Operation Payback (...is a bitch): Hacktivism at the Dawn of Copyright Controversies

  • 1,075 views
Uploaded on

Presentation given @MIT7

Presentation given @MIT7

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
1,075
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • As operation Payback is a Bitch finished up its second week, things seem to be winding down. For those of us who are unaware of what went down, here’s a recap: The operation is launched by Anonymous against the entertainment companies, in particular MPAA (Motion Picture Association of America) and RIAA (The Recording Industry Association of America) and their legal watchdogs to support bitTorrent sites like The Pirate Bay. Within days, it developed into a cyberwar in which everyone got its share of the pie. The sit down may not be over yet. Anonymous stated that the attacks will continue until they are no longer "angry." Embracing the manifesto “we manifest anarchy,” the organization believes that the industry organizations’ “long outdated traditional views on copyright infringement enforced solely by rich and powerful corporations need to be modified in light of the modern age on the Internet, the Information Age,"The manifesto of the aforementioned operation is quite interesting in that it reveals how anarchic behavior may ensue when policies, in this case those that relate to copyright issues, are inadequate to respond to the needs of the contemporary age. Quite interesting that such criticism would be voiced by a group that was born out of the message boards of 4chan infamous for its crass humor and profanity. But at the same time, you don't have to be a genius to see the obvious. In the absence of functional regulators or laws, related parties are ravaging the loot while waving the banner of "doing good." And the manifesto announced by Anonymous, cited in full in Slyck in its entirety, demonstrates this chaos. The relevant section is as follows: “There have been a massive lobbyist-provoked surge in unfair infringements of personal freedom online, lately. See the Digital Economy Bill in the UK, and “three strikes” legislation in the EU which both threaten to disconnect internet connections based on accusations supplied by the music and movie industries. In the USA, a new bill has been proposed that could allow the USA to force top level registrars such as ICANN and Nominet to shut down websites, all with NO fair trial. Our tactics are inspired by the very people who provoked us, AiPlex Software. A few weeks back they admitted to attacking file sharing sites with DDoS attacks.”The problem, perhaps, is not just the inadequate copyright laws, but also the inability of the industry to adapt itself to the contemporary needs of our culture. In a recent interview with TorrentFreak, Fritz Attaway and Craig Hoffman, the two of the top suits of MPAA, admits that the large part of the problem "is developing new business models that consumers will access legally and find that experience superior to illegal access.“While the two are optimistic and believe that the industry is doing an excellent job in attaining that goal, the latest events that transpired prove that we have a long way to go. In the meantime, the groups are seeking justice in any way they can and no one is too sure who is the sheriff in town is or even if there is one. As is the case with most cyber-protests, it is not even clear who the victim is.To fight back against the anti-piracy lobby, Anonymous did what it does best: to initiate one of the largest cyberwars to date and, to maintain momentum, says Tom’s Guide, the group sought out more members by sending out flyers and recruiting people through Facebook, Digg, Reddit and other sites and made sure they had access to the tools they needed. Who is on the menu? The aforementioned associations, MPAA and RIAA, The British Phonographic Industry (BPI), The Australian Federation Against Copyright Theft (AFACT), StichtingBeschermingRechten Entertainment Industrie Nederland (BREIN), ACS:Law, Aiplex, Websheriff, and Dglegal. Ultimately, what happened on the Internet, did not stay on the Internet. The initiative ended up being far more consequential than it initially was thought to be, exposing scams, personal information of hundreds of people, ACS:Law’s dirty laundry, and… well… the names and information of those who illegally downloaded gay porn... or porn... Come on... admit it... we're all one big happy family here ;-P Well, you get the idea. The stench of the mess is so potent that it may require some radical cleaning up that requires more than fining people and putting them into jail. The story starts like this: The Operation Payback was initiated when RIAA had hired AiPlex Software, an India-based company working on behalf of Bollywood studios, who