Feeds

“I poisoned P2P networks for the RIAA” – whistleblower

Gobbles fesses up to hoax. Now read what they're really up to

  • alert
  • submit to reddit

Top three mobile application threats

"Gobbles", the German hacker who improbably claimed to have infected peer-to-peer file sharing networks and to "0wn" your computer this week, has confirmed that his brag was a hoax. That much, you probably suspected, as Goebbels (as we must now call him) failed to offer a shred of evidence in support of the notion that the RIAA was engaged in widespread intrusion of personal computers.

But meet Matt Warne. He has an interesting tale to tell.

For two years Warne worked for the global version of the RIAA, the IFPI which represents 1500 labels in 76 countries, with headquarters in London. The IFPI's primary mission is to "fight music piracy", and Warne worked with the RIAA and the biggest labels in implementing technologies to document and thwart file sharing. The IPFI co-ordinated efforts to glean detailed information about who was sharing what, and where. The organization, backed by the labels, was responsible for providing detailed evidence to the legal teams fighting Napster, Aimster and mined information about the burgeoning peer to peer networks, such as Gnutella. IPFI is responsible for trawling the world's web, ftp and irc channels and runs the automated system that sends warning letters to ISPs and webmasters.

"We had to act quickly. EMI would ring up ask 'What's this FreeNet?' and want to know how many of their artists were on the network".

Napster provided the first taste for the music industry in measuing the level of file sharing and was a war of attrition, says Warne. IPFI developed a custom version of a program called "Media Enforcer" which grew in sophistication.

"The RIAA were very precise about what they wanted," says Warne. When Napster said it couldn't say what was on its network, the IPFI were able to provide file names. When users scrambled the names (using the pig encoder) and Napster said these were too hard to decipher, the IPFI was able to provide the real names.

Poison Pill

The technologies he worked on stayed on the right side of the law - just about - but Warne's most interesting claim to fame is that he suggested that the networks "poison" the emerging p2p networks with trash.

"I was one of the people who suggested the 'rogue file' scheme on the file sharing services," he told us.

"I suggested that they should put out files with legitimate titles - and put inside them silence or random noise - and saturate the file sharing networks with those files. That did start the poisoning."

The goal was to discredit the networks so that casual users would quickly give up trying to download music.

And so the plan went into action. The IPFI created a computer system that appeared to be many unrelated nodes, a network with many members that in fact resided in one location.

A former record label employee also confirmed this week that the industries do order multiple DSL feeds to one location to simulate a P2P network.

For the IPFI however, the poisoned network grew too expensive to justify. Before he left, says Warne, the IPFI's original poisoned system was closed down. The body wanted to concentrate its attentions on large scale copying outfits.

However, more recent evidence suggests that the technique is being used by major labels in-house, instead, and the sheer quantity of junk files found on the peer to peer networks today - purportedly residing on individual's PCs - points to continuing "poisoning". Why? Because users abort a junk download, or quickly delete a file. The alternative explanation for the persistence of this noise material is that users are extremely inattentive, and that's difficult to believe.

Missing the boat

Warne left the music industry in disgust he says, "because the record industry is stuck in the past," and he vows never to return.

Back in 1997 and 1998, the industry had the chance to develop online music services, he says. It saw what was coming. Which is true: at that time, the major labels were paralyzed by fear of online music and were downsizing accordingly, but refused to alter their business models, or extend into new areas.

"Once Napster came along," says Warne, "people got used to getting stuff for free. They've introduced Emusic but people just ask 'why isn't it free?' If they'd introduced it in 1998, they wouldn't have this problem,' he thinks.

"I've seen how they've destroyed talent. The greatest talent is from independents." He cites Eva Cassidy, and Mariah Carey as examples, who were forced into styles by unsympathetic executives.

So as you can see, the RIAA may not - strictly speaking - be "hacking you back". But the industry is extremely active in many other ways, and unlike so much of the trade press which sees an RIAA denial as the end of the story, their activities are only just beginning to emerge.

Since Monday, we've also received a number of reports of some very curious IP traffic. If you're in a position to do so, can you please check your logs, so we can piece together the rest of this mystery? ®

Related Stories

Why I should have the right to kill a malicious process on your machine

'I demand the story be taken down immediately' - RIAA [offending story - mail - more facts less interesting than the truth]
RIAA nominated for Internet Villain award
Missing RIAA figures shoot down "piracy" canard
RIAA in a spin over CD copying bust
RIAA engineered webcast split - former exec
'RIAA-written' Net radio bill served to Senate
RIAA-backed webcast bill 'a disaster for the US'
'96 pc of Net Radio' to close after backroom deal screws grassroots 'casters
A Stuckist Net - you want in
Hollywood's private war for social control

Top three mobile application threats

More from The Register

next story
Sorry London, Europe's top tech city is Munich
New 'Atlas of ICT Activity' finds innovation isn't happening at Silicon Roundabout
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
Audio fans, prepare yourself for the Second Coming ... of Blu-ray
High Fidelity Pure Audio – is this what your ears have been waiting for?
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
Zucker punched: Google gobbles Facebook-wooed Titan Aerospace
Up, up and away in my beautiful balloon flying broadband-bot
Apple DOMINATES the Valley, rakes in more profit than Google, HP, Intel, Cisco COMBINED
Cook & Co. also pay more taxes than those four worthies PLUS eBay and Oracle
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.