*
*
*
*
*
*
* Subscribe
* Renew
* Give a Gift
* Change Address
* International
* Questions
*
*
*
* Cars 2.0
* Culture
* Entertainment
* Gadgets
auto insurance more Gaming
* How To
* Med-Tech
*
*
* Politics
* Science
* Software
* TechBiz
* Commentary
* Multimedia
* Wired Insider
*
*
*
* All
* Autopia
* Beyond the Beyond
* Compiler
* Danger Room
*
* Epicenter
* Gadget Lab
* Game | Life
* GeekDad
*
*
*
* Listening Post
* The Underwire
* Threat Level
* WIRED Science
*
*
*
*
« GAO Wants to Test Controversial Florida Voting Machines | Main |
Jurors Schooled in Techno Speak in Nation's First RIAA Copyright Case
»
RIAA Rips Defendant in Nation's First Filesharing Jury Trial
============================================================
By David Kravets EmailOctober 02, 2007 | 7:51:28 PMCategories:
Copyrights and Patents, RIAA Trial
Sketch1mg_0259_web
DULUTH, Minnesota -- Is 30-year-old Jammie Thomas of Minnesota also a
Kazaa user named Tereastarr, who allegedly downloaded and shared
copyrighted music?
The Recording Industry Association of America says she is, making her
liable for perhaps millions of dollars in damages in the first RIAA
copyright case to go to trial. The recording industry lobbying arm
first adopted its zero-tolerance piracy policy and began suing
thousands on infringement allegations four years ago. The bulk of the
cases have settled, been dismissed or are pending.
According to testimony here Tuesday, Tereastarr is the username that
Thomas uses on Match.com, on her e-mail addresses, and on web site
logins . The RIAA put on compelling evidence that the Tereastarr on
the Kazaa filesharing network, who allegedly shared 1,700 digital
music tracks, is also Thomas, a Native American single mother of two
who works as an administrator at a nearby tribe here.
The RIAA's witnesses testified that the internet protocol address
assigned to Thomas by her ISP the night of Feb. 21, 2005 was the
source of the shared songs on the Kazaa network. The RIAA also put on
evidence that the cable modem used that night was registered to her.
Also, the username of Tereastarr was logged into Kazaa using that IP
address and modem that evening, according to testimony. And the RIAA
points out that Thomas had her computer hard drive replaced some time
before turning it over in evidence.
"She gave that to us so our experts could inspect it," RIAA attorney
Richard Gabriel told jurors.
But will nine of 12 federal jurors, all that is needed, vote to find
Thomas liable for copyright infringement and as much as nearly $4
million in fines? Regardless of all the expert testimony and the
forensics, the industry cannot demonstrate that Thomas was physically
at the computer that evening in question.
"Did you people actually observe defendant infringing?" defense
attorney Toder asked Jennifer Pariser, Sony BMG's anti-piracy chief,
who took the stand for about 90 minutes.
Pariser did not directly answer. streetwear clothes very clear to us ...that she
infringed our sound recordings," she testified.
Tracks by Janet Jackson, Green Day, Guns 'N Roses, Journey, Destiny's
multiple insurance quotes and others are at issue in the case. The industry is basing its
lawsuit on 25 shared files, although Tereastarr allegedly distributed
as many as 1,700 songs.
Jurors motorcycle insurance convict perverts for downloading child porn based on the
same type of forensic evidence being produced in the Thomas case here.
This case might answer whether civil jurors hearing that type of
evidence will find an internet user liable for copyright violations.
During jury selection, panelists did not appear computer savvy.
Five of them said they have a digital music player. Only three knew
where they got the music for it -- from iTunes. One juror, a
construction foreman, said he had never been on the internet. A
potential juror was excused from the pool when she said she had used a
peer-to-peer site to download copyrighted music.
Here in Duluth, the weather began cloudy and balmy and turned into a
light drizzle as the day wore on. The federal court gallery had about
two dozen people, many students, journalists and attorneys huddling in
a cement-block courtroom.
Those in the gallery, in the church-style wooden seats got a glimpse
into the policing mechanism of the RIAA, which contracts with internet
forensics group Safenet. Weaver, its director of operations,
testified that Safenet investigators actively pursue people on file
sharing sites.
The company downloads unauthorized music, makes screen shots of the
downloaded files and notes the source internet protocol address. The
company also looks at what else the user playing cards promotional sharing. "We find a user,
we look at songs in the share folder," Weaver testified.
The third RIAA witness was David Edgar, manager of the internet
security department of Charter Communications, Thomas' internet
service provider. Edgar testified that the IP address identified by
Safenet was assigned to Thomas at the time. He said the company
received a subpoena by the RIAA concerning the IP address and turned
over her information.
"The name of the Charter subscriber account was Jammie Thomas," Edgar
testified.
On cross examination, Thomas' attorney, Toder, suggested that perhaps
Thomas owned a wireless router, which a third party might have
hijacked from "right outside her window."
"A neighbor could do it too, right?" he asked Edgar.
"Yes," Edgar replied.
But testimony from another RIAA witness sought to counter that
defense. Iowa State University computer forensics specialist Doug
Jacobson claimed that speculation over a wireless internet connection
used by roving marauders was unfounded.
"There was no wireless router used in this case," he testified.
The Charter IP address identified the night of the downloading was
24.179.199.117, according to testimony from Edgar and Weaver. Had a
wireless router been used, the internal private IP address assigned by
the router would also have been detected by investigators, he claimed
-- likely beginning with 192.168.
Jacobson is expected to resume the witness stand here Wednesday
morning and be followed by music industry insiders and Cary Sherman,
the former RIAA chief. Thomas is also likely to take the stand in her
own defense on Wednesday.
Those suing Thomas, who are RIAA members, include: Capitol Records,
Sony BMG, Arista Records, Interscope Records, Warner Bros. Records and
UMG Recordings.