admitted [http://torrentfreak.com/anti-piracy-outfit-threatens-to-dos-uncooperative-torrent-sites-100905/] to using not-so-kosher techniques to fight piracy including launching DDoS attacks. You see, Aiplex is not the first or only company resorting to strategies like this. Seeing that their very own tactics were being used against their beloved p2p sites, Anonymous decided to take the matter into its own hands. And, as they promised, Anonymous took down the Web sites of RIAA, Aiplex, and ACS:Law, the law company that was hired to hunt down the infringers. So they did. The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, they exposed the backup of their confidential files containing the e-mails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by ISPs, including Sky, BT and Plusnet. And this information appeared on the website, unencrypted. Ooops, sorry! This unfortunate faux pas led to the company’s gory tactics being revealed to the hacker world who eagerly downloaded all this good information. Apparently, ACS:Law had been extracting money from the alleged infringers by encouraging out-of-court settlements. The firm's confidential (and now not-so-confidential) business plan shows that, while the amount of money demanded in the letters varied depending on the rights holder, the number of letters sent out by the law firm has turned its business into "a numbers game," so the payments of between £300 and £500 quickly added up into a handsome sum. Crossley, whose clients were mostly in the porn industry, came up with what seemed to be the perfect scam: track down BitTorrent infringers, convert their IP addresses into real names, and blast out warning letters threatening litigation if they didn’t cough up some cash. Except that the scheme had its flaws. Unless you are aggressively following the threats, people don’t take you seriously and if you are too aggressive, they bond together and resist collectively (both of which were the case here). Not to mention, the average file-shares don’t have extra of cash laying around to begin with, otherwise they would buy the movie in the first place. On top of this, according to a the same leaked business plan, only a fifth of money collected from damages paid was given to the rights holders, turning the law firm, which keeps 80% before paying ISPs and IP tracking companies, into cash cowsAnd so last week, the Internet witnessed ACS:Law going down in a spectacular fashion. But not before shaking down other companies. Everything seemed to come down like a house of cards. British Telecom (BT), the owner of PlusNet, admitted to sending to ACS:Law unencrypted personal data of 500 users who had been suspected of illegally downloading porn following a court order. But because they sent the data unencrypted (hoping that the unprotected files would be securely stored by ACS:Law), they breached the Data Protection Act, in addition to violating the very same court order they were following because the order had specifically stated that PlusNet should send this data in an encrypted form. The story doesn’t end here. After the collapse of ACS:Law, Gallant MacMillan (another law firm famous for hunting down infringers) rose up to the occasion to take over where ACS:Law has left off… and declared that it will use whatever method necessary to bring down the file-sharers and went to court to subpoena the IP addresses of additional suspected infringers. Seeing what had happened to BT, the ISPs weren't so hot in delivering this information when presented with flimsy proofs. Guess what happened to Gallant MacMillan and its client, the Ministry of Sound? Yup, you guessed it! Their sites went down, though they had a little bit more dignity than ACS:Law when doing so. If you are interested in the details of the entire operation, you can find them here. Already, the data leak is bringing important questions into the limelight, questions that exceeds copyright issues, but also, as you can suspect, verges upon privacy violations. Privacy International lost no time is expressing outrage by the breach and decried it as a “travesty of data security.” The quality of the standards set forth by The Digital Economy Act of England, while deemed to be satisfactory, is questioned as a result of all the dust that Anonymous brought up following its DDoS war. Even if ACS:Law’s evidence (sending warning letters by turning ISP into customer names) would be sufficient under the current regulations, it would still may not be considered as acceptable evidence in court. Privacy International is already seeking legal advice about the possibility of bringing charges against BT for contempt of court. If found guilty, the firm could face a fine of up to half a million pounds if it is found in breach of the Data Protection Act.
