23,000 IP addresses
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week. I thought that there might be some interest in the list of these addresses : http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses.... If you have IP addresses on this list, expect to receive papers shortly. Here is more of the backstory : http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/ This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system. Regards Marshall
Interesting, especially after this: http://torrentfreak.com/ip-address-not-a-person-bittorrent-case-judge-says-1... On Tue, May 10, 2011 at 9:07 AM, Marshall Eubanks <tme@multicasttech.com> wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
If you have IP addresses on this list, expect to receive papers shortly.
Here is more of the backstory :
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
Regards Marshall
-- Just my $.02, your mileage may vary, batteries not included, etc....
In article <BANLkTimA-ZpM3bKXoDtxMgXySJ_FKYS+0w@mail.gmail.com>, chip <chip.gwyn@gmail.com> writes
Interesting, especially after this:
http://torrentfreak.com/ip-address-not-a-person-bittorrent-case-judge-says-1...
It depends whether you are suing the subscriber or the downloader (maybe both can be liable in some cases). Also whether the subscriber was running an open Wifi (normally not recommended), which is a matter of evidential fact to be explored in each particular case.
On Tue, May 10, 2011 at 9:07 AM, Marshall Eubanks <tme@multicasttech.com> wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
If you have IP addresses on this list, expect to receive papers shortly.
Here is more of the backstory :
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
Attempts a bit like this have come unstuck in the UK. Search for "Davenport Lyons" and "ACS Law" -- Roland Perry
On May 10, 2011, at 10:08 AM, Roland Perry wrote:
In article <BANLkTimA-ZpM3bKXoDtxMgXySJ_FKYS+0w@mail.gmail.com>, chip <chip.gwyn@gmail.com> writes
Interesting, especially after this:
http://torrentfreak.com/ip-address-not-a-person-bittorrent-case-judge-says-1...
It depends whether you are suing the subscriber or the downloader (maybe both can be liable in some cases). Also whether the subscriber was running an open Wifi (normally not recommended), which is a matter of evidential fact to be explored in each particular case.
And, perhaps most critically, which judge you come before. (It will take a while, and maybe a visit to the Supreme Court, before you can expect legal consistency here.) Note also that these generally do not go to trial. Regards Marshall
On Tue, May 10, 2011 at 9:07 AM, Marshall Eubanks <tme@multicasttech.com> wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
If you have IP addresses on this list, expect to receive papers shortly.
Here is more of the backstory :
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
Attempts a bit like this have come unstuck in the UK. Search for "Davenport Lyons" and "ACS Law" -- Roland Perry
In article <fOTexpPpbUyNFANV@perry.co.uk>, Roland Perry <lists@internetp olicyagency.com> writes
Attempts a bit like this have come unstuck in the UK. Search for "Davenport Lyons" and "ACS Law"
And this ruling (and fine) have appeared from the UK's privacy regulator today (note especially that the fine would have been ~$300k if the company was still trading): <http://www.ico.gov.uk/~/media/documents/library/Data_Protection/Notices /acs_law_monetary_penalty_notice.pdf> -- Roland Perry
On Tue, 10 May 2011, Marshall Eubanks wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
It wasn't that good a movie, so I guess they need to squeeze every bit of $ they can out of anyone who saw it. I bought it a a Blockbuster liquidation sale (having not seen it previously).
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
I wonder how things go if you challenge them in court. This is surely a topic for another list, but it seems to me it'd be fairly difficult to prove unless they downloaded part of the movie from your IP and verified that what they got really was a part of the movie. If they're going after any IP that connected to and downloaded from an agent of the studio (and thats what it sounds like) who hosted the file, can they really expect to prosecute people for downloading something they were giving away? Wouldn't that be like the RIAA making bootleg copies of audio CDs, giving them away, and then prosecuting anyone who accepted one? ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
So are they basing this on you downloading it or on making it available for others? Apologies for the top post... -- Leigh Porter On 10 May 2011, at 14:40, "Jon Lewis" <jlewis@lewis.org> wrote:
On Tue, 10 May 2011, Marshall Eubanks wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
It wasn't that good a movie, so I guess they need to squeeze every bit of $ they can out of anyone who saw it. I bought it a a Blockbuster liquidation sale (having not seen it previously).