---
Image: In this courtroom sketch, defendant Jammie Thomas (far left)
watches her attorney Brian Toder cross examine Mark Weaver, a director
of operations at peer-to-peer policing firm Safenet. (Wired News/
Cate Whittemore)
Click for full size image
Reddit It | Digg This | Add to del.icio.us
Advertisement
Wow... Maybe when the RIAA stops spending all of their money going
after people that download music they could focus on working with
cheap house insurance to make the process more difficult. I know that people say
any security that can be coded can be cracked (even with a magic
marker, yea Sony way to spend a few million), but at least when the
security technology changes it takes some time for a "crack" to
appear. And when it does it is mainly used by the more tech savvy
until a simpler way is available.
Posted by: None | Oct 2, 2007 6:51:58 PM
The IP address the night of the downloading that allegedly belongs to
Tereastarr is 24.179.199.117, according to testimony from Edgar and
Weaver. Had a wireless connection been used, a private IP address
linked to the wireless modem would also have been detected, he said.
Those wireless private addresses usually begin with 192.168, Jacobson
testified.
That's the dumbest thing I've ever heard. If she was using a wifi
router, then it would be using a NAT. The inside network would be
transparent to the outside network, and any client on the inside
network would appear to be 24.179.199.117 to anything on the internet.
Posted by: Steve | Oct 2, 2007 7:03:24 PM
The IP address the night of the downloading that allegedly belongs to
Tereastarr is 24.179.199.117, according to testimony from Edgar and
Weaver. Had a wireless connection been used, a private IP address
linked to the wireless modem would also have been detected, he said.
Those wireless private addresses usually begin with 192.168, Jacobson
testified.
That's the dumbest thing I've ever heard. If she was using a wifi
router, surfboard shape playing cards it would be using a NAT. The inside network would be
transparent to the outside network, and any client on the inside
network would appear to be 24.179.199.117 to anything on the internet.
Posted by: Steve | Oct 2, 2007 7:03:59 PM
How did you see inside the defendant's pc? Do you have software
installed that shows her internal network setup?
Assumptions? I don't need to say what those are.
Who lets these "expert" monkeys in the court without three other
people, confirming that what the first monkey said is indeed true?
Posted by: bt | Oct 2, 2007 7:16:48 PM
That's just basic networking. Anyone who knows the smallest bit about
networks knows that anyone could have hopped on that IP connection via
either a wired connection (probably inside the home) or wirelessly
from either inside or outside the home. it would appear to be the independent clothes person when a few people could actually be using the same IP address
over NAT. There is NO WAY to prove it was her. The only way they can
convict her is if the law says you are responsible for securing your
router. Even then some super savvy folks could probably get in and use
the same IP address as you -- then would you still be liable. Would
you have to produce an alibi hopefully showing that you were out of
the house when the IP theft occurred? In my neighborhood there are
many wireless routers and my laptop occasionally hooks up to one of
them instead of mine. Unless I have a bad connection I usually don't
notice. Hopefully I haven't gotten them into any trouble! IP sharing
happens all of the time.
Posted by: Jay | Oct 2, 2007 7:39:36 PM
I think the RIAA should only go after people who make money off of
downloaded songs, such as people who sell pirated CDs(if that still
happens). I think that happens more with movies, though. I hope the
jurors realize that people should not be punished for downloading
songs, and the RIAA is like some sort of gestapo.
Posted by: Mark | Oct 2, 2007 7:56:22 PM
Steve is correct. Behind a router all computers appear to be at the
address assigned by the ISP. Saying that it would have appeared as a
domain starting with 192.168 from outside of the home network is just
plain stupid.
Posted by: Justin B. | Oct 2, 2007 9:45:01 PM
The real problem here will be the jurors unless the defense can teach
a basic networking course to them. The statement noted above regarding
IP separation based on wired/wireless is quite unbelievable and i'm
surprised it was not contested in any way (or at least that part
wasn't reported on if it was).
the lack of education in the US is going to haunt the jury system for
years i fear.
Posted by: Bob M. | Oct 2, 2007 9:56:58 PM
The RIAA is one of the worst bullies as far as corporations go. What
most people do not realize is that the RIAA is not a federal entity,
but rather, a private corporation. Simply put, this court case is a
civil one, not a federal one. That means better auto insurance rules are different.
If the defense is any good, I would hope that they would have computer
"experts" of their own to prove, beyond a reasonable doubt, that it is
very possible for poker cards person to use another person's network.
If this person gets convicted, there will be an appeal, and
eventually, the RIAA will be counter sued for damages. Their strong
arm tactics are very questionable and violate fourth amendment rights.
Posted by: Patrick | Oct 2, 2007 10:20:13 PM
The RIAA is one of the auto insurance bullies as far as corporations go. What
most people do not realize is that the RIAA is not a federal entity,
but rather, a private corporation. Simply put, this court case is a
civil one, not a federal one. That means the rules are different.
If the defense is any good, I would hope that they would have computer
"experts" of their own to prove, beyond a reasonable doubt, house insurance it is
very possible for another person to use another person's network.
If this person gets convicted, there will be an appeal, and
eventually, the RIAA will be counter sued for damages. Their strong
arm tactics are very questionable and violate fourth amendment chinese tutor chicago Posted by: Patrick | Oct 2, 2007 10:21:21 PM
It was a computer expert from Iowa? No wonder he doesn't understand
NAT. The RIAA obviously went to great lengths to find him. Is the
standard for conviction "beyond a reasonable doubt"?
Posted by: JP | Oct 2, 2007 10:25:10 PM
It was a computer expert from Iowa? No wonder he doesn't understand
NAT. The RIAA obviously went to great lengths to find him. Is the
standard for conviction "beyond a reasonable doubt"?