  • As operation Payback is a Bitch finished up its second week, things seem to be winding down. For those of us who are unaware of what went down, here’s a recap: The operation is launched by Anonymous against the entertainment companies, in particular MPAA (Motion Picture Association of America) and RIAA (The Recording Industry Association of America) and their legal watchdogs to support bitTorrent sites like The Pirate Bay. Within days, it developed into a cyberwar in which everyone got its share of the pie. The sit down may not be over yet. Anonymous stated that the attacks will continue until they are no longer "angry." Embracing the manifesto “we manifest anarchy,” the organization believes that the industry organizations’ “long outdated traditional views on copyright infringement enforced solely by rich and powerful corporations need to be modified in light of the modern age on the Internet, the Information Age,"The manifesto of the aforementioned operation is quite interesting in that it reveals how anarchic behavior may ensue when policies, in this case those that relate to copyright issues, are inadequate to respond to the needs of the contemporary age. Quite interesting that such criticism would be voiced by a group that was born out of the message boards of 4chan infamous for its crass humor and profanity. But at the same time, you don't have to be a genius to see the obvious. In the absence of functional regulators or laws, related parties are ravaging the loot while waving the banner of "doing good." And the manifesto announced by Anonymous, cited in full in Slyck in its entirety, demonstrates this chaos. The relevant section is as follows: “There have been a massive lobbyist-provoked surge in unfair infringements of personal freedom online, lately. See the Digital Economy Bill in the UK, and “three strikes” legislation in the EU which both threaten to disconnect internet connections based on accusations supplied by the music and movie industries. In the USA, a new bill has been proposed that could allow the USA to force top level registrars such as ICANN and Nominet to shut down websites, all with NO fair trial. Our tactics are inspired by the very people who provoked us, AiPlex Software. A few weeks back they admitted to attacking file sharing sites with DDoS attacks.”The problem, perhaps, is not just the inadequate copyright laws, but also the inability of the industry to adapt itself to the contemporary needs of our culture. In a recent interview with TorrentFreak, Fritz Attaway and Craig Hoffman, the two of the top suits of MPAA, admits that the large part of the problem "is developing new business models that consumers will access legally and find that experience superior to illegal access.“While the two are optimistic and believe that the industry is doing an excellent job in attaining that goal, the latest events that transpired prove that we have a long way to go. In the meantime, the groups are seeking justice in any way they can and no one is too sure who is the sheriff in town is or even if there is one. As is the case with most cyber-protests, it is not even clear who the victim is.To fight back against the anti-piracy lobby, Anonymous did what it does best: to initiate one of the largest cyberwars to date and, to maintain momentum, says Tom’s Guide, the group sought out more members by sending out flyers and recruiting people through Facebook, Digg, Reddit and other sites and made sure they had access to the tools they needed. Who is on the menu? The aforementioned associations, MPAA and RIAA, The British Phonographic Industry (BPI), The Australian Federation Against Copyright Theft (AFACT), StichtingBeschermingRechten Entertainment Industrie Nederland (BREIN), ACS:Law, Aiplex, Websheriff, and Dglegal. Ultimately, what happened on the Internet, did not stay on the Internet. The initiative ended up being far more consequential than it initially was thought to be, exposing scams, personal information of hundreds of people, ACS:Law’s dirty laundry, and… well… the names and information of those who illegally downloaded gay porn... or porn... Come on... admit it... we're all one big happy family here ;-P Well, you get the idea. The stench of the mess is so potent that it may require some radical cleaning up that requires more than fining people and putting them into jail. The story starts like this: The Operation Payback was initiated when RIAA had hired AiPlex Software, an India-based company working on behalf of Bollywood studios, who admitted [http://torrentfreak.com/anti-piracy-outfit-threatens-to-dos-uncooperative-torrent-sites-100905/] to using not-so-kosher techniques to fight piracy including launching DDoS attacks. You see, Aiplex is not the first or only company resorting to strategies like this. Seeing that their very own tactics were being used against their beloved p2p sites, Anonymous decided to take the matter into its own hands. And, as they promised, Anonymous took down the Web sites of RIAA, Aiplex, and ACS:Law, the law company that was hired to hunt down the infringers. So they did. The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, they exposed the backup of their confidential files containing the e-mails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by ISPs, including Sky, BT and Plusnet. And this information appeared on the website, unencrypted. Ooops, sorry! This unfortunate faux pas led to the company’s gory tactics being revealed to the hacker world who eagerly downloaded all this good information. Apparently, ACS:Law had been extracting money from