Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Microsoft Piracy Your Rights Online

Microsoft-Funded Startup Aims To Kill BitTorrent Traffic 601

TheGift73 writes "The Russian based 'Pirate Pay' startup is promising the entertainment industry a pirate-free future. With help from Microsoft, the developers have built a system that claims to track and shut down the distribution of copyrighted works on BitTorrent. Their first project, carried out in collaboration with Walt Disney Studios and Sony Pictures, successfully stopped tens of thousands of downloads. Hollywood, software giants and the major music labels see BitTorrent as one of the largest threats to their business. Billions in revenue are lost each year, they claim. But not for long if the Russian based startup 'Pirate Pay' has its way. The company has developed a technology which allows them to attack existing BitTorrent swarms, making it impossible for people to share files."
This discussion has been archived. No new comments can be posted.

Microsoft-Funded Startup Aims To Kill BitTorrent Traffic

Comments Filter:
  • Good! (Score:5, Insightful)

    by Anonymous Coward on Sunday May 13, 2012 @02:33PM (#39987967)

    Actually, this is good. Bittorrent is a great protocol, but it can be improved in many ways. Something like this is likely to fix that (legal attacks won't).

    • Re:Good! (Score:5, Insightful)

      by kheldan ( 1460303 ) on Sunday May 13, 2012 @09:43PM (#39991055) Journal
      Truth. Do they really think that anything they do is going to stop people from filesharing? I don't think anything short of dragging suspected filesharers out into the middle of the street and brutally murdering them for all eyes to see is going to deter anyone, and of course that's not going to happen. New ways to fileshare will evolve, and they'll go broke trying to stop it. In all seriousness winning the hearts and minds of everyone would stop it, but the MPAA/RIAA lack what is required to accomplish that.
    • Re: (Score:3, Insightful)

      by joocemann ( 1273720 )

      These attacks are illegal under US law and Microshit conspiring to fund it is only asking for serious fines/injunctions.

  • Protocol encryption? (Score:5, Interesting)

    by zerothink ( 1682450 ) on Sunday May 13, 2012 @02:35PM (#39987987)
    And what about http://en.wikipedia.org/wiki/BitTorrent_protocol_encryption [wikipedia.org] ? It is turnrd on by default in most bt clients and I seriously doubt they can detect what content is distributed over encrypted bt connection ...
    • by Anonymous Coward on Sunday May 13, 2012 @02:45PM (#39988081)

      This service doesn't appear to be listening into BT chat between two parties. It is joining existing swarms and spreading misinformation to the swarm to confuse clients into halting their downloads.

      • by CodeBuster ( 516420 ) on Sunday May 13, 2012 @11:43PM (#39991619)
        It should be possible to alter the existing protocol so that hosts are trusted, or ranked if you will, by the number of "good" packets they deliver to other hosts. This should include a voting protocol whereby bad or malicious hosts, like Pirate Pay, can be "voted off the island" as it were. Obviously there are details to be worked out, but it probably can (and will) be implemented if Pirate Pay persists with their "gum up the works" strategy.
      • poisoning (Score:5, Insightful)

        by dutchwhizzman ( 817898 ) on Monday May 14, 2012 @12:24AM (#39991801)
        You can try and poison a torrent, but you'll get blacklisted by other seed members once the checksums don't add up. With the current amount of IPv4 addresses in the state it is, you can't get unlimited addresses anymore, so it's only a matter of time before your netblocks will be globally blocked by bittorrent clients. Sure, it's an arms race, but one that will keep them very busy and with very limited results.

        Mind you, that's with current technology already.Once BitTorrent clients will get exposed to poisoning more, I'm fairly certain mechanisms to mitigate that will become far more effective.
  • Peer ban hammer (Score:5, Informative)

    by Rik Sweeney ( 471717 ) on Sunday May 13, 2012 @02:37PM (#39988009) Homepage

    "The company doesnâ(TM)t reveal how it works, but they appear to be flooding clients with fake information, masquerading as legitimate peers."

    All it would take is for a client to verify to data in the chunk (probably by it's MD5 or SHA), and if it's busted then try and download it again from the same peer. If it fails the second time then just ban the peer.

    But I imagine they already do this, don't they?

    • Re:Peer ban hammer (Score:5, Interesting)

      by JoeMerchant ( 803320 ) on Sunday May 13, 2012 @02:50PM (#39988125)

      "The company doesnâ(TM)t reveal how it works, but they appear to be flooding clients with fake information, masquerading as legitimate peers."