Posted by: JP | Oct 2, 2007 10:27:01 PM
Fuck the RIAA. Sue me bitches.
playing cards promotion by: Ian | Oct 2, 2007 10:28:45 PM
Haha, Americans.
Posted by: Xombie | Oct 2, 2007 10:45:24 PM
Exactly, fuck teh RIAA, any good computer geek will tell you, taking
over someone else's pc without thier knowledge is easy to do, esp for
dumbass civi's with no knowledge on how to protect themselves. Problem
is, its like the blind telling the blind what a picture looks like.
Some dumbass lawyer and clown jury members who have never even been on
the net will have no clue how to rule and will rule based on some not
factual basis as a result. The NAT example is just the tip of it.
Posted by: Steve | Oct 2, 2007 10:49:08 PM
Exactly, fuck teh RIAA, any good computer geek will tell you, taking
over someone else's pc without thier knowledge is easy to do, esp for
dumbass civi's with no knowledge on how to protect themselves. Problem
is, its like the blind telling the blind what a picture looks like.
Some dumbass lawyer and clown jury members who have never even been on
the net will have no clue how to rule and will rule based on some not
factual basis as a result. The NAT example is just the tip of it.
Posted by: Steve | Oct 2, 2007 10:49:15 PM
Exactly, fuck teh RIAA, any good computer geek will tell you, taking
over someone else's pc without thier knowledge is easy to do, esp for
dumbass civi's with no knowledge on how to protect themselves. Problem
is, its like the blind telling the blind what a picture looks like.
Some dumbass lawyer and clown jury members who have never even been on
the net will have no clue how to rule and will rule based on some not
factual basis as a result. The NAT example is just the tip of it.
Posted by: Steve | Oct 2, 2007 10:49:27 PM
Exactly, fuck teh RIAA, any good computer geek will tell you, taking
over someone else's pc without thier knowledge is easy to do, esp for
dumbass civi's with no knowledge on how to protect themselves. Problem
is, its like the blind telling the blind what a picture looks like.
Some dumbass lawyer and clown jury members who have never even been on
the net will have no clue how to rule and will rule based on some not
factual basis as a result. The NAT example is just the tip of it.
Posted by: Steve | Oct 2, 2007 10:49:31 PM
The RIAA can get the private IP address from a public NAT'd IP. A
router does NAT packets that are going through the router, but the
header packets still include the private IP address as well as the
public IP address.
What the RIAA can't ever prove in any of it's many insure quote is which user is
sitting behind the computer that is comitting the crime without any
doubt.
I do think that most people who hate the RIAA are indeed doing illegal
activities themselves and would like the RIAA to disolve so they can
download illegal movies and music without a fear of a lawsuit.
Posted by: Richard | Oct 2, 2007 10:52:02 PM
"Iowa State University computer forensics specialist Doug Jacobson...
The Charter IP address identified the night of the downloading was
24.179.199.117, according to testimony from Edgar and Weaver. Had a
wireless router been used, the internal private IP address assigned by
the router would also have been detected by investigators, he claimed
-- likely beginning with 192.168."
WRONG. 192.168 addresses DO NOT ROUTE. Richard: the header only
includes the PORT used by the NAT router to redirect the packet
internally, it doesn't include the IP address. See RFC 1918. If you
don't know what RFC 1918 is maybe you got your degree from Iowa State
and their specialists like Doug Jacobson.
Posted by: | Oct 2, 2007 11:19:15 PM
Fuck RIAA says it all. She will not get any help from our paid off
congress people.
Posted by: John | Oct 2, 2007 11:21:36 PM
Please read http://en.wikipedia.org/wiki/Port_address_translation.
Internet server has no way to determine if a wireless router's
involved here. Basically each outbound connection is mapped to another
port. The NAT device keeps track of active port used so that it can
figure out where to send incoming packages. Private IPs are not
exposed (well, that's why they call it private).
Posted by: Dave | Oct 2, 2007 11:27:09 PM
This story reads like it was written by a 5th grader. Take a
newswriting course, for real.
Posted by: rockstock | Oct 2, 2007 11:27:31 PM
Private IPs ARE sometimes exposed gentlemen.
Some p2p clients embed the workstation IP (That's the 192.168,
10.x.x.x or 172.16-32.x.x) in the APPLICATION part of the IP packets,
simply because the p2p app thinks that that is its IP.
The header gets NATted, and the packet appears to be from the IP of
the router, if you judge strictly by the header.
HOWEVER, if Kazaa or whatever p2p client additionally plonked its own
IP *inside* the packets themselves, the RIAA honeypot would have been
able to harvest it.
I'm not too savvy on Kazaa in particular, but this may be the
direction the "monkey" was taking, and he may have a quite valid
point. So before we all collectively go on and come out looking like
total idiots, Would anyone care to look it up and determine if this
applies here and whether this is or is not how Kazaa behaves?
Posted by: Devil's Advocate | Oct 2, 2007 11:36:22 PM
The RIAA remind me of all the hard working American workers who've had
their jobs and expensive college MBA's outsourced to India and China.
So many layoffs and even the government turned their back on them due
to payoffs. If this is a step in the right direction then why should
the RIAA be any different? Because they Copywrited material that was
volvo insurance over to them by desperate artists trying to get their name out
at any cost, even blood? Too bad. Every worker in America has been
pouring blood into what they do. It might have been a great investment
to the RIAA back when vinyls were new but now days Technology combined
with an Abundance of cheap labor from India and China is making their
jobs too obsolete. Boo Hoo. Quit making the innocent technologically
gifted generation criminals. The RIAA reminds me of the
conservative/puritan mind-set this country is stuck on with tobacco
and it's drug-war (aka drug-prohibition, which they changed to
drug-war because WAR is a powerful word like the one I'll use in a
second, not like prohibition which when that was the name of it nobody
cared and everyone did their own thing so long as nobody physically
harmed one another). Alienating innocent people and making them into
criminals with NAZI tactics to force them to quit smoking because it
causes cancer. Maybe SOME of us LIKE to smoke. Maybe SOME people like
a CHOICE to pick between buying a CD in a store, complete with
designer cover and jewel case vs. downloading. By the way, with fewer
cancer patients how are we to find a cure? Oops they didn't think that
far. Poo on you RIAA for acting like a bunch of opportunistic fascists
lobbying politicians to do your dirty work and criminalize innocent
people. This is America, it was once known as a free country.