the alleged infringers by encouraging out-of-court settlements. The firm's confidential (and now not-so-confidential) business plan shows that, while the amount of money demanded in the letters varied depending on the rights holder, the number of letters sent out by the law firm has turned its business into "a numbers game," so the payments of between £300 and £500 quickly added up into a handsome sum. Crossley, whose clients were mostly in the porn industry, came up with what seemed to be the perfect scam: track down BitTorrent infringers, convert their IP addresses into real names, and blast out warning letters threatening litigation if they didn’t cough up some cash. Except that the scheme had its flaws. Unless you are aggressively following the threats, people don’t take you seriously and if you are too aggressive, they bond together and resist collectively (both of which were the case here). Not to mention, the average file-shares don’t have extra of cash laying around to begin with, otherwise they would buy the movie in the first place. On top of this, according to a the same leaked business plan, only a fifth of money collected from damages paid was given to the rights holders, turning the law firm, which keeps 80% before paying ISPs and IP tracking companies, into cash cowsAnd so last week, the Internet witnessed ACS:Law going down in a spectacular fashion. But not before shaking down other companies. Everything seemed to come down like a house of cards. British Telecom (BT), the owner of PlusNet, admitted to sending to ACS:Law unencrypted personal data of 500 users who had been suspected of illegally downloading porn following a court order. But because they sent the data unencrypted (hoping that the unprotected files would be securely stored by ACS:Law), they breached the Data Protection Act, in addition to violating the very same court order they were following because the order had specifically stated that PlusNet should send this data in an encrypted form. The story doesn’t end here. After the collapse of ACS:Law, Gallant MacMillan (another law firm famous for hunting down infringers) rose up to the occasion to take over where ACS:Law has left off… and declared that it will use whatever method necessary to bring down the file-sharers and went to court to subpoena the IP addresses of additional suspected infringers. Seeing what had happened to BT, the ISPs weren't so hot in delivering this information when presented with flimsy proofs. Guess what happened to Gallant MacMillan and its client, the Ministry of Sound? Yup, you guessed it! Their sites went down, though they had a little bit more dignity than ACS:Law when doing so. If you are interested in the details of the entire operation, you can find them here. Already, the data leak is bringing important questions into the limelight, questions that exceeds copyright issues, but also, as you can suspect, verges upon privacy violations. Privacy International lost no time is expressing outrage by the breach and decried it as a “travesty of data security.” The quality of the standards set forth by The Digital Economy Act of England, while deemed to be satisfactory, is questioned as a result of all the dust that Anonymous brought up following its DDoS war. Even if ACS:Law’s evidence (sending warning letters by turning ISP into customer names) would be sufficient under the current regulations, it would still may not be considered as acceptable evidence in court. Privacy International is already seeking legal advice about the possibility of bringing charges against BT for contempt of court. If found guilty, the firm could face a fine of up to half a million pounds if it is found in breach of the Data Protection Act.
  • As operation Payback is a Bitch finished up its second week, things seem to be winding down. For those of us who are unaware of what went down, here’s a recap: The operation is launched by Anonymous against the entertainment companies, in particular MPAA (Motion Picture Association of America) and RIAA (The Recording Industry Association of America) and their legal watchdogs to support bitTorrent sites like The Pirate Bay. Within days, it developed into a cyberwar in which everyone got its share of the pie. The sit down may not be over yet. Anonymous stated that the attacks will continue until they are no longer "angry." Embracing the manifesto “we manifest anarchy,” the organization believes that the industry organizations’ “long outdated traditional views on copyright infringement enforced solely by rich and powerful corporations need to be modified in light of the modern age on the Internet, the Information Age,"The manifesto of the aforementioned operation is quite interesting in that it reveals how anarchic behavior may ensue when policies, in this case those that relate to copyright issues, are inadequate to respond to the needs of the contemporary age. Quite interesting that such criticism would be voiced by a group that was born out of the message boards of 4chan infamous for its crass humor and profanity. But at the same time, you don't have to be a genius to see the obvious. In the absence of functional regulators or laws, related parties are ravaging the loot while waving the banner of "doing good." And the manifesto announced by Anonymous, cited in full in Slyck in its entirety, demonstrates this chaos. The relevant section is as follows: “There have been a massive lobbyist-provoked surge in unfair infringements of personal freedom online, lately. See the Digital Economy Bill in the UK, and “three strikes” legislation in