Feeds

Is the RIAA "hacking you back"?

Hydra of horror

  • alert
  • submit to reddit

Security for virtualized datacentres

The RIAA is preparing to infect MP3 files in order to audit and eventually disable file swapping, according to a startling claim by hacker group Gobbles. In a posting to the Bugtraq mailing list, Gobbles himself claims to have offered his code to the RIAA, creating a monitoring "hydra".

"Several months ago, GOBBLES Security was recruited by the RIAA (riaa.org) to invent, create, and finally deploy the future of antipiracy tools. We focused on creating virii/worm hybrids to infect and spread over p2p nets," writes Gobbles.

"Until we became RIAA contracters [sic], the best they could do was to passively monitor traffic. Our contributions to the RIAA have given them the power to actively control the majority of hosts using these networks."

Gobbles claims that when a peer to peer host is infected, it catalogs media and sends the information "back to the RIAA headquarters (through specifically crafter requests over the p2p networks) where it is added to their records", and also propagates the exploit to other nodes.

"Our software worked better than even we hoped, and current reports indicate that nearly 95% of all p2p-participating hosts are now infected with the
software that we developed for the RIAA."

The "hydra" is uncorroborated.

Gobbles attached two pieces of code, one of which jinglebellz.c details a frame header exploit for the Linux player mpg123. The code chastises OpenBSD lead Theo de Raadt for failing to checksum the public MP3s (written to celebrate each OpenBSD release). The group has singled out OpenBSD in its previous exploits

In their presentation to last year's DefCon, the group described itself as "the largest active nonprofit security group in existence (that favors full disclosure)," consisting of 17+ members.

"They're real, and they're damn good. They have made what appeared to be extremely exaggerated claims in the past, and when mocked, they have demonstrated that they are serious," one security expert familiar with their work, who declined to be named, told The Register.

"He's a funny guy," De Raadt told us. "This is a buffer overflow exploit," he confirmed. De Raadt said he was more concerned by social engineering than by external exploits. "We had Fluffy Bunny, now we have Gobbles. They come in waves. "

An exploit of this nature is of dubious legality, right now, but language in Howard Berman's "P2P Piracy Prevention" bill last year legitimizing such exploits was backed by RIAA chief Hilary Rosen:

The Berman bill, ensured a copyright owner would not be liable for "disabling, interfering with, blocking, diverting, or otherwise impairing the unauthorized distribution, display, performance, or reproduction of his or her copyrighted work on a publicly accessible peer-to-peer file trading network, if such impairment does not, without authorization, alter, delete, or otherwise impair the integrity of any computer file or data residing on the computer of a file trader." Berman is expected to re-introduce the bill in this Congressional session. ®

Related Stories

Congress to turn hacks into hackers
Valenti backs away from P2P hack bill
RIAA defaced -again!
RIAA invites comments

Beginner's guide to SSL certificates

More from The Register

next story
Bono apologises for iTunes album dump
Megalomania, generosity and FEAR of irrelevance drove group to Apple deal
HBO shocks US pay TV world: We're down with OTT. Netflix says, 'Gee'
This affects every broadcaster, every cable guy
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
SCREW YOU, EU: BBC rolls out Right To Remember as Google deletes links
Not even Google can withstand the power of Auntie
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
America's super-secret X-37B plane returns to Earth after nearly TWO YEARS aloft
674 days in space for US Air Force's mystery orbital vehicle
10 Top Tips For PRs Considering Whether To Phone The Register
You'll Read These And LOL Even Though They're Serious
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.