Look at the big picture. America needs to learn Money is not power,
but merely a crutch to get us "there" without anarchy. Knowledge,
Communication and Will are the three true powers. Call them learn mandarin chicago you
want, Mind Soul and Body, Left-Brain Right-Brain and the Physical
body. We have broken through a massive barrier in communication and
data in creating the internet. We should stop reversing it, remolding
it into ad ware and just embrace the splendid beauty and freedom of it
while maintaining awareness of the dangers in it. Only when we embrace
our true power will we be free. Free from tedious labor with puppet
robotics and eventually money it self with simple A.I. to replace
tele-commutes to such hardware. While we are embracing money we should
always keep in mind that we are embracing the root of all evil, and we
should strive to be rid of it eventually, that we might get in touch
once again with ourselves and each other.
http://thistimethisspace.com/2007/07/24/the-paradox-of-our-age/
Posted by: Bob | Oct 2, 2007 11:38:28 PM
"WRONG. 192.168 addresses DO NOT ROUTE. Richard: the header only
includes the PORT used by the NAT router to redirect the packet
internally, it doesn't include the IP address. See RFC 1918. If you
don't know what RFC 1918 is maybe you got your degree from Iowa State
and their specialists like Doug Jacobson."
Depends whether you're looking at Port Address Translation or NAT.
Most home use routers use port translation.
Also, RFC 1918 is "RFC 1918 - Address Allocation for Private
Internets" http://www.faqs.org/rfcs/rfc1918.html
Get your facts straight. Also, some NAT schemes DO include internal
address information in the header.
Posted by: another networking guy | Oct 2, 2007 11:39:43 PM
This has to be one of the most vile lawsuits ever to cross the steps
of a courtroom. I mean, a multi-million dollar organization going
after a Native American woman, who's ancestors *we* stole the country
from, who probably makes $30k a year working for her tribe. Whether or
not they have proof is irrelevant; to simply claim that this woman
could be liable for their incompetant asses losing millions of dollars
makes me want to puke.
These insidious bastards, lead by none other than legendary corporate
bungler/bully, Sony, refuse to move into the future with the rest of
humanity - moving away from proprietary optical disc formats. Their
refusal to move forward stems from the fact that they make premiums
off these formats, so they cling to them even as they die. Of course,
they're losing money as the rest of the world is buying from Apple
instead, but rather than simply give up the fight and try to compete
in the digital age, they chinese teacher chicago to nothing less than mafia-style legal
tactics, going after the same consumers that lined their pockets with
their wealth in the first place.
I truly hope there's a special corner in hell reserved for the scum
that make up the RIAA.
Posted by: Phill | Oct 2, 2007 11:44:33 PM
PS: I love this "One juror, a construction foreman, said he had never
been on the internet. A potential juror was excused from the pool when
she said she had used a peer-to-peer site to download copyrighted
music." "Wow," is all I can say. They keep the mal-informed of the
jury and toss the one juror who's got some insight on the topic and
from the defendants point of view. How is this a jury of peers again?
You just gotta love the politics involved in cases like these. Must be
because she's a minority that they can get away with this so easily.
And a Tribal member at that. Sovereignty what? Say isn't that one of
those big word our good old president bush couldn't even think up the
meaning of? Oi.
Posted by: Bob emo style Oct 2, 2007 11:48:15 PM
The RIAA will have to submit the packets they collected as evidence.
There are millions of port address translation routers out there in
homes across America. I agree we should look at the Kazaa (and other
p2p) payloads. Not sure why they would want to stick my internal IP in
there (or name and credit card number) but who knows.
The "expert" is saying 1. she couldn't have had a wireless router
because 2. all wireless routers give out RFC1918 addresses and 3. the
internal RFC1918 address would have been revealed. The "expert"
testimony is full of holes, since there are millions of port
translation routers in the USA that have wireless and sell for $40.
Unless Kazaa stupidly sticks the internal address in the payload, this
"expert" is bankrupt. Let's fire up Ethereal and confirm.
Posted by: Rupert | Oct 3, 2007 12:02:10 AM
Richard says:
"The RIAA can get the private IP address from a public NAT'd IP. A
router does NAT packets that are going through the router, but the
header packets still include the private IP address as well as the
public IP address."
True. But that in and of itself doesn't prove or disprove which
machine on the lan did the deed. To prove that, one would have to
examine the router logs, if they exist. Of course a neighbor using the
defendant's wifi connection surreptitiously would not be
distinguishable from the defendants own activity, unless of course the
defendant's hard drive had Kazaa loaded and the tracks in question.
In fact, where the prosecution's 'expert' is likely going with this
poorly reported comment is in a direction of demonstrating that the
defendant was in fact NOT using a router of any kind, be it wireless
or otherwise. The method by which said expert would do this is by not
only examining the packets for source and destination (private
addressing behind a router), but more likely, by examining the user's
MAC address and identifying the manufacturer of the network device
from there.
See this site:
http://www.coffer.com/mac_find/
With a lookup on the MAC identity, the prosecution expert can
determine the 'apparent' manufacturer of the network interface on the
WAN side - such as Linksys (as in router) or 3Com (as in NIC).
Of course this fact doesn't include the alternate permutations on
possible defense arguments that a router was employed using a "MAC
cloning" feature... but I digress.
So what do we know for sure? Well, for one, the public IP was
registered to her on the night in question and two - she apparently
doesn't dispute that fact. That's about all we can say we know for
sure.