the EU which both threaten to disconnect internet connections based on accusations supplied by the music and movie industries. In the USA, a new bill has been proposed that could allow the USA to force top level registrars such as ICANN and Nominet to shut down websites, all with NO fair trial. Our tactics are inspired by the very people who provoked us, AiPlex Software. A few weeks back they admitted to attacking file sharing sites with DDoS attacks.”The problem, perhaps, is not just the inadequate copyright laws, but also the inability of the industry to adapt itself to the contemporary needs of our culture. In a recent interview with TorrentFreak, Fritz Attaway and Craig Hoffman, the two of the top suits of MPAA, admits that the large part of the problem "is developing new business models that consumers will access legally and find that experience superior to illegal access.“While the two are optimistic and believe that the industry is doing an excellent job in attaining that goal, the latest events that transpired prove that we have a long way to go. In the meantime, the groups are seeking justice in any way they can and no one is too sure who is the sheriff in town is or even if there is one. As is the case with most cyber-protests, it is not even clear who the victim is.To fight back against the anti-piracy lobby, Anonymous did what it does best: to initiate one of the largest cyberwars to date and, to maintain momentum, says Tom’s Guide, the group sought out more members by sending out flyers and recruiting people through Facebook, Digg, Reddit and other sites and made sure they had access to the tools they needed. Who is on the menu? The aforementioned associations, MPAA and RIAA, The British Phonographic Industry (BPI), The Australian Federation Against Copyright Theft (AFACT), StichtingBeschermingRechten Entertainment Industrie Nederland (BREIN), ACS:Law, Aiplex, Websheriff, and Dglegal. Ultimately, what happened on the Internet, did not stay on the Internet. The initiative ended up being far more consequential than it initially was thought to be, exposing scams, personal information of hundreds of people, ACS:Law’s dirty laundry, and… well… the names and information of those who illegally downloaded gay porn... or porn... Come on... admit it... we're all one big happy family here ;-P Well, you get the idea. The stench of the mess is so potent that it may require some radical cleaning up that requires more than fining people and putting them into jail. The story starts like this: The Operation Payback was initiated when RIAA had hired AiPlex Software, an India-based company working on behalf of Bollywood studios, who admitted [http://torrentfreak.com/anti-piracy-outfit-threatens-to-dos-uncooperative-torrent-sites-100905/] to using not-so-kosher techniques to fight piracy including launching DDoS attacks. You see, Aiplex is not the first or only company resorting to strategies like this. Seeing that their very own tactics were being used against their beloved p2p sites, Anonymous decided to take the matter into its own hands. And, as they promised, Anonymous took down the Web sites of RIAA, Aiplex, and ACS:Law, the law company that was hired to hunt down the infringers. So they did. The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, they exposed the backup of their confidential files containing the e-mails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by ISPs, including Sky, BT and Plusnet. And this information appeared on the website, unencrypted. Ooops, sorry! This unfortunate faux pas led to the company’s gory tactics being revealed to the hacker world who eagerly downloaded all this good information. Apparently, ACS:Law had been extracting money from the alleged infringers by encouraging out-of-court settlements. The firm's confidential (and now not-so-confidential) business plan shows that, while the amount of money demanded in the letters varied depending on the rights holder, the number of letters sent out by the law firm has turned its business into "a numbers game," so the payments of between £300 and £500 quickly added up into a handsome sum. Crossley, whose clients were mostly in the porn industry, came up with what seemed to be the perfect scam: track down BitTorrent infringers, convert their IP addresses into real names, and blast out warning letters threatening litigation if they didn’t cough up some cash. Except that the scheme had its flaws. Unless you are aggressively following the threats, people don’t take you seriously and if you are too aggressive, they bond together and resist collectively (both of which were the case here). Not to mention, the average file-shares don’t have extra of cash laying around to begin with, otherwise they would buy the movie in the first place. On top of this, according to a the same leaked business plan, only a fifth of money collected from damages paid was given to the rights holders, turning the law firm, which keeps 80% before paying ISPs and IP tracking companies, into cash cowsAnd so last week, the Internet witnessed ACS:Law going down in a spectacular fashion. But not before shaking down other companies. Everything seemed to come down like a house of cards. British Telecom (BT), the owner of PlusNet, admitted to sending to ACS:Law unencrypted personal data of 500 users who had been suspected of illegally downloading porn following a court order. But because they sent the data unencrypted (hoping that the unprotected files would be securely stored by ACS:Law), they breached the Data Protection Act, in addition to violating the very