\>whois -h whois.geektools.com 216.49.10.14
SuperBusiness NET, Inc. (NETBLK-SBN)
150 Almaden Blvd, Suite 500
San Jose, CA 95113
US
Netname: SBN
Netblock: 216.49.0.0 - 216.49.63.255
Maintainer: SBIZ
Coordinator:
Ishikawa, Mark (MI70-ARIN) marki@SBUSINESS.NET
+1 (408) 278-4400 (FAX) +1 408 346-0661
Maybe he got burned and that's why he's so anti-pr0n now.
See here [copacommission.org] for some of his congressional testimony.
EULA for Connections (Score:2)
I've been thinking about the DMCA and (Score:4, Insightful)
http://freenet.sourceforge.net/
http://www.rub
http://www.gnupg.org/
http://www.go
Also research on the SSL enabled IM clients and servers out there could lead to SSL enabled P2P. Good stuff.
Sounds perfectly reasonable to me (Score:4, Insightful)
This is so stupid.
You're illegally sharing files (I'm not here to debate whether it's right or wrong.. merely that it IS illegal), making them available to be downloaded by complete strangers anywhere in the world. And then you complain that it's possible for someone to find out that you're sharing them!? Get a grip people.. what did you expect was going to happen? Whining about "port probing"... what do you think the file sharing software does when it queries your computer? They probably just reverse engineered the query protocols.
There will be some high profile arrests, and it will probably cut down on some of the most flagrant sharers. People will still share files, and if the environment becomes more hostile to them, it will simply drive file sharing underground, to private FTP sites and the like, where it has always been, and always will be.
--
They said FUD was bad, so I started spreading DUF.
Eight or nine years????!! (Score:2)
HuuuuuuuuuuHHHHH? (Score:3, Interesting)
BayTSP tracks for the FBI the global carriage of kiddy porn. When a big child pornography bust takes place, it is generally on the basis of evidence gathered by BayTSP.
HUH? What, EXACTLY, is the legal basis for BayTSP to search for and to hold Kiddie Porn? How is it that they are exempt from these laws?
Only sworn law enforcement officers should be permitted to perform this evidence search and digital duplication(collection). Contractor personnel are not subject to that very necessary body of laws that deal with "Abuse Under Color of Authority".
where is Martin Luther King when you need him? (Score:5, Interesting)
"It's a very flawed piece of legislation," says Ishikawa, who predicts that the government will rewrite the copyright law again "in eight or nine years" to correct the mistakes in the DMCA. But until then, the DMCA is the law of the land, and Mark Ishikawa is the Internet's top cop.
Mark Ishikawa feels that the DMCA is flawed wrt the conveyance of encryption information. Yet his company helped put Dimitry behind bars for many months, keeping him from his family and threatening to put him away for the rest of his life.
If he didn't do it because he believes in the legislation, then Ishikawa's motivation for helping Skylarov arrested must have been purely money. Ishikawa took half of a year of a man's life for simple cash.
I was going to feel bad that this copyright-enforcer was recieving death threats, until I realized what he had done to a foreign family soley in the interest of money. Where is the heroism? Where is the spine? "Oh, that part will be fixed later, I'm sure." Nothing happens on it's own, buddy. You of all people are in the best position for a little... nonviolent protest.
Of course he won't do that: money and success are demanding mistresses. We just shouldn't feel bad for this person, whatever reprocussions his actions bring down upon him.
-C
An analogy (Score:4, Interesting)
Isn't that like saying, "we only searched houses of people who left their front door open"?
Where I'm from, leaving your front door open is a public invitation for neighbours and friends to knock and come in, but police and investigators still don't have the right to come in and search my house without an invitation or a warrant. Also, if someone came in and stole my TV while I was busy in the kitchen, they would still be a criminal. Of course, if they just listened to a few of my CDs and left, that probably wouldn't bother me too much.
Pegging the Hypocracy Meter (Score:5, Interesting)
"Why not go after the violators instead of taking away everyone's fair use rights?"
This is a reasonable response. Clearly the DMCA is bad because it takes away both fair use and certain forms of free speech that have never previously been banned. On the other hand, widely distributing copies of copyrighted material without the owner's permission is also not right in most people's minds (I realize that there are those who disagree with this).
So, we have an entity who is trying to go after the offenders (and primarily just the big ones), and many people here are criticizing it as some kind of evil activity. This seems pretty hypocritical.
In the past, the coexistence of copyright and fair use has worked because of the balance that existed between the allowing of petty violations (things like making a tape of a record for a friend) and the enforcement of big time content pirates.
