p2pnet - rss feed: Overpeer’s latest dirty trick
p2pnet.net News:- It’s a given that the RIAA and MPAA, wholly owned by the record label cartel and movie studios, or contractors such as Overpeer, will leave no dirty trick unturned in their futile war against p2p and file sharers.
Now, they’re using files that look like regular songs or short videos in the Windows Media format to launch pop-up ads and install adware, says PC World.
That’s because a Windows Media DRM “loophole” allows companies to create ersatz media files and link them to adware.
The ads could also be used by hackers and thieves, PC World points out, continuing, “Security experts fear that, for example, criminals could load their own modified media files with keystroke loggers or other software for taking over your PC, and thus steal your passwords or other sensitive information.”
And David Caulton, group product manager for Microsoft Windows digital media division, is quoted as saying, “It’s possible that someone could modify [an existing audio] file after it’s created to point back to their http server.”
PC World says a reader alerted it to an ad-laden Windows Media Audio file, titled ‘Alicia Keys Fallin’ Songs In A Minor 4.wma.
“We then found two other WMA files and two Windows Media Video files that had been similarly modified,” it says, going on that it figured out that each media file loaded a page served by Overpeer and that each of those pages led to the creation of several Internet Explorer windows, “each containing a different ad or adware”.
Ahhhh. Overpeer.
Owned by Loudeye, it’s one of the entertainment industry’s favourite, and most obnoxious, anti-p2p contractors. And it’s currently earning mega bucks loading thousands of fake files onto p2p networks in the hope of stopping file sharing.
Marc Morgenstern, Loudeye vp and general manager of digital media asset protection, characterized Overpeer’s actions as, “just deserts for people who illegally trade copyrighted works for free,” says PC World.
We wonder how the companies who pay for the ’sales aids’ feel about the fact Morgenstern apparently considers the ads to be so unpleasant that they make good weapons.
PC World says it contacted Microsoft and the seven ad-serving companies whose ads popped up and, “We’re looking into exactly what’s going on with this file and checking to see if this particular model is in keeping with the licensing terms for Windows Media [Digital Rights Management],” Caulton says in the story.
“We wouldn’t want to endorse anything that involved delivery of content that appears to be one thing, and then something else is delivered.”
Only one of the advertising firms, Kanoodle, responded to PC World inquiries, saying it stringently vets prospective partners. Its president, Lance Podell, emailed PC World, “As in this case, upon detecting or discovering any prohibited distribution activity, we eliminate it immediately.”
===================
See:-
DRM “loophole” - Risk Your PC’s Health for a Song?, PC World, December 29, 2004
most obnoxious - Flooding on p2p networks, p2pnet, October 6, 2004
December 31st, 2004 at 4:58 am
The Riaa has no shame!!!!!!!!!!!!!!!!!!!
December 31st, 2004 at 8:29 am
i suppose this is worrying if you are thick enought to actually use wmv files
December 31st, 2004 at 2:26 pm
Are they just now figuring this out? Kazaa has been riddled with these fake files for many months.
December 31st, 2004 at 2:31 pm
PC World also has an article “Protect Yourself From Audio Adware” http://www.pcworld.com/news/article/0,aid,119063,00.asp (you mght have to copy & paste the entire link to actually get it to work) with the following basic advice “The easiest solution is to simply stop downloading WMA files” and some other tips on settings.
December 31st, 2004 at 8:50 pm
This is a very clearly against the law in the Europe.
The UK Computer Misuse Act makes it a criminal offenses to cause a computer to
“It is an offence to cause a computer to perform any function with intent to secure unauthorised access or to, without authority, change data and/or programs within a computer.”
http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900018_en_1.htm
Similar legislation exist throughout Europe as part of the Information Society Policy Framework.
http://europa.eu.int/information_society/policy/cybercrime/index_en.htm
http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexplus!prod!CELEXnumdoc&lg=en&numdoc=52002PC0173
December 31st, 2004 at 9:33 pm
Hmm what are the legal ramifications in Canada (and other jurisdications) where p2p music file sharing is entirely legal?
December 31st, 2004 at 9:39 pm
If this practice contiues then home movies will be ruined as well. No matter the case this is hacking a personal computer and is illegel not matter the intent. Just because someone shares files maybe like pdf or doc files what will the internet become? The Riaa/Mpaa is now infringing on freedom of speech and access by such a ploy to defraud users.
December 31st, 2004 at 10:16 pm
You morons. http:// links from .wma files aren’t a “DRM loophole”, they’re a feature of the format. If you’re so stupid that you’re playing your pirated music files in WMP, you deserve to have them call home.
Stupid pirates.