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
I wonder how things go if you challenge them in court. This is surely a topic for another list, but it seems to me it'd be fairly difficult to prove unless they downloaded part of the movie from your IP and verified that what they got really was a part of the movie. If they're going after any IP that connected to and downloaded from an agent of the studio (and thats what it sounds like) who hosted the file, can they really expect to prosecute people for downloading something they were giving away?
Wouldn't that be like the RIAA making bootleg copies of audio CDs, giving them away, and then prosecuting anyone who accepted one?
---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
______________________________________________________________________ This email has been scanned by the MessageLabs Email Security System. For more information please visit http://www.messagelabs.com/email ______________________________________________________________________
On Tue, May 10, 2011 at 09:42, Leigh Porter <leigh.porter@ukbroadband.com> wrote:
So are they basing this on you downloading it or on making it available for others?
Without knowing the details, I wouldn't assume any such level of competence or integrity. It could just be a broad witch hunt.
Apologies for the top post...
Never apologize for top posting, it just starts the flame war all over again.
On Tue, May 10, 2011 at 10:15 AM, Scott Brim <scott.brim@gmail.com> wrote:
On Tue, May 10, 2011 at 09:42, Leigh Porter <leigh.porter@ukbroadband.com> wrote:
So are they basing this on you downloading it or on making it available for others?
Without knowing the details, I wouldn't assume any such level of competence or integrity. It could just be a broad witch hunt.
I know of a decent sized global ISP that ran (runs?) a large darknet that was the equivalent of a few /16's routed to a fbsd host running 'tcpdump' (a tad more complex, but essentially this). BayTSP (one of the 'make legal threats for the mpaa/riaa' firms) sent ~2k notes to the ISP about downloaders on these ips. Looking at netflow data (sample 1:1 on that interface) they had portscanned (from ip space registered in their name) each address in the range and sent subpoena-material to all ips that they thought they got a response from. At least baytsp got theirs? (money I mean)
On Tue, 10 May 2011 10:22:03 -0400 Christopher Morrow <morrowc.lists@gmail.com> wrote:
On Tue, May 10, 2011 at 10:15 AM, Scott Brim <scott.brim@gmail.com> wrote:
On Tue, May 10, 2011 at 09:42, Leigh Porter <leigh.porter@ukbroadband.com> wrote:
So are they basing this on you downloading it or on making it available for others?
Without knowing the details, I wouldn't assume any such level of competence or integrity. It could just be a broad witch hunt.
I know of a decent sized global ISP that ran (runs?) a large darknet that was the equivalent of a few /16's routed to a fbsd host running 'tcpdump' (a tad more complex, but essentially this). BayTSP (one of the 'make legal threats for the mpaa/riaa' firms) sent ~2k notes to the ISP about downloaders on these ips.
Looking at netflow data (sample 1:1 on that interface) they had portscanned (from ip space registered in their name) each address in the range and sent subpoena-material to all ips that they thought they got a response from.
At least baytsp got theirs? (money I mean)
Do you have any links to evidence of this? I would love to just be able to automatically throw BayTSP mails in the garbage, but I can't just blindly do it if there is any chance of them being legitimate. William
On Tue, May 10, 2011 at 10:37 AM, William Pitcock <nenolod@systeminplace.net> wrote:
On Tue, 10 May 2011 10:22:03 -0400 Christopher Morrow <morrowc.lists@gmail.com> wrote:
At least baytsp got theirs? (money I mean)
Do you have any links to evidence of this? I would love to just be able to automatically throw BayTSP mails in the garbage, but I can't just blindly do it if there is any chance of them being legitimate.
sadly I do not have evidence anymore... I do know that the isp essentially stopped replying to baytsp though. some form of monitoring netflow on your network + matching baytsp requests against that pattern would likely be enough I suspect (ask lawyer-cat of course) -chris
Maybe they can use the Clinton marijuana-non-inhalation defense - I downloaded the movie but I didn't watch it! Ron Baklarz CISSP, CISA, CISM, NSA-IAM/IEM Chief Information Security Officer National Passenger Railroad Corporation 10 G Street, NE Office 6E606 Washington, DC 20002 BaklarR@Amtrak.com -----Original Message----- From: Jon Lewis [mailto:jlewis@lewis.org] Sent: Tuesday, May 10, 2011 9:38 AM To: Marshall Eubanks Cc: NANOG list Subject: Re: 23,000 IP addresses On Tue, 10 May 2011, Marshall Eubanks wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
It wasn't that good a movie, so I guess they need to squeeze every bit of $ they can out of anyone who saw it. I bought it a a Blockbuster liquidation sale (having not seen it previously).