      All it would take is for a client to verify to data in the chunk (probably by it's MD5 or SHA), and if it's busted then try and download it again from the same peer. If it fails the second time then just ban the peer.

      But I imagine they already do this, don't they?

      I never looked deep into BitTorrent protocol - I did examine Gnutella/Limewire, and you might be surprised just how horridly lame and insecure that protocol was. BitTorrent is the next generation after Gnutella, I assume it's better, but I doubt it's the last word in P2P.

      The value of P2P is in the user pool, the protocol can be tincans on strings and it is still an impressive and valuable resource.

      Pirate Pay is aiming to piss in the user pool, forcing the issue of trust... I assume that will be addressed now.

      Some thoughts [mangocats.com] from, oh, maybe 10-15 years ago on the subject.

      • Re:Peer ban hammer (Score:5, Interesting)

        by LordLucless ( 582312 ) on Monday May 14, 2012 @01:03AM (#39991953)

        BitTorrent is a really nice, elegant protocol (I wrote a client for it once), but the designer's criteria are likely not that of the current users. Bram Cohen was trying to design a protocol for a publisher with limited resources to publish to a lot of consumers. There was resilience baked in, but only for stuff like data corruption over the wire. All the stuff to protect against intentionally-poisoned torrents, decentralization (trackerless torrents), anonymity and encryption have been retro-fitted, generally by third parties, and through informal consent to a standard among the various client devs.

    • Re:Peer ban hammer (Score:5, Insightful)

      by cgenman ( 325138 ) on Sunday May 13, 2012 @04:24PM (#39988967) Homepage

      "The company doesn't reveal how it works, but they appear to be flooding clients with fake information, masquerading as legitimate peers."

      In the US, this type of behavior in other circumstances is regarded as network intrusion and is considered illegal hacking. What makes this legal? The target also engaging in illegal activity?

    • Re:Peer ban hammer (Score:4, Interesting)

      by rabtech ( 223758 ) on Sunday May 13, 2012 @06:16PM (#39989793) Homepage

      All the major BitTorrent clients already do this, at least with the data chunks. If a certain peer fails more than a few hash checks it is permanently banned.

      A lot of peers also support dynamic block lists that use known lists of media companies and groups like the one mentioned in the story. The client will periodically download the list and block any traffic from those IPs.

      I couldn't find any technical detail but I assume they are injecting fake data in the initial hash exchange. With the magnet link system all you have is an initial hash and you use peer discovery to find someone in the network who knows what files (and associated hashes) that magnet link hash is associated with (the bit torrent info header from a .torrent file). As far as I know it is using SHA1, although older systems used MD5 in which case you could fake an info reply with crap data that passes the hash, tricking the client into claiming it is an invalid download. But with SHA1 it doesn't appear to be feasible to do on demand, but I wonder if they are using some sort of massive lookup table to do the same sort of poisoning attack? Seems unlikely. It also seems you could use the same logic from file chunks - send the magnet link hash to several peers and if some peers consistently give a failure block them.

      Another potential weak point is peer exchange... If you pretend to be a valid peer but inject just enough of your own corrupted peers in the list (and/or just flood the list with slow responders, etc) you may be able to significantly delay the download or even stop it. For example, have your poison peers hand out correct file chunks at high speed (to get preferred) but make sure that none of them hand out certain crucial chunks or all respond extremely slowly for them. Your client could end up with a peer list mostly of the poison peers and find that it just never seems to finish the download, though it gets to 97% OK.

  • For ISPs to use? (Score:4, Interesting)

    by GameboyRMH ( 1153867 ) <gameboyrmh@@@gmail...com> on Sunday May 13, 2012 @02:38PM (#39988019) Journal

    I assume this software is meant for use on ISP equipment, because otherwise what they're claiming seems totally impossible.

  • by Anonymous Coward on Sunday May 13, 2012 @02:38PM (#39988027)

    Which will result in increased private trackers, whichever flavor of megaupload is coming down the pipe, expanded usenet, encrypted file contents, etc etc. I have yet to see any attempt by content holders cause any more than a minor hiccup in the download stream. Oh, wait, I have seen one - I haven't downloaded a song since iTunes began allowing me to get DRM free songs through their service.

