[DMCA-Activists] Testimony on Berman Bil re: Decentralization

[Seth Johnson]

(Forwarded from Decentralization list.  P2P, decentralized,
end-to-end connectivity, it should be noted, *is* the
Internet.  -- Seth)

-------- Original Message --------
Subject: [decentralization] Saaf testimony
Date: Wed, 2 Oct 2002 15:17:15 -0400 (EDT)
From: address@hidden
To: address@hidden


>From hearings on the Berman-Coble bill, online at
http://www.house.gov/judiciary/saaf092602.htm

On decentralization:
====================
The most threatening aspect of P2P networking to the
copyright holders is the growing trend of decentralization.
All of the most popular P2P networking technologies in the
world are either completely or partially decentralized.
Decentralization means that there is no central entity to
sue or regulate using the law. Even if all the courts agreed
to shut a decentralized network down, it could not be done
because it is simply a free floating technology protocol on
the Internet, similar to FTP or HTTP.  The original
completely decentralized P2P protocol, Gnutella, continues
to be the leader in the decentralized P2P world. Thousands
of computer scientists have developed hundreds of programs
to hook into this ethereal network that floats on the
Internet. Any programmer can very simply code a software
client to hook into the network. Nobody owns Gnutella and
nobody regulates it.  However, the clear and primary use of
the network is for the downloading of copyrighted material.
This intuitive conclusion has been verified by
MediaDefender's years of research.  Gnutella was born out of
a backlash in the online world toward the Napster lawsuit,
and it was created to be an unstoppable P2P technology. Any
person can see the breadth of pirated material on Gnutella
by putting a generic search string, such as a period ("."),
into any Gnutella client. When I typed a period (".") and
hit search on a Gnutella client this morning, I received
over 1000 returns with content ranging from Eminem to Harry
Potter. I advise anyone to perform this simple experiment if
they still need to convince themselves P2P networks are
primarily used for piracy. Copyright law never anticipated a
completely decentralized P2P network on the Internet and
cannot prevent the piracy. Sometimes you have to use
technology to regulate technology because there is no other
practical means.  Decentralized P2P networking is a case
where there is no other solution beyond MediaDefender's
anti-piracy technology. MediaDefender feels that it is
important that the current laws do not stand in the way of
non-invasive anti-piracy technology on the Internet. The
concern is always that hacking and computer use laws not
intended to address P2P anti-piracy technologies will be
misapplied. 

====

On measures that would satisfy what it is that the bill is
trying to 
sanction:

====

Interdiction works by getting in front of potential
downloaders when someone is serving pirated content using a
P2P network. When MediaDefender's computer's see someone
making a copyrighted file available for upload, our
computers simply hook into that computer and download the
file. The goal is not to absorb all of that user's bandwidth
but block connections to potential downloaders. If the P2P
program allows ten connections and MediaDefender fills nine,
we are blocking 90% of illegal uploading. The beauty of
Interdiction is that it does not affect anything on that
computer except the ability to upload pirated files on that
particular P2P network. The computer user still has full
access to e-mail, web, and other file sharing programs.

====

This is obviously a denial of service attack, and a fairly
stupid one.  Any limited number of providers that attempts
to DoS an entire megacluster is trying to turn the logic of
a DDoS upside down.  If that interdiction approach works,
then DDoS attacks don't work.

Ok, so let's say the purpose is not to DoS the whole
network, it's to bother an individual user.  But the attack
only targets user uploads.  Assuming that the user is
uploading out of generosity or laziness, this is no attack
at all.  She waits until the attack is over, totally
unbothered, and goes back to uploading.

But so what -- it doesn't matter whether this attack works. 
What attacks would work?

- Lucas

To unsubscribe from this group, send an email to:
address@hidden