December 31st, 2004 at 10:17 pm
You sir, are an idiot. They do not post malicious files hidden as ‘my summer in france.wmv,’ they post files that are named the same as songs and videos of copyrighted material held by their clients. Seriously, downloading copyrighted material is illegal, and anything that happens to you when knowingly performing an illegal action should be considered fair play. Just like breaking any law, you have to be smart about it or you’re going to get in trouble. Why should this be any different?
December 31st, 2004 at 10:33 pm
Slight problem with that line of reasoning there pal. You see, it would be cost prohibitive and unfeasible to sue the millions of people on the p2p network. On the other hand, suing the RIAA and the studios for unlawful entry? Piece of cake. The idiots here are thr RIAA boffins who cooked this up - they’re going to cost their benefactor millions if not billions once this gets out.
December 31st, 2004 at 10:39 pm
I see your point that it’s wrong to download certain material, but also think of this. Is it ok for the police to sell you a known dodgy video unit only to storm your house later for said video unit, and all done to check ‘just in case you have anything else illegal’ ???
Same kind of approach as the audio fles, and i believe this approach is also illegal….
December 31st, 2004 at 10:56 pm
You Sir are the idiot. Stooping to the level of the pirates is no better than the pirates themselves. They have no right to “booby-trap” these files. Fighting fire with fire is not only illegal but unethical. If they are the benevolent protectors of the copyright they claim to be they would not be illegally tricking users into downloading adware. They need to stick to the courts and use a LEGAL means of fighting piracy.
December 31st, 2004 at 11:35 pm
I would think this would be illegal in the same way a webmaster exploiting holes in IE to install adware. I hope OverPeer enjoys the lawsuits that will no doubt be filed.
December 31st, 2004 at 11:47 pm
Don’t use WIndows Media Player, there are a few OpenSource or GNU applications that can replace it, and are better than this peace of software…
January 1st, 2005 at 12:15 am
Here’s a simple filter you can apply. Look for the total time of the wma or wmv file. If it has drm on it, then it’ll be blank. If it doesn’t have drm, then it’ll show the actual length of the video or song. Should be simple then to see the real ones from the fakes then.
January 1st, 2005 at 12:38 am
They do not post malicious files hidden as ‘my summer in france.wmv,’
Microsoft doesn’t show any concern here? This is about to turn into a mess. What happens when someone downloads an “infected” file, then renames the file to a popular non-copyrighted or puplic domain title, then pours it back into the p2p network(s). That person is pretty much anonymous again. I would be pissed if I caught spyware, adware, or malware from the Star-Spangled Banner. I feel that is complete disregard for the innocent bystanders.
January 1st, 2005 at 12:46 am
The RIAA or its contractors are not the police or courts of law, and have no authority to mete out punishment as the result of the illegal acts of others, even if it affects their bottom line. It is a crime in most civilized places to knowingly damage someone’s computer. For example, in the US, it is illegal to:
(5)(A)(i) knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization, to a protected computer;
( http://www.cybercrime.gov/1030NEW.htm )
But, by your reasoning, if I see you run a stop sign, I can beat the crap out of you with a baseball bat. You broke the law, so I can now do anything I’d like to you, legal or not. Seriously, running a stop sign is illegal, so anything that happens to you as a result is fair play.
January 1st, 2005 at 1:37 am
totally right on
January 1st, 2005 at 7:36 am
You know what you just said? Well, I think I need to tell you that you have made a complete idiot out of yourself, since basicly what you said is “If someone steals my Snickers, I have the right to break his arm”. If you would have ANY brains you’d know that is an absurdly and marginally idiotic thing, since it was no form of self defence, but doing the justice yourself. Do you know that is illegal in every country on the world, or have you been living under a rock?
Stupid.
January 1st, 2005 at 1:21 pm
So what are they doing that’s illegal? They’re distributing WMA’s that link to web pages. This is hardly a new trick — porn sites have been distributing “promotional” WMV’s that use the same trick to link people to their web sites for years, and nobody complained that it was illegal. The only “news” here is that Overpeer’s doing it.
OK, here’s how the technique works. When a WMA/V file loads to play, if it’s DRM protected it checks to see if it’s authorized on your computer. If it isn’t, it tells your web browser to open an URL. This is intended to be used to show a web page that can tell you why you can’t play the file, and perhaps to offer to sell you a license.
I don’t know where the speculation of ad-ware and spy-ware comes from. As far as I can tell, the WMA’s just open web pages that show web-based ads. Admittedly, showing ads to people when they play songs is a bit misleading, but since the songs in question are illegal to download in the first place, I don’t think that they’re too worried about annoying the viewer.
In a perverse way it’s kinda clever. They’re taking an expense (running the networks to distribute decoys, etc., has to be expensive) and turning it into a revenue stream.
In any case, the answer is obvious — stick to open formats that can’t be used to do weird things like trigger your web browser to view pages. MP3, OGG, M4A, etc., are all safe formats.