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
I wonder how things go if you challenge them in court. This is surely a topic for another list, but it seems to me it'd be fairly difficult to prove unless they downloaded part of the movie from your IP and verified that what they got really was a part of the movie. If they're going after any IP that connected to and downloaded from an agent of the studio (and thats what it sounds like) who hosted the file, can they really expect to prosecute people for downloading something they were giving away? Wouldn't that be like the RIAA making bootleg copies of audio CDs, giving them away, and then prosecuting anyone who accepted one? ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
--As of May 10, 2011 9:37:55 AM -0400, Jon Lewis is alleged to have said:
I wonder how things go if you challenge them in court. This is surely a topic for another list, but it seems to me it'd be fairly difficult to prove unless they downloaded part of the movie from your IP and verified that what they got really was a part of the movie. If they're going after any IP that connected to and downloaded from an agent of the studio (and that's what it sounds like) who hosted the file, can they really expect to prosecute people for downloading something they were giving away?
--As for the rest, it is mine. Typically the response (from what media coverage I've read) is that they'll put up a token defense to see if you are really interested, and then drop it at the first opportunity if you continue. Keeping them in court once they have dropped the prosecution is tricky, and they will resist that with all available resources. Actually paying court costs and spending billable time on these cuts into their business model. Daniel T. Staal --------------------------------------------------------------- This email copyright the author. Unless otherwise noted, you are expressly allowed to retransmit, quote, or otherwise use the contents for non-commercial purposes. This copyright will expire 5 years after the author's death, or in 30 years, whichever is longer, unless such a period is in excess of local copyright law. ---------------------------------------------------------------
I wonder how things go if you challenge them in court. This is surely a topic for another list, but it seems to me it'd be fairly difficult to prove unless they downloaded part of the movie from your IP and verified that what they got really was a part of the movie.
I have the netflow records to prove this is NOT the case. All MediaSentry (et.al.) do is scrape the tracker. We have also received a number of takedown notices that have numbers transposed, involve parts of our netblock that were not in use at the time in question, etc. I would think that whole "penalty of perjury" thing would have some weight behind it. Stanford (in)famously managed to get DMCA notices for all the printers on campus, just by faking a client into putting the printer's IP into the tracker as a seed. Cheers, Michael Holstein Cleveland State University
On Wed, May 11, 2011 at 8:48 AM, Michael Holstein <michael.holstein@csuohio.edu> wrote:
I wonder how things go if you challenge them in court. This is surely a topic for another list, but it seems to me it'd be fairly difficult to prove unless they downloaded part of the movie from your IP and verified that what they got really was a part of the movie.
I have the netflow records to prove this is NOT the case. All MediaSentry (et.al.) do is scrape the tracker. We have also received a number of takedown notices that have numbers transposed, involve parts of our netblock that were not in use at the time in question, etc.
this is exactly the same situation I outlined previously... darknet/tcdump can't be a bittorrent user.
I would think that whole "penalty of perjury" thing would have some weight behind it.
apparently not :( (I'd say something about lobbyists et.al, but...) -chris
On Wed, May 11, 2011 at 7:48 AM, Michael Holstein <michael.holstein@csuohio.edu> wrote:
I have the netflow records to prove this is NOT the case. All MediaSentry (et.al.) do is scrape the tracker. We have also received a number of takedown notices that have numbers transposed, involve parts Seems really prone to failure.
I wonder.... does IANA frequently receive legal papers demanding the name and street address of the customer at 127.0.0.1 ? :) -- -JH
From nanog-bounces+bonomi=mail.r-bonomi.com@nanog.org Thu May 12 11:04:15 2011 Date: Wed, 11 May 2011 19:33:21 -0500 Subject: Re: 23,000 IP addresses From: Jimmy Hess <mysidia@gmail.com> To: Michael Holstein <michael.holstein@csuohio.edu> Cc: NANOG list <nanog@nanog.org>
On Wed, May 11, 2011 at 7:48 AM, Michael Holstein
I wonder.... does IANA frequently receive legal papers demanding the name and street address of the customer at 127.0.0.1 ? :)
I know people, well at least one, that have sent spam complaints to IANA claiming junk mail originated from that address. Yes, *really*. And, it was "true". The 'cron' daemon was sending him e-mails he didn't want.