  • by multicoregeneral ( 2618207 ) on Sunday May 13, 2012 @02:39PM (#39988037) Homepage
    This isn't the first time they've tried to disrupt file sharing. First, they added whitespace to music files. And that mostly killed Kaza. There has been file sharing since Kaza. Every time there's an iteration like this, the technology evolves, and the previous methods to stop illegal sharing are rendered useless. Honestly, I think this whole business is more of a fetish, or compulsive fascination with file sharing on the part of the old guard, than a solution to any actual problem.
    • Honestly, I think this whole business is more of a fetish, or compulsive fascination with file sharing on the part of the old guard, than a solution to any actual problem.

      Sticks and stones may break my bones -
      But protocol poisoning excites me.

      Twisted fucks....

  • by Cito ( 1725214 ) on Sunday May 13, 2012 @02:40PM (#39988043)

    Downloaded the blocklists for Pirate Pay as well as the antip2p blocklists.

    I tested on a poisoned swarm that had listed 5000 seeders (which were mostly mediadefender and pirate pay poisoners)

    Peerblock dumped over 4500 of the poisoned seeds from the torrent by blocking them and my torrent speed went from 20K/s download to 2500-3000K/s download

    So for companies like this I highly recommend picking up Peerblock and getting some blocklists, especially the antip2p blocklists.

    http://www.peerblock.com/ [peerblock.com]

    Never ever again have problem with companies like Mediadefender or PiratePay and their ilk.

    • by Cito ( 1725214 ) on Sunday May 13, 2012 @05:32PM (#39989489)

      For those wanting the actual blocklists to use with their torrenet client, Peerblock, linux blocking program such as nfblock

      or whatever program you use

      here are some blocklists some updated multiple times per day unlike what trolls may say

      Go here: http://www.iblocklist.com/lists.php [iblocklist.com]

      copy and paste the "Update URL" into your blocklist program of choice, Peerblock for windows, Nfblock for linux, or add them to your firewall, since it's a simple text based list of ip's updated throughout the day and at least daily.

      They do contain the PiratePay ip's and tons of other antip2p ip's since the ip blocks owned by all the companies are public information listed by Arin.net for the most part.

      So if you don't want to use peerblock but some other ip blocking program get all your blocklists here: http://www.iblocklist.com/lists.php [iblocklist.com]

      And yes it blocks Pirate Pay and all torrent poisoning companies, you will see poisoned torrents seeders drop from astronomical 2000+ seeds (mostly poisoners) down to the real numbers and your torrent speeds will increase since your client is no longer trying to download from poisoners.

  • by Red Herring ( 47817 ) on Sunday May 13, 2012 @02:41PM (#39988047)

    They can spend lots and lots of $$$, effort, and time trying to make it harder to get access to content that people want... ... or, they could just make the content available for a reasonable price in a timely manner. But I guess that takes too many brain cells.

    And why is MSFT so interested in making their platforms less useful for consumers? As a stockholder, I'd like to see them quietly funding 'legitimate' sharing sites to make the Windows OS the preferred content consumption platform, rather than keeping me from getting what I want.

    http://theoatmeal.com/comics/game_of_thrones

    • by fuzzyfuzzyfungus ( 1223518 ) on Sunday May 13, 2012 @03:03PM (#39988277) Journal
      I get the impression that WMDRM (in its ill-starred public appearance as 'playsforsure') was intended to be exactly the strategy you describe: a multiple-vendors-as-long-as-they-run-windows 'interoperable DRM' ecosystem of media sellers and DRM-blessed devices that would work with one another so long as the PC bringing them together was a Microsoft one...

      Since that didn't end up working out so well, they seem to have gone the route of more overtly sucking up to the content guys. Whether this is because they just really don't want to see the Wintel platform get locked out of the fancy new blu-rays and so forth or whether they see themselves and Hollywood as having the same long-term architectural interest in building platforms that make paying for digital goods non-optional isn't clear to me.
  • by wmbetts ( 1306001 ) on Sunday May 13, 2012 @02:44PM (#39988075)

    I don't pirate movies, music, or software, but I'd be more than happy to try and figure out how to stop this. I haven't looked into it much, but I will. I seriously doubt it'll be hard to combat them, but it'll be fun figuring it out.

  • Legal? (Score:5, Informative)

    by Zaphod The 42nd ( 1205578 ) on Sunday May 13, 2012 @02:51PM (#39988135)

    “We used a number of servers to make a connection to each and every P2P client that distributed this film. Then Pirate Pay sent specific traffic to confuse these clients about the real IP-addresses of other clients and to make them disconnect from each other,” Andrei Klimenko says.

