Autistic Geek

Near-Sighted Biker Gets Closer Look At Sign – Watch more at break.com

The Memorial Day weekend brings an extra day off to most Americans so they can enjoy time with their families, maybe have a barbecue and celebrate the start of summer. This recent Memorial day weekend did just the opposite to employees of Revision3. They were hard at work combating an attack on their servers.

It seams that sometime just before the weekend it was discovered that someone was using Revision3′s bittorrent server to distribute content that did not belong to Revision3. In order to speed up the server Revision3 had the server checking hashes only, not checking weather or not the torrents it was tracking were in fact authorized to be on the server. They of course, upon discovering this, closed the backdoor security hole and purged the illeagly placed torrent tracking files from the server.

This is the solution any normal situation would prescribe, because Revision3 would be sued by copyright holders if they did not take action to prevent the known use of Revision3′s servers to distribute copyrighted content not owned by Revision3. This is where it gets interesting. The individuals who were using Revision3′s servers to track the unauthorized torrents had programed their servers to retaliate should they be cut off from the tracker files on a server they had previously compromised. The attack took the form of what is known as a DDOS Attack. The attack works by requesting services such as a TCP handshake several times a second from the machine being attacked. The attacked machine can’t tell the difference between legitimate request and the request that are part of the attack, so it tries to grant all of the request and becomes overwhelmed. Its like running too many programs on a personal computer at once, something (usually the OS) crashes.

This sounds like the behavior of an angry hacker, most DDOS hackers will take over a computer not for the purpose of compromising that machine, but to have that machine carry out an attack on the hackers behalf against an intended target. They do this so the attack cannot be traced back to to original source. A bot-net consist of several thousand compromised machines waiting for their commander-in-chief to give the strike order on a specific target. When a bot-net attacks, the routers close to the target can also be overwhelmed, thus stopping all traffic to, from and around the target. Without a router directing traffic, nothing gets through. No email, no web pages, no IP phone system, NO-THING! Resulting in lost revenue to Revision3

But it wasn’t some unscrupulous teenage hacker who initiated the attack, it was a company that protects copyrighted content by placing corrupt or false data in the place of copyrighted material, thus thwarting the copyright infringer’s attempt to infringe. The company, called MediaDefender, is a subsidiary of Artistdirect. The attack was unpropagated, they simply attacked a torrent tracking provider that had blocked them. Artistdirect and MediaDefender reside in California and therefore fall under the jurisdiction of US law. Initiating a DDOS attack is against the law (see Economic Espionage Act of 1996 the and Computer Fraud and Abuse Act), so now the FBI is involved. If no one goes to jail for this one, it is a sign of our government truly owned by corporate interest.