A Californian company which specializes in subverting the spread of copyrighted files on peer-to-peer (P2P) networks has seen thousands of internal e-mails -- detailing its work with the US government to trace pornography and the creation of a fake download site to catch file-sharers -- leaked online after an employee's Gmail account was hacked.
Media Defender has worked for companies including Universal Music and artists such as the rap star Jay-Z, and had moved to try to limit the number of downloads of Michael Moore's new film, Sicko, by flooding P2P networks with decoy versions.
But the workings of the company have been spread in the most embarrassing form over the Net by Torrentfreak (summarized at tinyurl.com/2wlryb). The e-mails, apparently downloaded from the Gmail account of Jay Maris, one of the staff who had cc'd all his e-mail to the external system during the past nine months, show that Media Defender was working with the US Justice Department to try to uncover as much detail as possible about people who tried to access child pornography via P2P networks (a transcript of a phone call relating to the work is at pastebin.com/f5ae055cf), and that it had set up a fake P2P site -- called MiiVi -- with the aim of building up a list of P2P users. (The site was taken offline after its association with Media Defender was uncovered.) It then tried again, with a site called Viide.com.
The entire 700MB file of e-mails is now circulating on P2P networks. One of the messages is reported to discuss the possibility of getting the PCs of people who downloaded a client application from MiiVi to begin sending corrupted or incomplete files to the file-sharing networks -- in effect gumming up the networks with broken downloads.
File-sharing networks constitute a major part of the data that travels the Internet every day: about 37 percent is thought to be due to file-sharing, with Web downloads of video from sites such as YouTube and billions of pictures from Web pages just exceeding it at 39 percent. E-mail is reckoned to make just 2 percent of the total. More than 10 million machines are logged on to file-sharing networks, and more than 1 billion audio tracks are swapped each month according to Big Champagne Online Media Measurement, which tracks file-sharing networks.
One of the e-mails to Media Defender came from Universal Music, where an executive was wondering if there was any data to back up the idea that lawsuits by the music industry were leading to less file-sharing among educational institutions. Randy Saaf, its chief executive, clearly thought not -- and forwarded the message to five employees with the note: "Take a moment to laugh to yourselves."
Media Defender has not been shy about publicity for its work. In April Saaf said that the very openness of P2P networks to all users made it easier for companies like his to subvert them: "These are open trust networks, and they can't authenticate all of the material on the network," he said.
But Saaf is not an ideologue: in 2003, he told a Senate hearing in which Senator Orrin Hatch called for technological measures to destroy the computers of people who illegally downloaded copyrighted material that "no one is interested in destroying anyone's computer" (tinyurl.com/27x5e2).
Saaf told the Wall Street Journal that MiiVi had been a test site but that it was not intended to entrap users. However, that does not square with the efforts -- detailed in the e-mails -- to ensure that the site rose high up in Google rankings, and Saaf's dramatic response when the news of MiiVi's ownership leaked: "This is really fucked. Let's pull miivi offline," he wrote on July 3, after Torrentfreak revealed the news.
Although the revelations could boost Media Defender's media profile and its reputation as an effective counter to the spread of P2P files, the leak of the files and a dump of a huge database of its data tracking the spread of its decoy files across the Gnutella network will raise serious questions about its internal security.
One theory explaining how Mairs' account was hacked is that in the course of his work he used his Gmail address to sign up for one of the file-sharing services he monitored. If his IP address -- indicating where he connected from -- pointed back towards Media Defender or MiiVi, an administrator of the file-sharing service might have tested Mairs' login password on the Gmail account -- and struck gold.
There is a certain irony in the release. Last month a US judge threw out a lawsuit by TorrentSpy, a bittorrent search engine, even though it emerged that the Motion Picture Association of America had paid a hacker US$15,000 for illegally obtained e-mails sent between TorrentSpy's executives. The hacker rigged the e-mail server so that every incoming and outgoing e-mail to the company would be forwarded to a Gmail account. No money is thought to have changed hands over Media Defender's e-mails.
NO HUMAN ERROR: After the incident, the Coast Guard Administration said it would obtain uncrewed aerial vehicles and vessels to boost its detection capacity Authorities would improve border control to prevent unlawful entry into Taiwan’s waters and safeguard national security, the Mainland Affairs Council (MAC) said yesterday after a Chinese man reached the nation’s coast on an inflatable boat, saying he “defected to freedom.” The man was found on a rubber boat when he was about to set foot on Taiwan at the estuary of Houkeng River (後坑溪) near Taiping Borough (太平) in New Taipei City’s Linkou District (林口), authorities said. The Coast Guard Administration’s (CGA) northern branch said it received a report at 6:30am yesterday morning from the New Taipei City Fire Department about a
IN BEIJING’S FAVOR: A China Coast Guard spokesperson said that the Chinese maritime police would continue to carry out law enforcement activities in waters it claims The Philippines withdrew its coast guard vessel from a South China Sea shoal that has recently been at the center of tensions with Beijing. BRP Teresa Magbanua “was compelled to return to port” from Sabina Shoal (Xianbin Shoal, 仙濱暗沙) due to bad weather, depleted supplies and the need to evacuate personnel requiring medical care, the Philippine Coast Guard (PCG) spokesman Jay Tarriela said yesterday in a post on X. The Philippine vessel “will be in tiptop shape to resume her mission” after it has been resupplied and repaired, Philippine Executive Secretary Lucas Bersamin, who heads the nation’s maritime council, said
REGIONAL STABILITY: Taipei thanked the Biden administration for authorizing its 16th sale of military goods and services to uphold Taiwan’s defense and safety The US Department of State has approved the sale of US$228 million of military goods and services to Taiwan, the US Department of Defense said on Monday. The state department “made a determination approving a possible Foreign Military Sale” to the Taipei Economic and Cultural Representative Office in the US for “return, repair and reshipment of spare parts and related equipment,” the defense department’s Defense Security Cooperation Agency said in a news release. Taiwan had requested the purchase of items and services which include the “return, repair and reshipment of classified and unclassified spare parts for aircraft and related equipment; US Government
More than 500 people on Saturday marched in New York in support of Taiwan’s entry to the UN, significantly more people than previous years. The march, coinciding with the ongoing 79th session of the UN General Assembly, comes close on the heels of growing international discourse regarding the meaning of UN Resolution 2758. Resolution 2758, adopted by the UN General Assembly in 1971, recognizes the People’s Republic of China (PRC) as the “only lawful representative of China.” It resulted in the Republic of China (ROC) losing its seat at the UN to the PRC. Taiwan has since been excluded from