MediaDefender is rightly taking its lumps in the court of public opinion after being fingered as the culprit behind the Memorial Day weekend denial-of-service outage at Revision3. But this is just a sideshow in the bigger battle waged by big copyright holders against illegal digital file sharing.
And as we're learning, things are getting out of hand.
Revision3 happened to use a BitTorrent tracker for perfectly legitimate content distribution. But BitTorrent has also figured in unauthorized sharing of copyrighted movies, TV shows, and music. So MediaDefender went on a fishing expedition. (Read Revision3 CEO Jim Louderback's full description here.) But pay particular attention to this snippet:
Revision3 runs a tracker expressly designed to coordinate the sharing and downloading of our shows. It's a completely legitimate business practice, similar to how ESPN puts out a guide that tells viewers how to tune into its network on DirecTV, Dish, Comcast and Time Warner, or a mall might publish a map of its stores. But someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?
Now we know. And just who is MediaDefender? (Check out the archive of news articles that company collected on its Web site. For some reason, I doubt the collection will be updated to feature MediaDefender's latest exploits.) In a 2005 profile, Ars Technica said the Santa Monica, Calif., company made its living poisoning peer-to-peer networks. The hyperbole is understandable as MediaDefender plants fake files or decoys on peer-to-peer systems
But let's not lose track of who's really calling the shots. The power brokers in this novella work out of offices at big record labels and movie studios and MediaDefender is only a bit player, doing their bidding.
"It's absolutely not our policy to overwhelm any servers or do any DoS attacks," MediaDefender CEO Randy Saaf told my colleague Elinor Mills this afternoon. "We post fake files. In our mind, we were not targeting a legitimate company. All we saw was a public tracker with pirated content."
In other words, Revision3 was collateral damage. Sorry for taking you down, but that's the necessary--albeit inadvertent--price we pay because others simply refuse to play by accepted rules. Or something corny like that.
This is one of the more bizarre stories to hit the tech world since the Hewlett-Packard pretexting scandal.
Revision3 CEO Jim Louderback
(Credit: Revision3)Check out the post from Revision3 CEO Jim Louderback detailing the inside story of the denial-of-service attack which crippled his company's servers over the Memorial Day weekend.
Revision3 tracked the attack back to an Internet address belonging to a subsidiary of Artist Direct, called MediaDefender. And it admitted as much when confronted with the evidence. I'll let Jim take it from here:
So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, vice president of operations at Media Defender.First, they willingly admitted to abusing Revision3's network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only--to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.
Second, and here's where the chain of events come into focus, although not the motive. We'd noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender's servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of "Hi"s brought down our network.
Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second.
"Media Defender did not do anything specific, targeted at Revision3″, claims Grodsky. "We didn't do anything to increase the traffic"--beyond what they'd normally be sending us due to the fact that Revision3 was hosting thousands of MediaDefender torrents improperly injected into our corporate server. His claim: that once we turned off MediaDefender's back-door access to the server, "traffic piled up (to Revision3 from MediaDefender servers because) it didn't get any acknowledgment back."
I've never heard of Grodsky but the man's brass obviously has served him well professionally. MediaDefender "did not do anything specific, targeted at Revision3?" Other than borrow Revision3's servers without permission and for its own profit, that is. (Here is where everyone can exclaim in concert, "WTF?"
At this point, Revision3 says it's not planning to file a lawsuit. Not because it doesn't have a case but pursuing a court remedy would likely cost a lot of money. But here's an opportunity for a public-regarding watchdog like the Electronic Frontier Foundation to get involved. Maybe temporary insanity will serve as a defense strategy because the emerging story boggles the imagination. And now you have to wonder whether Revision3 is the only victim or whether there are others.
Call me a cynic but MediaDefender's actions have already spoken volumes about its ethics. The only way to root out the full story is to get these folks in front of a magistrate.
- prev
- 1
- next
