MediaDefender DoS attack on Revision3: Stop screwing with new media

Revision3 logoEarlier today, I saw Jim Louderback, CEO at Revision3, tweeting that there had been an outage at Rev3 this weekend and he could now shed light on the issue. Honestly, I hadn’t noticed the downtime. I’ve got Diggnation, The Totally Rad Show and Web Drifter being drip-fed into my iPhone (via iTunes sync) and watch the shows when I’m on the train/tube looking for something to do. I’ve also got a total school-girl crush on Alex Albrecht, which makes the show all too easy to watch, but I digress…

I expected the downtime to be Twitteresque in its incapacity to deal with our adulation and traffic. However, Jim’s story shows the issue they faced this weekend was a whole more serious.

In a nutshell, Revision3 exploits the fantastic peer-to-peer system that is BitTorrent to distribute its shows. Rev3 hosts the tracker, but doesn’t have to take the weight of every single download. It makes technical sense – the Rev3 crowd are technologically up to date and love BitTorrent. It makes business sense – Jim doesn’t have to put quite so much of his revenue towards more servers just to cope with the peaks of traffic, he can count on the distributed network. And it fits right in with the attitude of the Rev3 shows, irreverently addicted and up to date to the latest technology.

Jim writes… “But someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?

Along with where it’s bound, every internet packet has a return address. Often, particularly in cases like this, it’s forged – or spoofed. But interestingly enough, whoever was sending these SYN packets wasn’t shy. Far from it: it’s as if they wanted us to know who they were.

A bit of address translation, and we’d discovered our nemesis. But instead of some shadowy underground criminal syndicate, the packets were coming from right in our home state of California. In fact, we traced the vast majority of those packets to a public company called Artistdirect (ARTD.OB). Once we were able to get their internet provider on the line, they verified that yes, indeed, that internet address belonged to a subsidiary of Artist Direct, called MediaDefender.”

MediaDefender was the one hitting Revision3 servers with a Denial of Service attack. (Read Jim’s post for details on who MediaDefender is and what denial of service attacks are. I’ll skim over that bit.)

According to my eye witnesses, MediaDefender received a less-than-warm reception at South by SouthWest when Randy Saaf, CEO at MD, took part in a panel on “How Piracy Will Safe the Music Industry”, where the legitimacy of such a service was questioned by the audience and fellow panelists.

Revision3 is out there, showing off BitTorrent in a good light, using it for legal and completely legitimate purposes, and in comes MediaDefender, like a bull in a china shop, crushing their servers. It’s naive on Revision3’s part to fail to keep a closer eye on their trackers and letting MediaDefender inject their torrents unauthorised for such a long time, but it doesn’t justify MD’s backhanded and disgusting behaviour.

Jim chose his words carefully and expressed the issue very clearly – For this, I’m very grateful, as it exposes MD as a total fraud blindly attacking legal and illegal services.

It’s hard enough being at the cutting edge of any technology without needing twisted organisations like the RIAA, MPAA and Sony hiring online hitmen to destroy perfectly legitimate of technology! I’m not personally a very active BitTorrent user these days, but I’m livid about this.

I hope that Jim, the Revision3 crew and all other technophiles making legitimate use of geekery like BitTorrent see this as a rallying call and an opportunity to educate people. There’s too much good technology out there to let old technophobes in their ivory towers dictate where we can go with it.

Guh: Huge fine for music file-sharer

Andrew Andrew rants… A court in the US has ordered a woman to pay $222,000 (£109,000) in damages for illegally file-sharing music. The jury ordered Jammie Thomas, 32, from Minnesota, to pay for offering to share 24 specific songs online – a cost of $9,250 per song.

$9,250 per song?? While I understand that what Jammie was doing is seen as illegal, having to pay $9,250 per song is bordering on the insane. Take out the resellers fees and doing some completely incorrect and unsubstantiated mathematics, she is effectively paying the US recording industry more than 12,000 times per song she shared.

There are a few points which really grate on my mind with this issue.

  1. She is allegedly in the wrong, but ruining her life by taking 1/4 of her paycheque over 24 songs for the rest of her life is morally incorrect and just plain wrong. Putting a shackle around somebody’s neck like this for the rest of their life is a completely unbalanced punishment which clearly demonstrates just how detached from reality the RIAA and their lawyers are.
  2. 288,000 (12,000 * 24 songs) people who downloaded music directly or indirectly from Jammie over Kazza now have a paid for (and legal) copy of the tune. This should be taken into account when the US recording industry incorrectly try to sue these people.
  3. What the RIAA don’t take into account is the music that people download, without paying for, which they had no intention of buying anyway; these people are just downloading it to explore new music. I could make a wild (but definitely correct) assumption that many people who have “illegally” downloaded tracks would not have contributed to the RIAA’s coffers anyway even if file sharing did not exist – so this is NOT lost revenue. Music sharing simply opens up a free advertising channel for new fans who would subsequently purchase merchandise and see gigs leading to increased revenue for the artist.

This aggression is only going to fuel more hatred from the general masses, and certainly has done for me. While I have bought music online, I do think it is too expensive and the current move towards DRM free and artist direct bought music is a great one in my mind.

RIAA

With the evolving and modern model of music distribution provided by the internet, the record label plays a much smaller (or no) cog in the gearbox of an artist getting their music to fans or potential fans. Take for one example the Pandora / Music Gnome project, which leads people to find new artists without and intervention of traditional promotional methods. Along with file sharing, the artist no longer needs the record label as they did in the 90s, they have the chance to go it alone and be just as successful.

The US record industry has two choices. Firstly, they could accept their inevitable demise and realise that the days of fat cigars and comfortable leather directors chairs are numbered. Secondly, they could adapt – and FAST – to a more modern model of music distribution, stop suing people and try and win back some popularity of the general population and artists.

Its the only way they will still be here next decade.

[bbc news]