On May 12, 2011, at 8:59 AM, Robert Bonomi wrote:
I wonder.... does IANA frequently receive legal papers demanding the name and street address of the customer at 127.0.0.1 ? :)
I know people, well at least one, that have sent spam complaints to IANA claiming junk mail originated from that address.
I don't recall receiving legal papers for 127.0.0.1, but do recall several demands from law enforcement agencies (and long ago, when I was at APNIC, the US Secret Service) for customer information for RFC 1918 space. Regards, -drc
On Tue, 10 May 2011 09:07:11 -0400, Marshall Eubanks wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of;
Good for you : it was one of the worst films I've ever seen. And I've seen Iron Man 2.
subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
Mine is not. These are only US ISPs ?
If you have IP addresses on this list, expect to receive papers shortly.
Here is more of the backstory :
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
And these problems are spreading everywhere in the world.
Regards Marshall
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of [. . .] I thought that there might be some interest in the list of these addresses : http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses.... f [. . .] Marshall
There are only 34 unique ISP names, representing somewhat fewer ISPs (4 or so have Comcast in the name, I think SBC, Bellsouth and AT&T are all one, Frontier has a couple of names, etc.) And they probably are represented proportional to the number of customers they have, mostly big cable, ILEC, cell carrier: 5892 Comcast Cable 3719 Road Runner 2997 SBC Internet Services 2331 Verizon Internet Services 1293 BellSouth.net 1010 Cox Communications 977 Charter Communications 681 Qwest Communications 656 Optimum Online 572 Windstream Communications 334 Clearwire Corporation 269 Sprint PCS 258 Frontier Communications of America 180 Suddenlink Communications 168 EarthLink 136 WideOpenWest 136 Comcast Business Communications 118 AT&T Services 111 Insight Communications Company 98 Fairpoint Communications 97 Frontier Communications 92 RCN Corporation 70 ALLTEL Corporation 59 Bresnan Communications 59 AT&T Global Network Services, LLC 57 Wave Broadband 55 Midcontinent Communications 51 Atlantic Broadband 48 Sprint 21 HUGHES NETWORK SYSTEMS 19 Road Runner Business 14 Verizon Business 3 Comcast Telecommunications 2 Comcast - Houston
On 5/10/11 9:07 AM, Marshall Eubanks wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
If you have IP addresses on this list, expect to receive papers shortly.
Here is more of the backstory :
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
Regards Marshall
A good reason why every ISP should have a published civil subpoena compliance fee. 23,000 * $150 each should only cost them $3.45M to get the information. Seems like that would take the profit out pretty quickly. -- Mark Radabaugh Amplex mark@amplex.net 419.837.5015
On Tue, May 10, 2011 at 8:54 AM, Mark Radabaugh <mark@amplex.net> wrote:
On 5/10/11 9:07 AM, Marshall Eubanks wrote: A good reason why every ISP should have a published civil subpoena compliance fee. 23,000 * $150 each should only cost them $3.45M to get the information. Seems like that would take the profit out pretty quickly.
+1. But don't the fees actually have to be reasonable? If you say your fee is $150 per IP address, I think they might bring it to the judge and claim the ISP is attempting to avoid subpoena compliance by charging an unreasonable fee. They can point to all the competitors charging $40 per IP. This would be very interesting with IPv6 though, and customers assigned /56s. "You want all the records for every IP in this /56, really?" -- -JH
On 5/10/11 8:30 PM, Jimmy Hess wrote:
On Tue, May 10, 2011 at 8:54 AM, Mark Radabaugh<mark@amplex.net> wrote:
On 5/10/11 9:07 AM, Marshall Eubanks wrote: A good reason why every ISP should have a published civil subpoena compliance fee. 23,000 * $150 each should only cost them $3.45M to get the information. Seems like that would take the profit out pretty quickly. +1. But don't the fees actually have to be reasonable?