The popularizing of the internet has allowed the many petty violations to become far-ranging, and hence the balance has been upset to some degree. As a result, the content providers' response has been to enact the DMCA, which has been bad all around because it attempts to eliminate fair use and petty violations but does little to stop big time piracy.
This company (BayTSP) is attempting to restore the balance by helping to ferret out larger pirates on the internet. If this works, it could actually provide justification for softening the overreaching DMCA by restoring the balance of petty and big time copyright infringement that existed under traditional copyright law.
Re:Pegging the Hypocracy Meter (Score:5, Insightful)
This guy is obviously not just in the business of going after people who illegally distribute music or movies. That has nothing to do with the DCMA, its a copyright crime, and if he can make a buck off of it, thats great.
The problem with this guy is that he is going after people like Dmitry Sklyarov and others who are breaking the DCMA, and by doing so he is contributing to the indocrination of that law, which is bad for all. Basically, he's back for more cash - taking advantage of an unjust law while it lasts.
As a result, the content providers' response has been to enact the DMCA, which has been bad all around because it attempts to eliminate fair use and petty violations but does little to stop big time piracy.
The DMCA is *not* about priacy. It is about breaking security. Napster and its friends are not about encryption or security, they are about copyrighted materials. Two very different things. Like I said, if this guy wants to go after copyright pirates, he can do it, with my blessing even. I'm pissed about him going after people that do nothing more than talk about security concepts for any number of reasons: academic knowlege, improvement of security, etc..
Everyone seems to forget that copyright piracy was on the books long ago. The DCMA is the new evil that threatens to put any one of us in jail for describing how to watch our own DVDs on our own laptops.
84% of us are guilty. (Score:4, Interesting)
Of course not, but what if people intentionally didn't apply the patch, and others created handy software to exploit the hole, so by tacit agreement you share in this 'non-intentional' way. Now don't you think they'd go after everyone?
Because that's basically the same as leaving ftp access open...
They better be carefull... (Score:3, Interesting)
Sentences include jail time. They may think what they are doing is nice and legal, and it may be for people in America, but how are they to know if I am in America or Australia? I bet they don't check the IP ranges and where they reside before running port scans.
Tut Tut you evil crackers of doom
Re:Mirror please. (Score:5, Funny)
Well, We only probe(d) the ports on your computer that you have made public.. .i.e, port 80.
Okay, you can mod me down now.
Re:Mirror please. (Score:2)
(We should all probably firewall at least the
By the way, did anyone else notice that their DNS server is snitch.production.baytsp.com.? At least they're honest!
you would think that ISP's would cut them out (Score:3, Interesting)
after all Acceptable Use means that I cant go port scanning why the hell should they ?
and they use all the bandwidth and after all if your a telco you PAY for the amount of data
regards
John Jones
Re:ACK! (Score:2, Informative)
What I'd like... (Score:2)
Now watch carefully to see if they download anything from your computer. In particular, make your P2P server a honeypot with bogus MP3s.
Re:I think they should collect data (Score:2, Funny)
ahhhhh, goatse, truly a classic for the ages.
Re:Bayesian error (Score:2)
right because 95% of computers have kiddy porn on them...
ha-ha! (Score:2)
Re:One way to fix it... (Score:2)
Re: (Score:2)
Re:FIX THE FLAG ICON (Score:2)
Re:FIX THE FLAG ICON (Score:2)
Made movies. Dead now.
-l
Re:FIX THE FLAG ICON (Score:2)
pool (Score:2)
Re:eh? (Score:2)
Re:Break and Enter? (Score:2, Insightful)
If you start providing a service to the public (paid or free), anyone may walk in, take a look around and even sample the free goods. (Unless you specifically ban them.)
This is exactly what they are doing... stepping into your front door to interact with your service to find out information about your activities. When there is a public access to your property, you can't turn around and claim privacy... you can, it just isn't going to work.
If they took the next step and took advantage of a flaw in your service to do damage to your computer or goods, this would be the equivalent of taking a baseball bat to a china shop, which is the wrong thing. If you crack in your store window or on your store shelves, you can't seriously claim your rights were violated when you get nailed.
Re:Open Ports (Score:2)
So that's what those odd animal noises were from - phorm
Re:im not going to comment on this (Score:3, Insightful)
You go on to, say, gnutella. By searching gnutella, your computer reveals to other computers that your computer has something speaking http running on port 80 that is likely sharing files.
They go and look at those files.
They have not 'hacked' into anything.
They go and search for files the same way every other file searcher does, though perhaps they use some custom software, and then they keep a record.
IT makes perfect sense.