Educause Security Discussion
mailing list archives
Re: RIAA timestamps off
From: "Scholz, Greg" <gscholz () KEENE EDU>
Date: Tue, 25 Sep 2007 21:00:27 -0400
I am not sure how most of the P2P apps work (e.g. can they advertise
their list without having a transfer channel available).
But let say it advertised as available but the outside world can't get
to it...what about other users on the same campus? And would the netflow
data everyone is talking about show it?
And liken that to a confession from someone that did not do the crime,
wouldn't there usually at least be an investigation?
Gregory R. Scholz
Lead Network Engineer
Information Technology Group
Keene State College
--Seek first to understand, and then to be understood.
From: Jeff Kell [mailto:jeff-kell () UTC EDU]
Sent: Tuesday, September 25, 2007 1:39 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] RIAA timestamps off
Scholz, Greg wrote:
So UserX logs into limewire, song list is made public. 10 hrs later
song list is still public but no one may be actually pulling the data.
Technically it is the making of the infringing material available that
is the "crime" so the user is "seen" and is sought by the RIAA.
And the list and it's availability are advertised even if there is a
firewall, NAT, or any other "block" preventing incoming connections from
occurring at all.
Back in the days of long-forgotten accuracy, the reports had an
IP/port/timestamp that you could track to netflow (most of the time),
even if there were 0 bytes transferred (and is even that a violation?).