I. Introduction
- This essay will be a suitable way to gain an understanding of the current online war between the RIAA and music pirates. It will cover things including, but not limited to, the following:
- What is piracy? Is it legal?
- What is the RIAA?
- Who is the RIAA targeting? Am I at risk of being sued?
- How does the RIAA know who shares files?
- How can I protect myself?
II. What is piracy?
- The information age has crowned a new definition for the word "piracy". What once involved capturing and looting ships at sea has evolved into a completely different meaning. Piracy can be defined as reproduction or unauthorized use of copyrighted or patented material (dictionary.com).
So is piracy legal? Well, unauthorized reproduction of media is granted as theft. Thus, piracy is not legal. Multimedia pirates face the possibility of fines or potentially even jail time if caught pirating software, music, etc. In the past most media pirates haven't been caught due to the use of KaZaA and other P2P (peer-to-peer) software. This prompted the RIAA to take action.
III. What is the RIAA?-
The Recording Industry Association of America (RIAA) represents the recording industry of the United States. It is comprised of by the record companies it represents. The mission of the RIAA is "to foster a business and legal climate that supports and promotes our members' creative and financial vitality." (RIAA.com). The RIAA strives to protect the rights of the recording industries it represents.
IV. Who is the RIAA targeting?
- The RIAA is not targeting one specific group of people. It isn't keeping its prying eyes peeled for students sharing files over a University network, adults sharing files at work, kids sharing files at home, etc. The RIAA isn't concerned as to whether you've swapped fifty files or a hundred thousand. There's no specific method or target. The RIAA itself claimed to be sending subpoenas "at random". It's the goal of the RIAA to send warnings or fines to as many people over as wide of a variety as possible. Knowing it's financially and chronologically impossible to take every single file sharer to court, the RIAA uses this method to make it evident that regardless of what, how, where, when, and why you're sharing files, you can be caught. This way it seems as if there's no way to escpape the RIAA. It's due to this strategy that file sharing has faced over a ten percent decline since law suits have been filed against file swappers.
The RIAA isn't interested in the person actually doing the file sharing. It's impossible to tell who was logged into a specific computer at a specific time; however, it is possible to find out the name, address, and phone number of the person whose internet connection is being used for file swapping. This means whoever the internet connection is registered to is the person receiving a subpoena in the mail.
IV. How does the RIAA detect file sharers?
- It may seem difficult or even impossible/illegal to discover who you're connected to for a download or an upload. In reality, it's extremely simple.
Any time you connect to another machine your Internet Protocol (IP) address will be exposed to anyone accessing that machine. The only matter of them finding out this information is whether or not they understand how to gain access to it.
Simply by opening a command prompt (by typing "cmd" with no quotes at the Run dialog) you've done ninety percent of the work to getting the IP address and/or hostname of anything you're connecting to. At the command prompt you'll be able to type any of a list of commands (typing "help" without the quotes will show a list of many available commands). To list any active connections type "netstat" and hit enter. Your screen will display information similar to that of F.1.
For this task you can simply ignore the columns "Proto" and "Local address". "Foreign address" lists the IP address or the hostname of the machine you're connected to. The first four foreign addresses in F.1 are examples of IP addresses, while the last foreign address is a hostname. Addresses are followed by a colon. The number following the colon represents the port number the connection occurs on. Any connections listed as "ESTABLISHED" under "State" are ones currently in use. There is a wide variety of possibilities as to what else could be written there, but in this case we're only concerned with those listed as "established".
Note: Regardless of your connection type your IP address and hostname are still visible any time you establish a connection.
But how is it that this ties in with the RIAA? Well, when you connect to upload or download music files via p2p software you're accessing these files from another machine. Running a netstat while downloading or uploading will reveal the IP address/hostname of the machine(s) you're connected to. From the hostname it's simple to find out the Internet Service Provider (ISP) being used to get a connection for this machine. Upon revealing this information, the RIAA contacts the ISP and demands for the information on the user whose IP address was transferring pirated music.
