From Wired News, available online at:
http://www.wired.com/news/print/0,1294,40816,00.html
Oh dear, looks like it is time once again to don my fireman's hat and
quench the flames of misinformation and unquestioned self-publicity with
the hose of facts and common sense. There are so many holes in this
article, and the technology which it describes, that I scarcely know where
to start - so I will start at the top.
> Thanks to new software applications hitting the market, content
> providers are now able to track users that share music, movie and
> other media files across file-trading networks like Napster. Even
> Freenet -? the fiercely protective network -- appears to be vulnerable
> to the new programs.
Just so it is clear, I have heard or read nothing about their technology
which suggests that it is capable of compromising Freenet's aims of
providing anonymity to the producers and consumers of
information. Further, I have heard or read nothing that suggests they
could effectively identify a significant number of Freenet node's, and
even if they could, that there are any effective measures which could be
taken.
> One service, Copyright Agent, allows content owners to provide ISPs
> with lists of files to remove and, in many cases, to have Internet
> access to certain users cut off completely. The systems work by
> automating the take down and removal policies in the Digital
> Millennium Copyright Act of 1998, many of which have been too unwieldy
> for service providers to monitor.
In the case of Freenet, it would be impossible for an ISP to monitor what
information was being communicated between Freenet nodes, and extremely
difficult for ISPs to identify Freenet nodes at all. In the case of
broadband connections such as cable, even if you can identify that a
particular IP address is running a Freenet node, and even if the ISP can
be persuaded to try to remove the user, there is no way for the ISP to tie
the IP address to a given user over a cable local loop, and thus no way to
deny them access.
Further, IANAL but AFAIK an ISP does not have liability for the bits
communicated over their networks, so I don't see why ISPs would go to the
trouble of installing this software *and* potentially annoying their
users, *and* when the software is very unlikely to be effective anyway!
> "Unlike encryption and digital rights management solutions, you need
> something to go out and make sure that any leaks out there are stopped
> because those leaks mean you are losing revenue," said Tim Smith,
> president of Copyright.net, the maker of Copyright Agent. "Our
> software all developed around the DMCA. We've Web-enabled the DMCA."
The DMCA is idiotic, and so any software which is based on it is also
likely to be idiotic. This certainly seems to be the case here.
> According to the DMCA, Smith said ISPs are required to remove
> materials from their system once copyright owners have identified the
> infringing content.
This cannot be achieved with Freenet since the process of checking to see
whether content is on a machine will actually place the content on that
machine regardless of whether it was there before, so it is *this
software* which will cause the propagation of the infringing content - by
their reasoning, therefore, it is their own software which should be
banned. We call this the "I'm Sparticus" strategy.
> This gives the ISPs a manageable list of materials to remove from its
> system.
And how does an ISP do that? Hack into their users computers and start
deleting files?
> Its application tracks the MD5 checksum, which uniquely identifies the
> original source of a song, allowing Emusic to track files that were
> being made available.
Ah yes, change one bit of the mp3 file and you get a different checksum
rendering this mechanism worthless. That's *really* smart.
> The system would also track the IP addresses of the infringing users,
> which would enable Emusic to send a take-down notice directly to the
> user's ISP if necessary.
Yes, I can just see an Indian or Russian ISP quaking in their boots over
violating a dumb American law on their own soil!
> But these new systems might be overstepping the bounds of the law.
Not to mention the bounds of common sense.
> While helping ISPs track users who are committing copyright
> infringement, attorney Fred von Lohmann said the new automated systems
> might actually be putting ISPs at the mercy of content owners.
Ah, a smidgen of common sense at last.... My faith in Brad is at-least
partially restored.
> "I don't think that the user should be terminated just because they
> might be trafficking infringing materials," von Lohmann said. "The
> take-down policy only applies to links and Web pages. We don't want a
> world where content owners can, just with an accusation, terminate
> users' Internet access.
Er, so it just applies to links and webpages - so how is this supposedly a
threat to Freenet? ...yet another hole in the reasoning here.
> "If it's some teenager in New Jersey, it might not be the end of the
> world to lose your connections, but imagine a person at home with a
> DSL line, and their livelihood depends on it."
...and the livelihood of the ISPs depends on *not* cutting-off their own
customers!
> The system can even track users through Freenet, the brainchild of Ian
> Clarke, which is supposed to provide total anonymity.
Oh really? Let's look a bit closer...
> While Mediaenforcer President Travis Hill said the system can't track
> everyone on Freenet, he claims it can track the last person to come in
> contact with the information, which might be enough to slow down the
> growth of the file-trading system.
Er, so let me get this straight. He gets the IP address of a Freenet
node, and requests the information from that node, this process *may*
result in the information being cached on that node BECAUSE of his
request! He then thinks that he has legitimate cause to blame that user
for the content being there, even though it wouldn't be there had he not
requested it. I would love to see him in court trying to explain that
one... :-)
> "People claim if you don't know the original provider on Freenet, you
> can't do anything," Hill said. "When all these people are running
> Freenet, we connect to each one of them, throw in a query and if a
> particular node responds to that key, we consider that IP address to
> be infringing.
1) *You* might consider it to be infringing - but who cares given that it
is only infringing as a result of your actions?
2) Even if the ISP cares (and as pointed out in the article, it is very
unlikely that they would want to get involved), in the case of a Cable
user there is no way to reliably match the IP address to a user so that
they can be disconnected.
> "Then you can go to the ISP and hand them that IP address. The
> disadvantage to being anonymous is that the only way to stop the
> infringement, if you're an end user, is to stop using Freenet."
Nope, the only way is for Travis to stop requesting the content from
Freenet!
> Clarke agreed that certain users could be tracked today, but wrote in
> an e-mail that ultimately these tracking systems will fall short.
> "Freenet's primary concern is hiding the identity of information
> producers and consumers, not so much the nodes themselves," Clarke
> wrote. "However, Freenet traffic cannot really be distinguished from
> other encrypted traffic on a network ?- not reliably anyway -- and we
> will shortly be introducing changes to make it even more difficult.
I also pointed out at great length that not only will this software "fall
short", but that it is the mother of all dumb ideas for the reasons I have
outlined.
> He also pointed out that the upgrades to Freenet and other open-source
> file-trading networks could outpace the policing technology.
Er, Freenet (along with some other technologies) outpaced this kind of
technology before it left the drawing board...
> "The whole issue is that if you are making available something that is
> infringing, you lose all rights to privacy," Hill said.
Brad - how can you let him get away with this unquestioned?! By this
reasoning you lose all rights to privacy just by being on the Internet
since you could be contributing towards "making something available".
Sorry to kill the fun, but it really irritates me when people's rampant
self-publicity is indulged in an otherwise reputable publication.
Ian
PGP signature