Facebook charges $150.00 (not a great link but http://lawyerist.com/subpoena-facebook-information/ Finding that on facebook's site is difficult. Other sites have Facebook charging $250 to $500 for civil subpoena fees. Courts like precedent. I choose Facebook's precedent. Seems reasonable to me. Mark
On 5/10/11 10:35 PM, Mark Radabaugh wrote:
Facebook charges $150.00 (not a great link but http://lawyerist.com/subpoena-facebook-information/
Sorry, that's old and incorrect.
Finding that on facebook's site is difficult. Other sites have Facebook charging $250 to $500 for civil subpoena fees.
http://www.facebook.com/help/?faq=17159 ... you must personally serve a valid California or Federal subpoena on Facebook. Out-of-state civil subpoenas must be domesticated in California. ... Facebook charges a mandatory fee of $500.00 per user account. Please enclose payment with your properly served subpoenas. A custodian declaration will be included with the return of materials, if any. Notarized declarations carry an additional $100.00 fee. http://www.facebook.com/help/?faq=17160 Facebook requires a minimum of 30 days to process a civil subpoena. Additional time may be required depending on various factors. You may request your subpoena be expedited by submitting an additional $200.00 fee with your subpoena.
Courts like precedent. I choose Facebook's precedent. Seems reasonable to me.
That's also roughly in line with Nextel and others for CALEA.
On Wed, May 11, 2011 at 11:16 AM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Courts like precedent. I choose Facebook's precedent. Seems reasonable to me.
That's also roughly in line with Nextel and others for CALEA.
Hrm, I had thought that CALEA specifically removed the ability of the Provider to charge for the 'service'? Though there is always the case where the Provider can say: "Yes, this doesn't fall into the CALEA relevant requests, we can do this for you though it will cost time/materials to do, here's our schedule..." or that's the stance a previous employer was taking... (at the direction of their lawyer-catzen)
On 5/11/11 8:26 AM, Christopher Morrow wrote:
On Wed, May 11, 2011 at 11:16 AM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Courts like precedent. I choose Facebook's precedent. Seems reasonable to me.
That's also roughly in line with Nextel and others for CALEA.
Hrm, I had thought that CALEA specifically removed the ability of the Provider to charge for the 'service'? Though there is always the case where the Provider can say: "Yes, this doesn't fall into the CALEA relevant requests, we can do this for you though it will cost time/materials to do, here's our schedule..."
or that's the stance a previous employer was taking... (at the direction of their lawyer-catzen)
A civil subpeona is not a calea request. This thread has done a fair bit of intermingling of the two things to the detriment of it's utility. While I'm sure facebook is served with plenty of valid search warrants, I'm reasonably unsure that they meet the definition of telecommunications carrier. there's some discussion in the light of recent hearings, here: http://paranoia.dubfire.net/2011/02/deconstructing-calea-hearing.html
On Wed, May 11, 2011 at 2:26 PM, Joel Jaeggli <joelja@bogus.com> wrote:
On 5/11/11 8:26 AM, Christopher Morrow wrote:
On Wed, May 11, 2011 at 11:16 AM, William Allen Simpson <william.allen.simpson@gmail.com> wrote:
Courts like precedent. I choose Facebook's precedent. Seems reasonable to me.
That's also roughly in line with Nextel and others for CALEA.
Hrm, I had thought that CALEA specifically removed the ability of the Provider to charge for the 'service'? Though there is always the case where the Provider can say: "Yes, this doesn't fall into the CALEA relevant requests, we can do this for you though it will cost time/materials to do, here's our schedule..."
or that's the stance a previous employer was taking... (at the direction of their lawyer-catzen)
A civil subpeona is not a calea request. This thread has done a fair bit of intermingling of the two things to the detriment of it's utility.
yes, sorry... I got confused by william's interjection of calea...
While I'm sure facebook is served with plenty of valid search warrants, I'm reasonably unsure that they meet the definition of telecommunications carrier.
there's some discussion in the light of recent hearings, here:
http://paranoia.dubfire.net/2011/02/deconstructing-calea-hearing.html
there's been a push (or was a while ago) to change the calea requirements such that 'service provider' was the application service provider as well. AOL IM, Facebook, Google-Search... etc. with calea-like exfil of relevant data in 'near realtime' and 'at no cost to LEA'. -chris
On May 10, 2011, at 8:30 PM, Jimmy Hess wrote:
On Tue, May 10, 2011 at 8:54 AM, Mark Radabaugh <mark@amplex.net> wrote:
On 5/10/11 9:07 AM, Marshall Eubanks wrote: A good reason why every ISP should have a published civil subpoena compliance fee. 23,000 * $150 each should only cost them $3.45M to get the information. Seems like that would take the profit out pretty quickly.