    If they're attacking computers without authorization, they're in breach of all kinds of criminal law. It doesn't matter if those computers are participating in infringing or not. Sounds all kinds of illegal, at least in the US.

    • Re: (Score:3, Funny)

      by snookiex ( 1814614 )
      In Soviet Russia the servers hack you!
  • by drwho ( 4190 ) on Sunday May 13, 2012 @02:52PM (#39988157) Homepage Journal

    If riaa/mpaa whomever attempts this on torrents for my legitimate content, I'll track them down and file charges for denial of service.

  • by fuzzyfuzzyfungus ( 1223518 ) on Sunday May 13, 2012 @02:55PM (#39988181) Journal
    Remind me again when performing DoS attacks against 3rd party servers became legal?

    The assorted ISP-based 'filtering' stuff is obnoxious; but quite possibly legal under the 'we do whatever we want, cry about it' clause under which consumer ISPs customarily operate.

    However, if the (rather vague) description provided by this startup outfit is to be believed they are spoofing bittorrent peers and sending some sort of specially crafted misinformation in order to bring communication between multiple 3rd-party systems to a halt. That certainly looks like a DoS attack, if probably a smarter-than-brute-force one. Even if there were actually some standard of proof being applied to determine that the target swarms are in fact 'infringing', vigilante justice is generally not all that legal. Without any such standard, this is a case of a couple of studios hiring some skeezy Russian outfit to perform denial of service attacks against who knows who in support of their bottom line.

    I understand that the law isn't really supposed to apply to people who matter; but surely a felonies-for-hire business model presents some degree of risk to those who go shopping for their services, no?
    • by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Sunday May 13, 2012 @04:43PM (#39989103) Homepage Journal

      Remind me again when performing DoS attacks against 3rd party servers became legal?

      When the RIAA and MPAA became branches of the US government. Some say this was under Clinton, some say Bush Sr, some say Obama, truth is, all of them contributed

  • by jholyhead ( 2505574 ) on Sunday May 13, 2012 @02:57PM (#39988199)
    An anti-piracy startup in Russia? Cue the sound of kneecaps being broken in 5...4...3...2...
  • by moderators_are_w*nke ( 571920 ) on Sunday May 13, 2012 @03:01PM (#39988253) Journal

    These are awful business models. Their content is all available for free on Bitorrent. They can't possible expect people to pay for content they can get for free.

    So they're all a dismal failure, right? Well no. They're actually doing pretty well. There is a simple way to reduce piracy, make the content available at a good price on demand so that it's just as wasy to get it legally. Most people don't actually mind paying for content, they just don't want to drive to the store to buy a disc to watch a film.

  • by jimmyfrank ( 1106681 ) on Sunday May 13, 2012 @03:06PM (#39988297)
    I use to watch lots of movies using Amazon, Netflix, buy my own, and other sources. Now I just don't watch movies. Netflix stinks and when I want to watch something on Amazon it's usually a 48hour pre-release rental. Ugh, no, I'd like to watch it now, thanks. I decided the easiest thing to do was just not watch anymore. I listen to lots of music and purchase lots of music because Google Play makes it friction-less. I also read a ton now. I doubt that's the goal of the MPAA but they make it to damn difficult.
  • by whizbang77045 ( 1342005 ) on Sunday May 13, 2012 @03:11PM (#39988379)
    Ignoring some of the technical arguments, Microsoft would appear to be at a disadvantage here. They are the open, public company, who can readily be prosecuted and/or sued. Hackers are the unknown, harder to find individuals/groups, who will be harder to prosecute or sued.

    In attacking BitTorrent, Microsoft is attacking a protocol, which may or may not contain something illegal. When they disrupt a valid download, it is they who will be in the wrong, and it is they who can potentially be the target of legal action (assuming they get caught). They are also attacking a group (hackers) known to fight back in ways that are difficult to detect.

    If Microsoft can target BitTorrent downloads, then hackers can look for flags which indicate Internet traffic originated from a Microsoft program, and target it. If that happens, it won't be long before Microsoft products become known for their inability to function reliably over the Internet (some might argue that this is already true, but I'll ignore that possibility). Yet the individuals/groups Microsoft would have to identify are much harder to find, and thus much more difficult to prosecute or sue.

    I believe this is a very foolish act, perhaps and act of despiration, on Microsoft's part. It doesn't appear likely to work very well, and is likely to make them a target.; Moral: don't start wars you aren't likely to win.

