Embedded BitTorrent: 2 of 5
Guy Macon
Embedded BitTorrent: 2 of 5
Anti-P2P Group Takes Down Revision3 Site
29 May 2008 by Mark Hachman, PC Magazine
http://www.pcmag.com/article2/0,1759,2310658,00.asp
The chief executive of online video network Revision3 on Thursday accused
MediaDefender, an anti-P2P contractor, of taking down the company's
video-distribution operations over the Memorial Day weekend.
According to Jim Louderback , the chief executive of the site, at least
three of the company's top shows were affected: Diggnation, Tekzilla, and
the Totally Rad Show. In total, the site's operations were affected from
Saturday night until about midday Tuesday, Louderback said in an interview.
Revision3 contacted the Federal Bureau of Investigation, which is currently
investigating.
How much revenue did Revision3 lose from the attack? "I dunno," Louderback
said via instant message. "A lot."
Louderback was formerly editor-in-chief of PC Magazine and a former
editorial director for the Consumer / Small Business Group at Ziff-Davis
Media, but has no ties to the company.
In a blog post published Thursday, Louderback described the outage as a
denial-of-service attack, similar to those MediaDefender has launched on
peer-to-peer networks in a bid to halt the spread of copyrighted media
files. According to Louderback, the attack was apparently automated to
block the spread of the video shows Revision3 distributes via BitTorrent, a
neutral protocol that has also been adopted by the file-sharing underground
to distribute pirated works.
Revision3, however, was using the protocol to conduct a legitimate business
enterprise, and that's what prompted Louderback and Revision3 to bring the
FBI into the picture.
"Now why would MediaDefender be trying to put Revision3 out of business?
Heck, we're one of the biggest defenders of media around," Louderback
wrote. "So I stopped by their website and found that MediaDefender provides
"anti-piracy solutions in the emerging Internet-Piracy-Prevention
industry." The company aims to "stop the spread of illegally traded
copyrighted material over the Internet and peer-to-peer networks." Hmm. We
use the Internet and peer-to-peer networks to accelerate the spread of
legally traded materials that we own. That's sort of directly opposite to
what Media Defender is supposed to be doing."
According to MediaDefender, the company "uses a range of non-invasive
technological countermeasures employed on P2P networks to frustrate users'
attempts to steal / trade copyrighted content."
Louderback said that both Revision3 and ArtistDirect, the parent company of
MediaDefender, held a conversation to try and get to the bottom of the
matter. What MediaDefender did, according to Louderback, was to inject
false "torrents" into the mix of files that Revision3 sent out. The false
torrents prevented the real files from being disseminated, crippling
Revision3's ability to seed its own files into the community.
MediaDefender acknowledged its practices on its Web site.
"Decoying and Spoofing are the most commonly known techniques that we
employ," the company said. "We send blank files and data noise that look
exactly like a real response to an initiated search requests for a
particular title. Pirated files will no doubt be on the networks, but with
our protection applied it would be easier to find a needle in a hay stack
than a real file amongst our countermeasures."
"I eventually had a fascinating phone call with both Dimitri Villard and
Ben Grodsky, vice president of operations at Media Defender," Louderback
wrote.
"First, they willingly admitted to abusing Revision3's network, over a
period of months, by injecting a broad array of torrents into our tracking
server. They were able to do this because we configured the server to track
hashes only - to improve performance and stability," Louderback added.
"That, in turn, opened up a back door which allowed their networking
experts to exploit its capabilities for their own personal profit."
The problem, however, is when Revision3 took action to block the
unauthorized files, the blocking apparently triggered a "scorched earth"
policy that sent a vast wave of packets at the Revision3 servers. Unable to
process all of them, the Revision3 servers were overwhelmed and effectively
forced off line.
"Second, and here's where the chain of events come into focus, although not
the motive," Louderback concluded. "We'd noticed some unauthorized use of
our tracking server, and took steps to de-authorize torrents pointing to
non-Revision3 files. That, as it turns out, was exactly the wrong thing to
do. MediaDefender's servers, at that point, initiated a flood of SYN
packets attempting to reconnect to the files stored on our server. And that
torrential cascade of "Hi"s brought down our network."
Calls to MediaDefender were not immediately returned.
"In the end, I don't think Media Defender deliberately targeted Revision3
specifically," Louderback wrote. "However, the company has a history of
using their servers to, as Ars Technica said, 'launch denial of service
attacks against distributors.' They saw us as a 'distributor' - even though
we were using BitTorrent for legitimate reasons. Once we shut them out,
their vast network of servers were automatically programmed to implement a
scorched earth policy, and shut us down in turn. The long Memorial Day
weekend holiday made it impossible for us to contact either Media Defender
or their ISP, which only exacerbated the problem."
-------------------------------------------------------------------------
Guy Macon <http://www.GuyMacon.com/> Guy Macon <http://www.GuyMacon.com/>
Guy Macon <http://www.GuyMacon.com/> Guy Macon <http://www.GuyMacon.com/>
Guy Macon <http://www.GuyMacon.com/> Guy Macon <http://www.GuyMacon.com/>
Guy Macon <http://www.GuyMacon.com/> Guy Macon <http://www.GuyMacon.com/>