+1. But don't the fees actually have to be reasonable?
If you say your fee is $150 per IP address, I think they might bring it to the judge and claim the ISP is attempting to avoid subpoena compliance by charging an unreasonable fee.
They can point to all the competitors charging $40 per IP.
I am not a lawyer, and you would be a fool to use NANOG for legal advice, but if I were to charge something for this, I would want to be able to justify the charge in front of a judge, regardless of what anyone else charges. In other words, something like "we find it typically takes $ 100 to get the backups out of storage, 15 minutes @ $X per minute for a tech to find the right backup disk and 10 minutes at $Y per minute for a network engineer to review the dump." Regards Marshall
This would be very interesting with IPv6 though, and customers assigned /56s.
"You want all the records for every IP in this /56, really?"
-- -JH
On 5/11/11 11:19 AM, Marshall Eubanks wrote:
On May 10, 2011, at 8:30 PM, Jimmy Hess wrote:
On Tue, May 10, 2011 at 8:54 AM, Mark Radabaugh<mark@amplex.net> wrote:
On 5/10/11 9:07 AM, Marshall Eubanks wrote: A good reason why every ISP should have a published civil subpoena compliance fee. 23,000 * $150 each should only cost them $3.45M to get the information. Seems like that would take the profit out pretty quickly. +1. But don't the fees actually have to be reasonable? If you say your fee is $150 per IP address, I think they might bring it to the judge and claim the ISP is attempting to avoid subpoena compliance by charging an unreasonable fee.
They can point to all the competitors charging $40 per IP.
I am not a lawyer, and you would be a fool to use NANOG for legal advice, but if I were to charge something for this, I would want to be able to justify the charge in front of a judge, regardless of what anyone else charges. In other words, something like "we find it typically takes $ 100 to get the backups out of storage, 15 minutes @ $X per minute for a tech to find the right backup disk and 10 minutes at $Y per minute for a network engineer to review the dump."
Regards Marshall
Don't forget to include your attorneys time to verify that the subpoena is actually legal. That would add another $100 to the cost at a minimum. We recently almost released information on a customer in an attempt to comply with what appeared to be a valid subpoena. The subpoena was invalid and thankfully our attorney noticed it. I fully expect the bill for the legal advice to be at least $100.00 Really the point though is to charge *some* fee for complying. It doesn't really matter what the fee is. The reason they sue 10,000 defendants in one case is to avoid having to pay the $350 (or similar) fee to the court for each defendant. If the ISP's don't charge for providing this information a copyright holder can file a civil suit, issue subpoena's based on the filing, and intimidate defendants with settlement offers before the case gets thrown out of court for improperly joining defendants. http://houstonlawyer.wordpress.com/2011/03/18/over-10000-internet-users-dism... Add any significant cost to the process of figuring out who the actual customers are and the profit motive goes out the window. -- Mark Radabaugh Amplex mark@amplex.net 419.837.5015
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
The dates in the timestamps are back in February. We deleted those logs "..in the regular course of business.." a LONG TIME AGO. If you didn't do that, you really ought to ask yourself why. Regards, Michael Holstein Information Security Administrator Cleveland State University
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddre sses.pdf
This will stop when a 80+ yr old is taken to court over a download her 8 year old grandkid might have made when visiting for the weekend. The media will make the case that technologists can't. For examples, see the RIAA's attempts and more recently the criminal investigations of child porn downloads from unsecured access points. From what I understand (or wildly guess) is that ISPs with remote diagnostic capabilities are being asked if their provided access point is secure or unsecure BEFORE they serve their warrants to avoid further embarrassments. [It'll probably take another 6 months and more goofs before they realize that customers are perfectly capable of poorly installing their own access points behind ISP provided gear]. The torrent stuff is fundamentally no different in that a single IP can and is shared by lots of people as common practice and the transient nature of it (e.g. airport access point, starbucks, etc) reasonably makes the lawyer's case much, much harder. There is a real theft/crime here in many cases, but whether there is actually any value in prosecution of movie downloads will depend... but most likely, the outcome will be iMovies or similar and the movie industry will shrink the way the music industry has. DJ
Deepak Jain wrote:
For examples, see the RIAA's attempts and more recently the criminal investigations of child porn downloads from unsecured access points. From what I understand (or wildly guess) is that ISPs with remote diagnostic capabilities are being asked if their provided access point is secure or unsecure BEFORE they serve their warrants to avoid further embarrassments. [It'll probably take another 6 months and more goofs before they realize that customers are perfectly capable of poorly installing their own access points behind ISP provided gear].