same court order they were following because the order had specifically stated that PlusNet should send this data in an encrypted form. The story doesn’t end here. After the collapse of ACS:Law, Gallant MacMillan (another law firm famous for hunting down infringers) rose up to the occasion to take over where ACS:Law has left off… and declared that it will use whatever method necessary to bring down the file-sharers and went to court to subpoena the IP addresses of additional suspected infringers. Seeing what had happened to BT, the ISPs weren't so hot in delivering this information when presented with flimsy proofs. Guess what happened to Gallant MacMillan and its client, the Ministry of Sound? Yup, you guessed it! Their sites went down, though they had a little bit more dignity than ACS:Law when doing so. If you are interested in the details of the entire operation, you can find them here. Already, the data leak is bringing important questions into the limelight, questions that exceeds copyright issues, but also, as you can suspect, verges upon privacy violations. Privacy International lost no time is expressing outrage by the breach and decried it as a “travesty of data security.” The quality of the standards set forth by The Digital Economy Act of England, while deemed to be satisfactory, is questioned as a result of all the dust that Anonymous brought up following its DDoS war. Even if ACS:Law’s evidence (sending warning letters by turning ISP into customer names) would be sufficient under the current regulations, it would still may not be considered as acceptable evidence in court. Privacy International is already seeking legal advice about the possibility of bringing charges against BT for contempt of court. If found guilty, the firm could face a fine of up to half a million pounds if it is found in breach of the Data Protection Act.
  • As operation Payback is a Bitch finished up its second week, things seem to be winding down. For those of us who are unaware of what went down, here’s a recap: The operation is launched by Anonymous against the entertainment companies, in particular MPAA (Motion Picture Association of America) and RIAA (The Recording Industry Association of America) and their legal watchdogs to support bitTorrent sites like The Pirate Bay. Within days, it developed into a cyberwar in which everyone got its share of the pie. The sit down may not be over yet. Anonymous stated that the attacks will continue until they are no longer "angry." Embracing the manifesto “we manifest anarchy,” the organization believes that the industry organizations’ “long outdated traditional views on copyright infringement enforced solely by rich and powerful corporations need to be modified in light of the modern age on the Internet, the Information Age,"The manifesto of the aforementioned operation is quite interesting in that it reveals how anarchic behavior may ensue when policies, in this case those that relate to copyright issues, are inadequate to respond to the needs of the contemporary age. Quite interesting that such criticism would be voiced by a group that was born out of the message boards of 4chan infamous for its crass humor and profanity. But at the same time, you don't have to be a genius to see the obvious. In the absence of functional regulators or laws, related parties are ravaging the loot while waving the banner of "doing good." And the manifesto announced by Anonymous, cited in full in Slyck in its entirety, demonstrates this chaos. The relevant section is as follows: “There have been a massive lobbyist-provoked surge in unfair infringements of personal freedom online, lately. See the Digital Economy Bill in the UK, and “three strikes” legislation in the EU which both threaten to disconnect internet connections based on accusations supplied by the music and movie industries. In the USA, a new bill has been proposed that could allow the USA to force top level registrars such as ICANN and Nominet to shut down websites, all with NO fair trial. Our tactics are inspired by the very people who provoked us, AiPlex Software. A few weeks back they admitted to attacking file sharing sites with DDoS attacks.”The problem, perhaps, is not just the inadequate copyright laws, but also the inability of the industry to adapt itself to the contemporary needs of our culture. In a recent interview with TorrentFreak, Fritz Attaway and Craig Hoffman, the two of the top suits of MPAA, admits that the large part of the problem "is developing new business models that consumers will access legally and find that experience superior to illegal access.“While the two are optimistic and believe that the industry is doing an excellent job in attaining that goal, the latest events that transpired prove that we have a long way to go. In the meantime, the groups are seeking justice in any way they can and no one is too sure who is the sheriff in town is or even if there is one. As is the case with most cyber-protests, it is not even clear who the victim is.To fight back against the anti-piracy lobby, Anonymous did what it does best: to initiate one of the largest cyberwars to date and, to maintain momentum, says Tom’s Guide, the group sought out more members by sending out flyers and recruiting people through Facebook, Digg, Reddit and other sites and made sure they had access to the tools they needed. Who is on the menu? The aforementioned associations, MPAA and RIAA, The British Phonographic Industry (BPI), The Australian Federation Against Copyright Theft (AFACT), StichtingBeschermingRechten Entertainment Industrie