If she was not using a router, she is likely royally screwed -- the
MAC can be positively ID'd as belonging to her motherboard NIC and/or
the plugin NIC in her system. She is possibly just as royally screwed
if she turned over a wired router that matches the MAC the RIAA
asshats have a record of. (Now we are strictly into the domain of who
did what in my house and on which computer)
If she WAS using streetwear style router, then her only hope to totally dodge this is
that it was a wifi router and it was unsecured. Her ISP can of course
hold her accountable by way of its TOS for things done through her
connection, with or without her knowledge. ISPs are usually only
interested in enforcing bandwidth and abuse issues. Copyright
infringement, aka monitoring the content of what you do on the net, is
not something ISPs want to get anywhere near, for a whole lot of good
reasons.
If she was in fact using a wifi router, a strong case for a reasonable
defense could be made. I doubt that any jury would hold her
responsible for an act of theft committed using her property by
persons unknown -- such an act she could not reasonably even have been
aware of.
Probable lessons learned here: use a wifi router and learn how to
configure it in a secured fashion; and know how to promptly
'un-secure' it, if you are ever compelled to turn it over as part of
an investigation. Heh.
/just my 4.5 cents from a networking guy
Posted by: Networking Knob | Oct 3, 2007 12:07:43 AM
The RIAA has taken on (admittedly by themselves over 2 years ago)
judicial tactics learned from DirectTV and their years of experience.
Its called carpet bombing the court systems - expecting all to submit
as the price is to high to challenge. DirectTV/RIAA drop their suite
just before court date if someone "appears" to be innocent and having
no real proof; if not, full steam ahead to prove a point. Costing the
defendants thousands in the interim.
DirectTV has made and is still making millions independent clothing this blatant abuse
of our judicial system. In fact in a noted case, DirectTV attempted to
sue a proven BLIND woman for viewing their satellite siginal
illegally!
With DirectTV having over 100,000 cases, RIAA has alot of examples to
work with.
The statement regarding the IP address should have landed someone in
contempt - provided the judge was more tech savoy!
Posted by: Tom | Oct 3, 2007 12:10:08 AM
Moore's Law is not working in favor of the RIAA :D
Posted by: amusedbythematerial | Oct 3, 2007 12:12:01 AM
Way to go Music industry, sue your customers, that's a winning
strategy! The digital tech cat is already out of the bag, and it can
never be put back in.
File sharing is hear to stay. MP3's are strings of numbers and thus
cannot be copyrighted, only hard copies can. The music industry has
brainwashed themselves into thinking that the hot air their performers
belch out has a monetary value, it doesn't, only the physical medium
does (i.e. the record, the CD, the DVD, etc.) when recordings were
turned into digital files (streams of electrons) the monetary value
evaporated! HA HA! The music industry, in their greed to cut costs,
put themselves out of business. Good riddance. They were debasing the
culture anyway.
Posted by: Sean | Oct 3, 2007 12:17:44 AM
A little clarification:
The RIAA would likely obtain the MAC of the offending user as part of
the same request they submitted to the ISP where they asked for the
identity of the person using X IP address at the point in time the
alleged depriving of their monopolized income stream was being
subverted. The ISP's systems have a record of the MAC associated with
a particular IP address. It has to customized playing cards it's How Stuff Works (tm).
Posted by: Networking Knob | Oct 3, 2007 12:26:15 AM
Another bit:
All this blah blah about "Tereastarr" is her name here and here, so
ergo this "Tereastarr" must be her too -- this folks, is what anyone
with a partial brain would identify as circumstantial evidence. It is
not incontrovertible proof. Just because I sign my name as Al Gore,
does not make me the Gorenator.
Memo to the geniuses on the RIAA prosecution team: there are 1,300+
hits for Tereastarr on Google right now. Is each aned every one of
them about her or a post by her using the name Tereastarr?
http://www.google.com/search?q=Tereastarr
ps RIAA: F*ck YOU!
Yours Truly,
Al Gore
Posted by: Networking Knob | Oct 3, 2007 12:35:29 AM
Unless Kazaa implements embending internal IP on the packet, the
192.168.x.x should not been recorded. But MAC address may be recorded
somehow.
Posted by: Agron | Oct 3, 2007 12:42:08 AM
RIAA is like trying to zap drivers to protect the horseshoe business.
The big recording Corpses now add much less than zero value, and need
to be destroyed. Any thinking musician except a handful like Jagger
should hate them.
I have so far collected over 40,000 music tracks, 280GB on a 500GB
external drive (with a second back up). I lend it to anyone who wants
it, and hope each of them does the same.
Posted by: Jack | Oct 3, 2007 12:50:23 AM
"The network share folder" seriously... this is the best they can do
for forensics? Those guys utterly suck.
They can't disprove the presence of malware all that easily during the
period their claims span. Nor do they seem all that smart enough to
address it.
The RIAA is an insane bully organization.
Posted by: Gentry | Oct 3, 2007 1:10:53 AM
ATTN: WIRED LEGAL DEPT.
PLS TO BE FORWARDING THE IP ADDRESS AND OTHER IDENTIFYING MARKS MADE
BY POSTER "NETWORKING KNOB". I WILL SUE THIS PERSON FOR ILLEGAL USE OF
SIGNING MY NAME.
YOURS TRULY,
AL GORE (REALLY)
INVENTOR OF INTERTUBES
Posted by: AL GORE | Oct 3, 2007 1:16:39 AM
Look, we really just need a basic understanding of the details of how
a TCP/IP network is implemented. The RIAA only gets to see the IP
address, and maybe MediaDefender logs whole packets. (I believe
MediaDefender-Defender leaked all the source code a couple weeks ago).