Exactly...what about those who choose WEP/WPA-TKIP for their 'secured' access point? I can just imagine being in front of a judge/jury after having been arrested for, as you say, "child porn downloads " and listening to my law^H^H^H public defender explain the mechanisms of how the access point was 'cracked' and may have been used by someone sitting in their car down the street.<shudder>
On May 10, 2011, at 9:53 16PM, Michael Painter wrote:
Deepak Jain wrote:
For examples, see the RIAA's attempts and more recently the criminal investigations of child porn downloads from unsecured access points. From what I understand (or wildly guess) is that ISPs with remote diagnostic capabilities are being asked if their provided access point is secure or unsecure BEFORE they serve their warrants to avoid further embarrassments. [It'll probably take another 6 months and more goofs before they realize that customers are perfectly capable of poorly installing their own access points behind ISP provided gear].
Exactly...what about those who choose WEP/WPA-TKIP for their 'secured' access point? I can just imagine being in front of a judge/jury after having been arrested for, as you say, "child porn downloads " and listening to my law^H^H^H public defender explain the mechanisms of how the access point was 'cracked' and may have been used by someone sitting in their car down the street.<shudder>
It's happened -- here are two cases I know of: http://news.cnet.com/Wi-Fi-arrest-highlights-security-dangers/2100-1039_3-51... http://news.nationalpost.com/2010/05/27/ontario-man-accused-of-downloading-c... --Steve Bellovin, https://www.cs.columbia.edu/~smb
Hi, I am not an US citizen and I don't live in US. But I am interested to know how the case progress, because we have similar such cases in my country. :P But seriously, are they after the end-user or making the ISP responsible for their end-user ? while, I am not a lawyer, so what after they know who is using that broadband connection for that IP. So, they have identified the 80yr old, what next ? and what if i have a free-for-all wireless router in my house which anyone can tap on, which i regularly switch off during nighttime for energy saving reason. :) On 5/11/11 1:28 AM, Deepak Jain wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddre sses.pdf This will stop when a 80+ yr old is taken to court over a download her 8 year old grandkid might have made when visiting for the weekend. The media will make the case that technologists can't.
For examples, see the RIAA's attempts and more recently the criminal investigations of child porn downloads from unsecured access points. From what I understand (or wildly guess) is that ISPs with remote diagnostic capabilities are being asked if their provided access point is secure or unsecure BEFORE they serve their warrants to avoid further embarrassments. [It'll probably take another 6 months and more goofs before they realize that customers are perfectly capable of poorly installing their own access points behind ISP provided gear].
The torrent stuff is fundamentally no different in that a single IP can and is shared by lots of people as common practice and the transient nature of it (e.g. airport access point, starbucks, etc) reasonably makes the lawyer's case much, much harder.
There is a real theft/crime here in many cases, but whether there is actually any value in prosecution of movie downloads will depend... but most likely, the outcome will be iMovies or similar and the movie industry will shrink the way the music industry has.
DJ
On Wed, May 11, 2011 at 09:56:56AM +0800, Ong Beng Hui said:
while, I am not a lawyer, so what after they know who is using that broadband connection for that IP. So, they have identified the 80yr old, what next ? and what if i have a free-for-all wireless router in my house which anyone can tap on, which i regularly switch off during nighttime for energy saving reason. :)
Simple. Just make having clue on configuring your wifi AP a legal requirement. :) Sides, since WPA is cracked now too, to some extent, i dont think most APs have any sort of guaranteed protection. Hell, it's better to leave it wide open, as having the prosecution accuse you of child porn because you used a hard-but-crackable WPA2 ("it's one in a billion to crack it! beyond a reasonable doubt! we dont have anyone anywhere in our IT who could possibly crack it!") instead of WEP or wide open seems like a greater pitfall. What about projects like http://NoCat.net - will they be made illegal? That's going to be an awesome can of worms. /kc -- Ken Chase - ken@heavycomputing.ca skype:kenchase23 +1 416 897 6284 Toronto Canada Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.