Nederland (BREIN), ACS:Law, Aiplex, Websheriff, and Dglegal. Ultimately, what happened on the Internet, did not stay on the Internet. The initiative ended up being far more consequential than it initially was thought to be, exposing scams, personal information of hundreds of people, ACS:Law’s dirty laundry, and… well… the names and information of those who illegally downloaded gay porn... or porn... Come on... admit it... we're all one big happy family here ;-P Well, you get the idea. The stench of the mess is so potent that it may require some radical cleaning up that requires more than fining people and putting them into jail. The story starts like this: The Operation Payback was initiated when RIAA had hired AiPlex Software, an India-based company working on behalf of Bollywood studios, who admitted [http://torrentfreak.com/anti-piracy-outfit-threatens-to-dos-uncooperative-torrent-sites-100905/] to using not-so-kosher techniques to fight piracy including launching DDoS attacks. You see, Aiplex is not the first or only company resorting to strategies like this. Seeing that their very own tactics were being used against their beloved p2p sites, Anonymous decided to take the matter into its own hands. And, as they promised, Anonymous took down the Web sites of RIAA, Aiplex, and ACS:Law, the law company that was hired to hunt down the infringers. So they did. The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, they exposed the backup of their confidential files containing the e-mails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by ISPs, including Sky, BT and Plusnet. And this information appeared on the website, unencrypted. Ooops, sorry! This unfortunate faux pas led to the company’s gory tactics being revealed to the hacker world who eagerly downloaded all this good information. Apparently, ACS:Law had been extracting money from the alleged infringers by encouraging out-of-court settlements. The firm's confidential (and now not-so-confidential) business plan shows that, while the amount of money demanded in the letters varied depending on the rights holder, the number of letters sent out by the law firm has turned its business into "a numbers game," so the payments of between £300 and £500 quickly added up into a handsome sum. Crossley, whose clients were mostly in the porn industry, came up with what seemed to be the perfect scam: track down BitTorrent infringers, convert their IP addresses into real names, and blast out warning letters threatening litigation if they didn’t cough up some cash. Except that the scheme had its flaws. Unless you are aggressively following the threats, people don’t take you seriously and if you are too aggressive, they bond together and resist collectively (both of which were the case here). Not to mention, the average file-shares don’t have extra of cash laying around to begin with, otherwise they would buy the movie in the first place. On top of this, according to a the same leaked business plan, only a fifth of money collected from damages paid was given to the rights holders, turning the law firm, which keeps 80% before paying ISPs and IP tracking companies, into cash cowsAnd so last week, the Internet witnessed ACS:Law going down in a spectacular fashion. But not before shaking down other companies. Everything seemed to come down like a house of cards. British Telecom (BT), the owner of PlusNet, admitted to sending to ACS:Law unencrypted personal data of 500 users who had been suspected of illegally downloading porn following a court order. But because they sent the data unencrypted (hoping that the unprotected files would be securely stored by ACS:Law), they breached the Data Protection Act, in addition to violating the very same court order they were following because the order had specifically stated that PlusNet should send this data in an encrypted form. The story doesn’t end here. After the collapse of ACS:Law, Gallant MacMillan (another law firm famous for hunting down infringers) rose up to the occasion to take over where ACS:Law has left off… and declared that it will use whatever method necessary to bring down the file-sharers and went to court to subpoena the IP addresses of additional suspected infringers. Seeing what had happened to BT, the ISPs weren't so hot in delivering this information when presented with flimsy proofs. Guess what happened to Gallant MacMillan and its client, the Ministry of Sound? Yup, you guessed it! Their sites went down, though they had a little bit more dignity than ACS:Law when doing so. If you are interested in the details of the entire operation, you can find them here. Already, the data leak is bringing important questions into the limelight, questions that exceeds copyright issues, but also, as you can suspect, verges upon privacy violations. Privacy International lost no time is expressing outrage by the breach and decried it as a “travesty of data security.” The quality of the standards set forth by The Digital Economy Act of England, while deemed to be satisfactory, is questioned as a result of all the dust that Anonymous brought up following its DDoS war. Even if ACS:Law’s evidence (sending warning letters by turning ISP into customer names) would be sufficient under the current regulations, it would still may not be considered as acceptable evidence in court. Privacy International is already seeking legal advice about the possibility of bringing charges against BT for contempt of court. If found guilty, the firm could face a fine of up to half a million pounds if it is found in breach of the Data Protection Act.
