Feeds

Anti-piracy vigilantes stalk file sharers

'Bad Pirate!'

  • alert
  • submit to reddit

The Essential Guide to IT Transformation

A pair of coders nurturing a deep antipathy for software pirates set off a controversy last Thursday when they went public with a months-old experiment to trick file sharers into running a Trojan horse program that chastises users and reports back to a central server.

As of Thursday, the crime-busting duo's server had logged over 12,000 victims of "Walk the Plank," and a sequel they call "Dust Bunny," since the cybersting secretly launched in January. The programs have circulated disguised as activation key generators and cracks for Unreal Tournament 2004, Pinnacle Studio 9, Norton Antivirus, TurboTax, and as a copy of the leaked Microsoft source code - all titles chosen for their popularity on peer-to-peer networks. When executed, a large message appears scolding, "Bad Pirate!"

"So, you think you can steal from software companies do you?," the text continues. "That's called theft, don't worry your secret is safe with me. Go thou and sin no more."

The program does not permanently install itself, open a back door or harvest the user's name or other personal information. But it does "phone home" to a central server, sending the filename under which it was executed, and the amount of time the user spent staring in shock at the sermonising text before closing the window-an average of about 12 seconds. The "Dust Bunny" revision launched last month also sends a unique I.D. number that' embedded in each copy of the program; the server logs the I.D., then sends back a new number that gets patched into the code, allowing the creators to track the program as it's re-distributed across the networks.

The whole thing is logged in real time to a public website, date and time stamped with each user's IP address and country of origin.

"We were going to see how many executions we'd get - how much people would download it - and we thought we could turn it into a tracking thing and track how it spread," says 19-year-old Clifton Griffin, the North Carolina college student who wrote the program with an online friend called "Justin X. B."

After initially distributing it on Gnutella from their own machines, the pair stopped sharing it directly when they found that the program was sustaining itself - eventually even crossing to other networks. "Searching eDonkey and stuff like that, we've found that a lot of people must be using multiple file sharing services," says Griffin. "Certain versions have up to 150 sources on eDonkey alone. It's definitely making its way to different networks."

Legal Issues

On Thursday, the pair finally revealed their "war on illegal file sharing and pirates" on a blog they both run. The online community site Broadbandreports.com picked up the story, and its message boards quickly filled with outraged posters dubbing the project "malware" and a "virus", and suggesting the coders might be in violation of the law. "They infiltrate your computer under false pretences," wrote one. Some craftier users obtained and reversed-engineered a copy of the program, and someone subverted the phone home mechanism to post unkind comments about Griffin to his own website.

"The response has either been, 'very cool', 'hilarious', etc., or, 'I'm offended', 'you're going down', 'I'm suing you'," says Griffin, who dismisses his critics as likely pirates, and insists that Walk the Plank is perfectly legal. "They chose to download it from us, and it doesn't do anything harmful to them," Griffin says.

But Jason Schultz, a staff attorney with the Electronic Frontier Foundation, is wary of the vigilante effort. "It's sort of an invasion of your computer, not much different from other malicious programs or spyware," says Schultz. "When you use file sharing to download an application, you're not giving the person who's sending you the file permission to run rampant on your computer. The fact that they're in some ways tricking you into running it may pose some real problems for them in court."

"I think there's an awful lot of presumptions going on about who's downloading these files and for what reason," Schultz says. For example, an attorney or a journalists might download software in an investigation. "Even if it's the case that the people who download this are trying to get illegal files, two wrongs don't make a right."

Notwithstanding the controversy, the website charting the program's movements around the world is strangely compelling. A field at the top of the page even keeps a running count of the total amount of minutes the program has sat running on people's machines, displaying its tough-on-crime message and wasting the downloader's time. "We tried to calculate how long we took to develop the program so we'd know when we 'broke even'," says Griffin. That happened weeks ago: the two versions of the program took a total of 32 hours to code, he says, and they've racked up eighty-five hours of running time.

Copyright © 2004, 0

Build a business case: developing custom apps

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
Tor attack nodes RIPPED MASKS off users for 6 MONTHS
Traffic confirmation attack bared users' privates - but to whom?
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.