The most crazy tech story since the HP pretexting scandal

This is one of the more bizarre stories to hit the tech world since the Hewlett-Packard pretexting scandal.

Revision3 CEO Jim Louderback

(Credit: Revision3)

Check out the post from Revision3 CEO Jim Louderback detailing the inside story of the denial-of-service attack which crippled his company's servers over the Memorial Day weekend.

Revision3 tracked the attack back to an Internet address belonging to a subsidiary of Artist Direct, called MediaDefender. And it admitted as much when confronted with the evidence. I'll let Jim take it from here:

So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, vice president of operations at Media Defender.

First, they willingly admitted to abusing Revision3's network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only--to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.

Second, and here's where the chain of events come into focus, although not the motive. We'd noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender's servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of "Hi"s brought down our network.

Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second.

"Media Defender did not do anything specific, targeted at Revision3″, claims Grodsky. "We didn't do anything to increase the traffic"--beyond what they'd normally be sending us due to the fact that Revision3 was hosting thousands of MediaDefender torrents improperly injected into our corporate server. His claim: that once we turned off MediaDefender's back-door access to the server, "traffic piled up (to Revision3 from MediaDefender servers because) it didn't get any acknowledgment back."

I've never heard of Grodsky but the man's brass obviously has served him well professionally. MediaDefender "did not do anything specific, targeted at Revision3?" Other than borrow Revision3's servers without permission and for its own profit, that is. (Here is where everyone can exclaim in concert, "WTF?"

At this point, Revision3 says it's not planning to file a lawsuit. Not because it doesn't have a case but pursuing a court remedy would likely cost a lot of money. But here's an opportunity for a public-regarding watchdog like the Electronic Frontier Foundation to get involved. Maybe temporary insanity will serve as a defense strategy because the emerging story boggles the imagination. And now you have to wonder whether Revision3 is the only victim or whether there are others.

Call me a cynic but MediaDefender's actions have already spoken volumes about its ethics. The only way to root out the full story is to get these folks in front of a magistrate.

[jc_cam]

Does anyone else see the irony in this? Media Defender is one of the companies that the RIAA hires to inject bad torrents into the network to "curb piracy". So, we are going to prevent people from stealing music by . . . stealing bandwidth. I really hope someone at the EFF is watching this!

[Dalkorian]

Why are you covering up who MediaDefender is? I had to look it up as a sanity check, I knew I recognized that name from somewhere. MediaDefender is the shady company that tries to trick people into downloading fake P2P content so they can turn over the IP address to the RIAA and MPAA. That's right folks, they are the "bad guys", known for shady if not downright illegal entrapment to extort more money from the public! Note they have now been caught red handed, even admitting they have staged a DOS attack against a company who's servers they had illegally violated in order to do their shady (illegal?) entrapment scams. If I ever heard of a company that needed to be forced out of business, MediaDefender is it. Their association with the MPAA/RIAA reinforces my belief that these thugs deserve not one thin dime of my (or anyone else's) money. If the RIAA/MPAA and MediaDefender is allowed to break the law in order to hack people's servers in an attempt to entrap people, why is it more wrong for me to torrent *ALL* my music and movie selections from now on?

[michael_o]

I'm not normally against the RIAA as our many others because I believe people are entitled to dictate the compensation for their work. But it looks like a firm that works mainly (exclusively?) for the RIAA stole somebody else's bandwidth. Did they do this accidentally? If the requests were coming from one IP block then why did it take so long for Revision3 to figure out who was throwing a DOS at them and block it? (or was MediaDefender using a zombie-bot farm?) This doesn't seem as interesting as the HP story yet, but it also seems like a lot of pieces are missing that could get it there...

[Magallanes]

So this wasn't a personal attack, just a routine attack ( <---- illegal, no matter if the target is "guilty" or not).

[gerrrg]

I think I'm going to love following this story...I can't wait for various attorney generals to get involved! This is so juicy, it begs the question...if MediaDefender doesn't know who it is targeting, could MediaDefender one day 'accidentally' target the Feds, States, or Nations? Maybe Carly is involved? heh heh.