The ISP router will cheap car insurance the MAC of the downstream DSL Modem or Cable
Modem of their subscriber. Keeping a log of the DHCP lease (who is
assigned what IP address) is one thing; keeping a log of MAC addresses
mapped to IP sounds like a lot more work. But even if they do that,
only the local cable modem knows the MAC of the computer (or Linksys
router) attached to it. EXTREMELY unlikely any of that is logged.
Conclusion: the RIAA can't use MAC addresses to prove that no wireless
Linksys router was involved. Conclusion: Iowa State should censure
their expert and stick to football. Its important that we get this
right and not let the RIAA or our ignorance spread any FUD on this,
because its going to come up again, OK?
Posted by: Rupert | Oct 3, 2007 1:28:32 AM
Dear Iowa State University computer forensics specialist Doug
Jacobson: What part of "RFC 1918 TCP addresses do not route" don't you
understand? What part of "MAC addresses don't route" don't you
understand? The MAC address they need is in her Linksys router's RAM.
Oh... she turned it off since the beef started 3 years ago and the
memory got erased? Too bad RIAA.
Posted by: Rupert | Oct 3, 2007 1:36:29 AM
Rupert said:
"Keeping a log of the DHCP lease (who is assigned what IP address) is
one thing; keeping a log of MAC addresses mapped to IP sounds like a
lot more work. But even if they do that, only the local cable modem
knows the MAC of the computer (or Linksys router) attached to it.
EXTREMELY unlikely any of that is logged."
I know for a fact that my Telco keeps a live record accessible by web
of the MACs authorized for a subscriber's DSL modem. And I know for a
fact that my telco tech support can read me off heart shape playing cards MACs authorized
for a given DSL modem. In cable modem land, I know for a fact that poker shape playing cards own cable modem will allow me only two public IPs (controlled of
course by the cable modem boot script) and that to use a third MAC
with my cable modem, I need to reboot the cable modem, wiping out its
knowledge of my previous MACs. And I'm 99% sure that our cable co.
tech support guys can access the MAC records currently stored in my
cable modem.
If I was the supposed technical expert working for the RIAA, I know
I'd want something a little firmer in my hands than just an IP address
and end user identity. But that's just me.
As it looks like the RIAA wants to frame their case around someone
using the very flawed KAZAA, that would be their first mistake.
Conclusion: Wait and see what evidence is actually trotted out and how
it is refuted by the defene.
Posted by: AL GORE | Oct 3, 2007 1:45:18 AM
Al Gore, I am suing you for thieving my post.
Posted by: Networking Knob | Oct 3, 2007 1:46:53 AM
Rupert said:
"The MAC address they need is in her Linksys router's RAM. Oh... she
turned it off since the beef started 3 years ago and the memory got
erased? Too bad RIAA."
Wrong. The MAC address in question is the permanent hard coded (but
changeable) address assigned by the manufacturer of the router - the
MAC for the WAN (ie facing the Internet) side.
Go look at the config page for your router (you do own one, right?).
Two MAC addresses are listed - WAN and LAN. Just like there are two IP
addresses listed on the main status page - again, WAN and LAN.
Posted by: Networking Knob | Oct 3, 2007 1:50:15 AM
MACs don't* change - IPs change.
--
* Can be changed, if you know how and deliberately set out to do so.
This knowledge or understanding is of course well outside the interest
of the average home user.
Posted by: Networking Knob | Oct 3, 2007 1:54:25 AM
Networking Knob, I'm basically with you. What's at issue here is,
could someone wardriving have stiffing her packets, stealing her
identity, and using Kazaa while parked in front of her house... can
the RIAA prove that this is impossible? The wardriver's laptop NIC
would have a unique MAC (though they could change it to Dick Cheney's
MAC if they chose). The point is all the ISP sees is her Cable Modem's
MAC, and maybe, though it would be a hassle to log it for every user,
24x7x365, her Linksys router's _WAN_ MAC. They CANNOT see beyond that,
to the Linky LAN MAC nor the PC MAC nor the wardriver's MAC. They can
pay off some supposed expert to lie about this or spread FUD, but I
rest my case.
Posted by: Rupert | Oct 3, 2007 2:12:56 AM
In related cases, it has been suggested chinese chicago "making files available"
is not in itself infringement. People (other than the copyright
holders) must also download said files for there to be distribution.
If the RIAA cannot demonstrate distribution from her IP address, then
they have failed to show any damages...
Posted by: astrochicken | Oct 3, 2007 3:18:08 AM
The HD (hard drive) that they say is new obviously does not have the
data on it. Thus no smoking gun = no proof. Furthermore why would I
turn my HD over to strangers when it could incriminate me for things I
may or may not have done? It’s worse than turning over a diary. How
many of you are willing to do that? (Me personally, I would burn it
first.).
It seems to me she could simply say “ My HD was infested with
viruses and I had it replacedâ€. And when asked what happened to the
old one id say, “I threw it outâ€. Now technically speaking many
people solve virus problems many different ways. Some use virus
scanners (sometimes honda insurance others replace whole systems while many
have their HDs replaced since its more costly to have a technician do
a 0 out low level format that may or may not identify & fix a failing
disk than to just buy a newer , faster & larger hard drive.
Furthermore if she was being used as a proxy server or was infested
with spy ware on an unprotected network (which many people are) it’s
very likely that it would slow her system down and prompt her to
replace her HD Thus adding to the belief
The bottom line is this. Unless they were there theirs no way in hell
they can prove she did anything without the original HD outside of
speculation.
Recommendation:
If the RIAA ever comes after you requesting you turn over you’re
hard drive. I suggest you bust out a window from the outside in,
report that to the police, tell the guys asking for your HD that
somebody broke in your house and stole your PC, get rid of the CPU &
never use that HD online again.
Posted by: The Truth | Oct 3, 2007 4:03:50 AM
"Thomas, a Native American single mother of two who works as an
administrator at a nearby tribe here."
After this lawsuit, they're gonna go punch a baby.
