lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <dc718edc05011117163af7000e@mail.gmail.com>
From: kkadow at gmail.com (Kevin)
Subject: MediaSentry false positives?

On Wed, 05 Jan 2005 13:00:41 +0100, Florian Weimer <fw@...eb.enyo.de> wrote:
> Kevin Kadow wrote:
> > Has anybody received "Notice of claimed infringement" from MediaSentry
> > for IP addresses which, while registered to you or your organization,
> > are in a range not actively in use?
> 
> I've independently received another report of this problem.
> 
> > I see two likely possibilities -- either MediaSentry is not using due
> > diligence in verifying that the material for which they send
> > infringement notices is actually shared from the address they show in
> > the complaint,  or somebody on the Internet is spoofing BGP route
> > announcements for unused address space out of larger allocations.
> 
> RIPE doesn't have an announcement of the prefix, so I think
> MediaSentry was in error.
> 
> I don't think it makes sense for MediaSentry to check their findings
> more closely from a business perspective.  They don't try to download
> the infringing material to confirm that redistribution actually takes
> place, either.

Sounds like an opportunity to take down MediaSentry.

The "takedown" notices state the following:

] On behalf of <copyright holder>, owner of the exclusive rights to the
] copyrighted material at issue in this notice, we hereby state, that
] we have a good faith belief that use of the material in the manner
] complained of is not authorized by <copyright holder>, its respective
] agents, or the law.
]
] Also, we hereby state, under penalty of perjury, under the laws of
] the State of California and under the laws of the United States, that the
] information in this notification is accurate and that we are authorized 
] to act on behalf of the owner of the exclusive rights being infringed
] as set forth in this notification.

Given the references to "good faith" and "perjury" in the above text,
if the data collection methods employed by MediaSentry are
demonstrably faulty, falsely implicate source IP addresses not
actually participating in file sharing (not a spoofed BGP route,
rather a bogus entry in the Kazaa or eDonkey indexes showing the wrong
source IP), MediaSentry may no longer be protected by the "good faith"
clause?

Kevin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