    • In attacking BitTorrent, Microsoft is attacking a protocol, which may or may not contain something illegal.

      Not only that, but the protocol is often used to download fully legal software that competes directly with Microsoft's products. I used BitTorrent to download the last three releases of Ubuntu.

  • by KreAture ( 105311 ) on Sunday May 13, 2012 @03:30PM (#39988537)
    The problem being the actual content owners refusing to distribute their goods in a modern way without it being a backwards and abusive method to ensure as much forced advertisement-watching as possible while at the same time allowing them to know exactly what has been watched, where and when. Ideally segmenting the market into nice chunks so that they never compete against eachother or different versions of their own product and making sure their franchising merchandise is in the right shelves at the time of availability in every little slice of pie.

    Again they embrace a way of attacking the actual network without discriminating between legal and illegal use of it.
    Distributing copyrighted material via bittorrent is NOT a crime, assuming the content owner is doing it or in some way approves of it being done. It's no different from putting copies of your product on a truck, assuming again that you would want to.

    I think we should start sending false traffic-announcements, swap roadsigns and pave false roads going to nowhere in an attempt of obfuscating the road network all over the entire world. This is ofcource to prevent thieves, smugglers of lewd and illegal goods as well as well as drunk-drivers and other highway-killers from reaching their homes, customers and/or victims. Since all highway killers (due to road accidents) are using the roads to do it, we can eliminate all these deaths by preventing everyone from using the roads. It has just as much merrit as other attacks on infrastructure, although not as clearly claimed cash proffit. (I say claimed cash proffit as any test with free candies outside a store will tell you that giving away 1000 free bonbons is not ammount to 1000 less sold in the store. Someone should really test this and I would encourage them to do so.)
  • by J'raxis ( 248192 ) on Sunday May 13, 2012 @03:33PM (#39988567) Homepage

    The BitTorrent protocol will be reworked to neutralize this crap, but in the meantime someone gets to make an awful lot of money selling ultimately worthless software to the *AA clowns. BitTorrent is made stronger, the MafIAA has a little less money, and someone else profits handsomely at their expense.

    Win-win all around.

  • by Karmashock ( 2415832 ) on Sunday May 13, 2012 @04:20PM (#39988939)

    Well, on the bright side it means a bunch of Russian programmers get to pocket some money from clueless Americans and giggle as their efforts have zero impact on the situation.

    This has been going on since Napster. The exact protocol or technology isn't the problem. If they kill bittorrent, which is unlikely, how many other competing systems are there in the wings that will fill the gap? I can think of five would be successors to bit torrent that would become a big thing overnight.

    The problem isn't the presence of this technology its failing to offer viable video on demand services for your content online at reasonable rates.

    Most people were used to not paying anything BEFORE piracy. What did people pay for television? Nothing. You ignored the ads and the tv was free. Even if you had cable which most didn't the cost was fairly nominal for the basic package. And as to DVDs, wake up... blockbuster and the other video rental stores have died. THAT should tell you something.

    Accept it. The DVD is dead. Embrace video on demand and understand that you can't charge DVD prices for it.

    Hulu was a great idea but you keep starving it. Put ALL your content on it. If you want to keep the brand new stuff off it, fine. But give it everything else and make the service ad supported.

    If you can't make that work as a business model then your whole industry is doomed. Make it work.

  • by erroneus ( 253617 ) on Sunday May 13, 2012 @06:03PM (#39989695) Homepage

    Does anyone remember Vista? Do we remember why it sucked so badly? I do. It had quite a bit to do with Microsoft trying to appease the demands of the music and movie industries. It resulted in a ridiculously slow and bloated OS that couldn't even run on the newest hardware.

    And does anyone remember what Microsoft's vision did to Nokia? I do. Nokia is still in its death throes but it's dead. Microsoft still doesn't understand that the people don't love them... that, in fact, the people mock them and hate them. And Nokia was a respected and loved brand. Even though their own attempts at the smart phone were unsuccessful, they were inches from giving up and making an Android phone which would have been only as good as the others with the old, respected, Nokia brand. Microsoft combined Nokia's struggle with the hatred of the people to create a poison which has killed Nokia.

    And now Microsoft wants to play with big entertainment AGAIN?! Really?!

    Well, if we crave entertainment, I dare say we will have it... at Microsoft's expense. Even giants like Microsoft can die of a thousand cuts and failures.

Your good nature will bring you unbounded happiness.

Working...