Posted by: DingleDongle | Oct 3, 2007 4:08:48 AM
strange that the RIAA has plenty of time and resources to prosecute
file-sharers but has no time or resources to figure out how to set
music prices in a way that makes sense.
f a gas station tried to charge $13.99 for a Snickers, would they ever
sell one? music is like candy--it's an impulse item, and if someone
itching to get some can't afford to buy it, it's really not that hard
to steal....
much as i'd like to rant and rave about how much the RIAA sucks, the
real issue here is that music, as wonderful as it is, is practically
worthless when it comes time to put a price tag on it--especially
compared to what it currently costs.
put it this way--if you want to buy art that will increase in value,
it's going to work out better for you to put $500 into one decent
painting than it would be to schill out chump change for Now That's
What I Call Music Vol. 1-25....
anyway, if instead of prosecuting everyone who shares and copies
music, they just lowered the price to buy it legally down to the point
where it becomes too stupid to steal, maybe selling music would still
be profitable for everyone........
(by the way, anyone notice that Radiohead's next album is going to be
sold on a "whatever you think it's worth" basis?)
Posted by: Jack Bauer | Oct 3, 2007 4:53:41 AM
Dear David Edgar, manager of internet security? Router NAT addresses
(192.168.x.x) are invisible upstream of the cable modem. A sociopathic
association excoriating ordinary and mostly innocent people out of
millions of dollars with sledgehammer legal actions, and NAT addresses
are visible is what you testify. My goodness.
Posted by: robay | Oct 3, 2007 5:03:57 AM
Even the press can't get it right. The RIAA is going after UPLOADERS,
not DOWNLOADERS. And all you have to do is leave your PC on. She
could've be in Vegas for all anyone knows... This case has HUGE
implications for WIMAX and will impinge on the ripe flourishing of any
'xohmable' device landscape....
Posted by: pantribe | Oct 3, 2007 5:06:34 AM
What is the moral of the story? Get a wireless router and make sure
that it is completely unsecured. Then you have a perfect defense
against the RIAA. Sorry, someone hijacked my wireless router. All you
need to do from there is to put good firewalls and software on your
other computers and use drive encryption. RIAA knocking? Delete the
keys and deny everything.
Posted by: Unsecure You Router | Oct 3, 2007 5:07:13 AM
This is the same recording industry that worked over countless artists
with the fine print.
Posted by: Jack | Oct 3, 2007 5:15:29 AM
Steal their land, put them on reservations read "open prisons", and
then sue them too? Why not just round independent style all up and put 'em in an
incinerator?
Ofcourse all of this is besides the point, the point being RIAA is
very excited they actually sued a real and mature person rather that 3
year old children and dead people as they usually do.
Besides all of this, there is a genius witness commenting on the
internet security saying custom faces playing cards would have been a private (192.168.x.x)
address to a jury that doesn't know shit about computers.
Posted by: syed | Oct 3, 2007 5:19:28 AM
I have to agree with Steve, the 192 address is rather absurd. I hope
an expert witness didn't say that in court. Rather, I hope this was a
mistake by the author. The 192 address is commonly used by both, wired
best car insurance wireless users and is a LAN address that is transparent to the
WAN. I really hope this was a mistake made by the author of this
article. I'd rather this case be argued upon the merits rather than
deception.
Posted by: Paul | Oct 3, 2007 5:45:18 AM
This is the same American recording industry that paid Little Richard
(and many other artists) 1/2 of one cent for each record they sold.
Fuck the bastards.
Posted by: WinstonSmith | Oct 3, 2007 6:26:30 AM
The RIAA is likely going after someone is unable to pay for reasonable
defense or has much knowledge of computers... at least she was smart
enough to replace her hard drive but 1 good network tech should be
able defend the woman, hoping the jury isn't paid off and not
incredibly stupid. It's the stupid part that's scary, seeing as they
couldn't even understand networking 101.
Posted by: Tiberian Junker | Oct 3, 2007 6:27:13 AM
Oh yeah, lower the prices of CD's mandarin lessons chicago 2-4 dollars, they only cost about
30 cents to make and ship. The Video industry learned that they earned
more profit after lowering prices.
Posted by: Tiberian junker | Oct 3, 2007 6:31:58 AM
All i gotta say is two words, Peer Guardian.
Posted by: Rick | Oct 3, 2007 6:34:11 AM
This is lunacy - to bankrupt a woman over something like this is
completely ridiculous - it is amoral, unconscionable, and contrary to
common sense. The only way to stop this is a complete boycott of the
music industry by consumers. Only when we collectively hurt their
pocketbooks in a real way will they come to their senses and stand
down. Stop buying music, in any and every form, and see how quickly
they change their tune.
Posted by: Dave Giaimo | Oct 3, 2007 6:35:44 AM
"Did you people actually observe defendant infringing?"
.....I think that's also a pretty funny question to ask. It's like
asking, "Did you people actually observe defendant hiding a bomb?" I
guess the evidences like fingerprints don't matter to them.
BTW, you think RIAA is pretty bad (and I do agree that they are)...
wait until you hear about JASRAC. They are emo fashion worse.
Posted by: Alto | Oct 3, 2007 6:38:05 AM
PeerGuardian is useless. Take the time to read about the mediadefender
fiasco and the leaked emails. They laughed about PG and how easy it
was to bypass. There were entire server farms no one knew about. You
think they are the only ones doing this? One wireless connection in
Podunk, Iowa and an hour's worth of time and you could log thousands
of IP's to trace. You simply cannot block everything, and all it takes
is one little hole.
Posted by: JC | Oct 3, 2007 6:46:20 AM
Well I agree with most of the comments written down here. The part
about a Native American being sued even though her ancestors' land was
stolen by the predecessors of those suing her is the most ironical
part. Besides the point, but I think this is a very true (however
bitter)...
Anyway concerning the technical part...