January 1st, 2005 at 2:27 pm
Just don’t use windows media formats. Nothing wrong with mp3 or ogg.
January 1st, 2005 at 4:19 pm
You wrote:
This is hardly a new trick — porn sites have been distributing “promotional” WMV’s that use the same trick to link people to their web sites for years, and nobody complained that it was illegal.
I write:
Hmm, I don’t know about you, but I don’t know too many sticky-fingered porn surfers that would be willing to announce to the world that they are sticky-fingered porn surfers by complaining about it.
January 1st, 2005 at 4:36 pm
Dude, look up “irony”. I wish I was as smart as you.
January 1st, 2005 at 7:30 pm
Tell me what person is so stupid that actually download wma/v files and open it in WMP. I’m downloading only mp3’s.
January 1st, 2005 at 8:13 pm
It looks like there is a number of post here that may be from the MPAA or RIAA ;P
January 1st, 2005 at 11:12 pm
If anything you download installs software or adware that you yourself did not actually initiate to open or download and install on your computer should be an invasion or a hack of your computer. and should be deemed illegal. basically on invasion of your privacy. example: Just a little while ago surfing places like
bestdownloads.net initiated a adware component on my computer without my consent. adware blocking programs made me aware of this, it took a while to get rid of. It installed files on my computer and put files into memory. the files kept returning even with me telling the software to be blocked and ending the programs with the taskmanger didn’t help, the programs just kept returning. I had to open add remove programs and low and behold it was installed as an actuall program. I had to initiate an unistall and then restart to get rid of it. Bestdownloads did not offer free programs, they offered the latest shareware and links to popular programs. I have sinced stopped going to the site because of this invasion into my computer. my computer can be basically called my home in the digital world, and although I ask friends to come over, web pages, programs and such, if I don’t ask you to come over then your are not welcome. and by secretly coming into my computer by being installed in the backgroung as i surf is as slipping in thru a window of my house as i’m asleep. either way you entered illegally. With the companies putting files out there to initiate this kinda of action
is and should be illegal. they are just as guilty as anyone who “shares files illegally” in their eyes. so do we combat one crime with another, why not police have been doing it for years, and still we cannot do anything about it because they are buisnesses and we are peon consumers.
January 2nd, 2005 at 2:02 am
Simple — don’t use such shitty formats as WMA/V, or DRM in general.
January 3rd, 2005 at 2:48 am
Hmmmm Ok I’d be happy to pay direct royalties to the artist/s for a song or two that came out 20 years ago… but here in Australia, most of the old stuff is not available.. the record companies won’t release it… and they bastards charge nearly $30Au for a CD….
Fuck them.
Greedy Corporate Morons.
January 3rd, 2005 at 3:19 pm
This was not the RIAA’s doing through Overpeer. It was Kanoodle.com’s project alone.
January 3rd, 2005 at 3:20 pm
lmao, I dont use wva/v or DRM as well .. so wtf..
though .. for a technical standpoint .. I do have to applaud the delivery method, exploiting a bug in MS Crap .. so they are actually doing us a favor .. they are tearing down the MS lovers and at the same time freeing up bandwith for the people running Redhat and have a clue what they are doing.. HA
odaley!
crying shame that MPAA and RIAA are combining to drive MS outta the business in a round about way
ignore me I am just talking outta my ass
January 3rd, 2005 at 6:18 pm
… it should be perfectly legal for private property owners to set up traps such as “spring guns” to deal with trespassers, however, it is not (run a search for “spring gun” on Columbia’s Legal Information Institute website if you doubt my word).
The law on vigilante justice is clear and became so to prevent private wars. A private entity’s recourse for an infringement of property rights lies in the courts, not in private revenge.
January 7th, 2005 at 8:23 am
LOL! drm = dumb retard music… LMAO!
January 7th, 2005 at 8:43 am
You sir are the idiot! Listen up sport because I am only going to say this once. The USA is not the entire world! It is not illegal in many countries, Canada as an example, as their courts have ruled in the consumers favor. And as we speak there has not been one case of a lawsuit by the riaa for copyright infringement won against a consumer using p2p in this country. The riaa’s lastest scorched earth policy of suing their own customers has only hastened the riaa’s demise. May the last dinosaur die quick and as painfully as possible. LMAO!
January 8th, 2005 at 5:50 am
Arrgh matey! Avast ye scallywags and shiver me timbers. Hast ye knowst where ye buccaneers lie? Mine lie beneath me buccanhat!
lmao!
Dude you seem to be in search of a clue! Fair use is not pirating so blow me down and stop using the riaa’s catch phrases as they were gospel! Pirate: Someone who robs at sea or plunders the land from the sea without having a commission from any sovereign nation. Unless you’re like DUHbya our resident and haven’t a clue as to what sovereign means!
Now go learn something so everyone can stop laughing for a while and catch their breath! www.boycott-riaa.com