("it's one in a billion to crack it! beyond a reasonable doubt! we dont have anyone anywhere in our IT who could possibly crack it!")
A billion iterations takes what fraction of a second using a high-end multi-card gamer rig and CUDA? (or for the cheap/lazy, a S3/Tesla instance). Even for brute-force, although WPA2 is salted with the SSID, 95% of the time it's still "Linksys". Rainbow tables for the ~140 most common SSIDs are already available. I once used GPS and a wifi analyizer to show a map of how large the possible "cloud" around a standard WRT54G and 2nd floor installation of the accused's router really was. To make it dumb enough, I used the pringle's cantenna (literally) instead of a commercial antenna. The "CSI effect" works when the defense does it too. Juries love to hear techie stuff these days, it's just that the defense usually can't afford it. If a sizable community of technical folks were to pro-bono as expert witnesses, the "presumption of innocence" would return pretty fast. Cheers, Michael Holstein Cleveland State University
On May 10, 2011, at 9:07 11AM, Marshall Eubanks wrote:
A Federal Judge has decided to let the "U.S. Copyright Group" subpoena ISPs over 23,000 alleged downloads of some Sylvester Stallone movie I have never heard of; subpoenas are expected to go out this week.
I thought that there might be some interest in the list of these addresses :
http://www.wired.com/images_blogs/threatlevel/2011/05/expendibleipaddresses....
If you have IP addresses on this list, expect to receive papers shortly.
Has anyone converted that file to some useful format like ASCII? You know -- something greppable?
Here is more of the backstory :
http://www.wired.com/threatlevel/2011/05/biggest-bittorrent-case/
This is turning into quite a legal racket (get order $ 3000 for sending a threatening letter); I expect to see a lot more of this until some sense returns to the legal system.
There's amazing slime behind some similar efforts -- in another case, of people charged with downloading "Nude Nuns with Big Guns" (yes, you read that correctly), there are two different that each claim the rights to the movie and hence the right to sue (alleged) downloaders: http://www.wired.com/threatlevel/2011/05/nude-nuns-brouhaha/ --Steve Bellovin, https://www.cs.columbia.edu/~smb
On May 10, 2011, at 10:56 AM, Steven Bellovin wrote:
On May 10, 2011, at 9:07 11AM, Marshall Eubanks wrote:
Has anyone converted that file to some useful format like ASCII? You know -- something greppable?
I've converted it to ascii, but I don't have a place to host it. I can send to anyone that would like it. -wil
On May 10, 2011, at 2:10 10PM, Wil Schultz wrote:
On May 10, 2011, at 10:56 AM, Steven Bellovin wrote:
On May 10, 2011, at 9:07 11AM, Marshall Eubanks wrote:
Has anyone converted that file to some useful format like ASCII? You know -- something greppable?
I've converted it to ascii, but I don't have a place to host it.
I can send to anyone that would like it.
Thanks. I've uploaded it as https://www.cs.columbia.edu/~smb/23000.txt.gz and https://www.cs.columbia.edu/~smb/23000-clean.txt.gz ; the latter has page breaks, headers, etc., stripped out; nothing but data. --Steve Bellovin, https://www.cs.columbia.edu/~smb
participants (26)
-
Baklarz, Ron
-
chip
-
Christopher Morrow
-
Dale Carstensen
-
Daniel Staal
-
David Conrad
-
Deepak Jain
-
Jimmy Hess
-
Joel Jaeggli
-
Jon Lewis
-
Julien Gormotte
-
Ken Chase
-
Leigh Porter
-
Mark Radabaugh
-
Marshall Eubanks
-
Marshall Eubanks
-
Michael Holstein
-
Michael Painter
-
Ong Beng Hui
-
Robert Bonomi
-
Roland Perry
-
Scott Brim
-
Steven Bellovin
-
Wil Schultz
-
William Allen Simpson
-
William Pitcock