I tend to agree that NAT protects local IPs, and I am still puzzling
over some remarks according to which some NAT routers would include
the private IP address in the IP packet traveling over the public
network: I fail to see any interest in doing that, and also the only
place I see where they could put that is in the Options field of the
IP header, in which case only similar routers would understand that ;
but to what end ?
I would be glad if someone could explain that to me.
Still concerning this mysterious private IP address, there were
suggestions it could be put inside the Kazaa FastTrack protocol packet
(so in the IP payload). Sounds reasonable especially since I
understand that Kazaa prided itself in being able to transparently go
through routers and stuff like that, maybe having the private IP in
the packet would help.
However I've been drifting through the reverse-engineered
specifications of FastTrack, I don't really find indications of that.
However, the FastTrack packet are encrypted using keys that are first
exchanged using keys... sent in clear, so if a whole sniffing session
is recorded, FastTrack packets can be decrypted using the information
in the non-encrypted FastTrack handshaking packets. So assuming the IP
is in there, then it is recoverable by the inspectors.
Even though this were correct, I still think that a guy testifying
that the private IP address "would also have been detected by
investigators" is stretching is a little. I see many reasons why this
should not be, especially considering that they would need full
records including handshaking, they also would need to
reverse-engineer a proprietary protocol (work already done for them,
but is information that was merely guessed for an otherwise unknown
protocol receivable in court? I doubt it...).
If both points are correct:
- NAT protects private IP (if someone could give me examples of cases
where private IPs are actually included I would be very grateful... At
any rate the Iowa guy would need to be sure that the LinkSys router
used has this "feature", which I doubt).
- Private IP might be in the FastTrack packet
Even then the testimony made by the Iowa person is not accurate.
Private investigators most likely wouldn't have gone as far as
reverse-engineering the FastTrack protocol. And even if they had, they
would have needed to subpoena Kazaa to confirm that their information
is correct. Saying that private IPs would be visible in the FastTrack
packets is meaningless since the protocol is proprietary.
Cheers
Yannick
Posted by: Yannick | Oct 3, 2007 6:56:22 AM
Post a comment
--------------
You are currently signed in as (nobody). Sign Out
Name:
Email Address: (Not Required, Not Published)
Comments:
Advertisement See more Threat Level 
Advertisement
Advertisement 
Ryan Singel | e-mail
Kevin Poulsen | e-mail | IM
Sarah Lai Stirland | e-mail
Kim Zetter | e-mail
David Kravets | e-mail 
October 2007
Sun
Mon
Tue
Wed
Thu
Fri
Sat
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
* Jurors Schooled in Techno Speak in Nation's First RIAA Copyright
Case
* RIAA Rips Defendant in Nation's First Filesharing Jury Trial
* GAO Wants to Test Controversial Florida Voting Machines
* Dems Ask Telcos Spying Questions
* Sony BMG Exec Tells Jury that Ripping a Single Song is Theft
* Scoop: Clinton raised $8 million online in 3Q
* RIAA Tells Jury 'Hold Defendant Responsible'
* Jury Impaneled in RIAA Filesharing Trial
* Former DOJ Lawyer Couldn't Find Way to Legalize Bush Spying
Program
* Goldsmith Says Too Many Lawyers Hurt Anti-Terror
* Announcements (7)
* Breaches (19)
* CCC (20)
* Censorship (25)
* Copyrights and Patents (32)
* Cover-Ups (19)
* Crime (55)
* Crypto (4)
* Cybarmageddon! (11)
* DefCon (6)
* E-Voting (31)
* Election '08 (88)
* Gists (3)
* Glitches and Bugs (12)
* Hacks and Cracks (56)
* Hot Planet (24)
* Identification (32)
* Information Sharing (3)
* Intellectual Property (6)
* ISP Privacy Survey (10)
* Kickbacks (7)
* Network Neutrality (1)
* NSA (26)
* Online Political Campaigns (12)
* Patents (1)
* Politics (60)
* Porn (5)
* Privacy (70)
* RFID (3)
* RIAA Trial (6)
* Spam and Phishing (4)
* Spooks Gone Wild (38)
* Sunshine and Secrecy (53)
* Surveillance (90)
* The Courts (36)
* Threats (38)
* Virginia Tech shootings (32)
* Watchlists (17)
* Wikiwatch (3)
Advertisement
* Wired News on the Go Sync up, head out, read Wired News on your
handheld at your leisure.
syndication feed Add Threat Level to your favorite feed reader. Find
more Wired News feeds, including web-based news reader feeds, here.
Corrections | Contact Us | Letters to the Editor | Wired Staff | Press
Center | FAQ | Wired Insider | Sitemap | Login/Registration
Subscription Questions | Renew Subscription | Give a Gift |
International Subscriptions | Advertising | Media Kit | Careers Visit
Our Sister Sites: Concierge | Epicurious | Men.style.com | Style.com |
Flip.com | Wired.com | Lipstick.com | NutritionData | YM | Allure |
Architectural Digest | Brides
Cookie | Condé Nast Portfolio | Domino | Glamour | House & Garden |
Lucky | cheap renters insurance Vogue | Self | Teen Vogue | The New Yorker | Vanity FairSubscribe
to a magazine:
* View Special Offers
* View All Titles
* Allure
* Architectural Digest
* Bon Appétit
* Brides
* Condé Nast Portfolio
* Condé Nast Traveler
* Cookie
* Details
* Domino
* Elegant Bride
* GQ
* Glamour
* Golf Digest
* Golf World
* Golf For Women
* Gourmet
* House & Garden
* Lucky
* Men's Vogue
* Modern Bride
* Self
* Teen Vogue
* The New Yorker
* Vanity Fair
* Vogue
* W
* Wired
© 2007 CondéNet, imprinted playing cards All rights reserved.
Use of this site constitutes acceptance of our User Agreement and
Privacy Policy 