MediaDefender Defends Revision3 SYN Attack
MediaDefender Defends Revision3 SYN Attack - Via Threat Level:
When MediaDefender rained down an attack of some 8,000 SYN packets a second on an open BitTorrent tracker that pointed the way to hundreds of thousands of copyrighted movies for the taking, it had no idea it was shuttering a legitimate San Francisco media company.
Revision3, the San Francisco-based site the produces and distributes the popular DiggNation show and others via the BitTorrent protocol, went offline over the Memorial Day weekend after its servers buckled under the attack. Revision3's distribution tracker was open, and was pointing the way for pirates to download copyrighted movies unbeknownst to Revision3.
MediaDefender is paid by the recording and motion picture industries to seed fake files to illicit torrent tracking services. When Revision3 closed the tracker during the holiday weekend, the result was a denial of service attack by MediaDefender, which had been seeding the tracker with fake torrents.
"Our systems were targeting a tracker not even knowing it was Revision3's tracker," Randy Saaf, Media Defender's CEO, said in an interview. "They were using the tracker as the tracker for their legitimate content. It had been open for years."
At Fenopy.com, Revision3's tracker was used for 296,000 downloads, mostly of unauthorized copyrighted movies, Saaf said.
Jim Louderback, Revision3's CEO, said the attack shut down the company's internet site, RSS server and internal corporate e-mail.
It's an open debate whether MediaDefender's actions were lawful, even when it targets illicit torrent-tracking sites pointing the way to unauthorized, copyrighted material. The FBI is examining the Revision3 affair.
One bureau source told THREAT LEVEL that it was a "gray" area in federal computer security law.
Then there's the area of corporate responsibility. Louderback said in an interview that Revision3 closed the hole in its tracker over the Memorial Day weekend and subsequently got slammed by MediaDefender.
"That's when MediaDefender went into overdrive and started pummeling us," Louderback said. "If a tracker was previously open and suddenly shut, their systems are automatically configured to put them out of business."
Saaf said MediaDefender had been seeding the tracker with fake torrents for some time. Fake files corrupt BitTorrent downloads.
"We saw an open BitTorrent tracker with a lot of pirated content on it. We had been posting fake files to their tracker. Over Memorial Day weekend, Revision3 changed some configurations," Saaf said.
MediaDefender, of Santa Monica, Calif., holds some 2,000 servers with a 9GBps dedicated connection.
Louderback said if MediaDefender was "concerned that we were tracking copyrighted material, they should have called us."
He wondered aloud over what tragedy may have happened had Revision3 "been an airport using BitTorrent to distribute approaches to the runaway?"
See Also:
- Interview with MediaDefender Hacker
- Screenshot Purports to Show Hackers with Root Access on ...
- MediaDefender's "Swedish" Hackers Attempted to Hack AG Computer
- Source Code for MediaDefender Anti-Piracy Tools Leaked
- Los Angeles Says Piracy 'Detrimental to the Public Health, Safety'
- Anti-P2P Company Gets Bit by the Torrent
- Pirate Bay Calls Cops on Hollywood Big Shots
(Read Original Article - Via Threat Level.)
Delicious
Digg
Reddit
Google
Yahoo
TechnoratiRecent blog posts
- Apple patching serious SMS vulnerability on iPhone
- Enter the Advertisers - self-regulatory principles ?
- Out of business, Clear may sell customer data
- TSA asked to ensure safety of customer data after Clear closing
- Several Facts about Google and HTTPS
- China thinks twice – and its 300m internet users scent a rare victory
- Did the Sanford E-Mail Tipster or the Newspaper Break the Law?
- Supreme Court Serves Up Remote-Recording Victory
- Deep-Packet Inspection in U.S. Scrutinized Following Iran Surveillance
- ATM Vendor Halts Researcher’s Talk on Vulnerability