In the event that only the IP address is displayed via netstat there are two options to discover the hostname of the person. The first and more simple would be to do a whois search. This will do the obvious. The other method (which I prefer) would be to use a different command in the command prompt. This one is a bit more complex than netstat, in that it requires two parts: the command and the IP address in question. For example- to trace the route of 192.168.1.145 you would type the command as such: tracert 192.168.1.145. The following is an example of a traceroute I performed on the bottom foreign address from F.1 (disregard the fact that I already knew the hostname). The bottom line will be the resolved hostname.
Tracing route to 209-122-50-213.c3-0.upd-ubr8.trpr-upd.pa.cable.rcn.com [209.122
.50.213]
over a maximum of 30 hops:
1 11 ms 11 ms 11 ms 10.119.88.1
2 11 ms 15 ms 9 ms 172.30.121.17
3 11 ms 11 ms 12 ms 172.30.120.57
4 10 ms 12 ms 12 ms 172.30.120.109
5 11 ms 12 ms 11 ms 172.30.120.122
6 13 ms 12 ms 11 ms 172.30.118.106
7 12 ms 11 ms 11 ms 68.46.144.166
8 12 ms 13 ms 14 ms sl-gw40-pen-11-0.sprintlink.net [144.232.191.21]
9 12 ms 11 ms 13 ms sl-bb25-pen-6-0.sprintlink.net [144.232.16.98]
10 15 ms 12 ms 15 ms sl-bb24-pen-14-0.sprintlink.net [144.232.16.77]
11 39 ms 13 ms 13 ms sl-bb23-pen-8-0.sprintlink.net [144.232.16.65]
12 17 ms 18 ms 20 ms sl-bb26-nyc-4-0.sprintlink.net [144.232.20.94]
13 18 ms 19 ms 16 ms sl-bb20-nyc-15-0.sprintlink.net [144.232.13.10]
14 18 ms 17 ms 17 ms pos1-3.core1.NewYork1.Level3.net [209.244.160.18
5]
15 17 ms 24 ms 18 ms gige7-1.ipcolo2.NewYork1.Level3.net [64.159.17.1
00]
16 17 ms 17 ms 17 ms 166.90.136.138
17 18 ms 17 ms 18 ms ge3-0.core3.nyw.ny.rcn.net [207.172.15.67]
18 18 ms 19 ms 19 ms pos5-0.core2.phdl.pa.rcn.net [207.172.19.10]
19 20 ms 20 ms 20 ms ge0-0-0.gw3.trpr.pa.rcn.net [207.172.29.214]
20 24 ms 21 ms 21 ms upd-ubr8.trpr-upd.pa.cable.rcn.net [209.122.64.2
12]
21 26 ms 49 ms 31 ms 209-122-50-213.c3-0.upd-ubr8.trpr-upd.pa.cable.r
cn.com [209.122.50.213]
Trace complete.
The simplicity of these methods is what makes it so easy for the RIAA to find file swappers. All they have to do is run some p2p software and start a download or upload to someone and capture their IP/hostname.
IV. How can I protect myself?
- Although the RIAA is targeting anyone and everyone there are some methods to keep your name out off the RIAA hit list. For starters you can disable downloads being available from your shared folder. This can be done by checking the box in KaZaA that says "Disable sharing of files with other users". Doing this will prevent the RIAA from being able to accuse you of file swapping after downloading a file from you.
Methlabs has a program known as PeerGuardian that will, when instructed to, obtain a list of "bad IP ranges" and promptly cause them to become unaccessible from your computer. These bad IP ranges consist of IP addresses used by the RIAA to catch file sharers.
Of course, none of this will give you a hundred percent protection from the RIAA. The only way to achieve full, undoubted security from the RIAA is to obtain music legally and avoid file sharing.
This was written by Dan Walsh. Don't hesitate to share this information.
|