  • As operation Payback is a Bitch finished up its second week, things seem to be winding down. For those of us who are unaware of what went down, here’s a recap: The operation is launched by Anonymous against the entertainment companies, in particular MPAA (Motion Picture Association of America) and RIAA (The Recording Industry Association of America) and their legal watchdogs to support bitTorrent sites like The Pirate Bay. Within days, it developed into a cyberwar in which everyone got its share of the pie. The sit down may not be over yet. Anonymous stated that the attacks will continue until they are no longer "angry." Embracing the manifesto “we manifest anarchy,” the organization believes that the industry organizations’ “long outdated traditional views on copyright infringement enforced solely by rich and powerful corporations need to be modified in light of the modern age on the Internet, the Information Age,"The manifesto of the aforementioned operation is quite interesting in that it reveals how anarchic behavior may ensue when policies, in this case those that relate to copyright issues, are inadequate to respond to the needs of the contemporary age. Quite interesting that such criticism would be voiced by a group that was born out of the message boards of 4chan infamous for its crass humor and profanity. But at the same time, you don't have to be a genius to see the obvious. In the absence of functional regulators or laws, related parties are ravaging the loot while waving the banner of "doing good." And the manifesto announced by Anonymous, cited in full in Slyck in its entirety, demonstrates this chaos. The relevant section is as follows: “There have been a massive lobbyist-provoked surge in unfair infringements of personal freedom online, lately. See the Digital Economy Bill in the UK, and “three strikes” legislation in the EU which both threaten to disconnect internet connections based on accusations supplied by the music and movie industries. In the USA, a new bill has been proposed that could allow the USA to force top level registrars such as ICANN and Nominet to shut down websites, all with NO fair trial. Our tactics are inspired by the very people who provoked us, AiPlex Software. A few weeks back they admitted to attacking file sharing sites with DDoS attacks.”The problem, perhaps, is not just the inadequate copyright laws, but also the inability of the industry to adapt itself to the contemporary needs of our culture. In a recent interview with TorrentFreak, Fritz Attaway and Craig Hoffman, the two of the top suits of MPAA, admits that the large part of the problem "is developing new business models that consumers will access legally and find that experience superior to illegal access.“While the two are optimistic and believe that the industry is doing an excellent job in attaining that goal, the latest events that transpired prove that we have a long way to go. In the meantime, the groups are seeking justice in any way they can and no one is too sure who is the sheriff in town is or even if there is one. As is the case with most cyber-protests, it is not even clear who the victim is.To fight back against the anti-piracy lobby, Anonymous did what it does best: to initiate one of the largest cyberwars to date and, to maintain momentum, says Tom’s Guide, the group sought out more members by sending out flyers and recruiting people through Facebook, Digg, Reddit and other sites and made sure they had access to the tools they needed. Who is on the menu? The aforementioned associations, MPAA and RIAA, The British Phonographic Industry (BPI), The Australian Federation Against Copyright Theft (AFACT), StichtingBeschermingRechten Entertainment Industrie Nederland (BREIN), ACS:Law, Aiplex, Websheriff, and Dglegal. Ultimately, what happened on the Internet, did not stay on the Internet. The initiative ended up being far more consequential than it initially was thought to be, exposing scams, personal information of hundreds of people, ACS:Law’s dirty laundry, and… well… the names and information of those who illegally downloaded gay porn... or porn... Come on... admit it... we're all one big happy family here ;-P Well, you get the idea. The stench of the mess is so potent that it may require some radical cleaning up that requires more than fining people and putting them into jail. The story starts like this: The Operation Payback was initiated when RIAA had hired AiPlex Software, an India-based company working on behalf of Bollywood studios, who admitted [http://torrentfreak.com/anti-piracy-outfit-threatens-to-dos-uncooperative-torrent-sites-100905/] to using not-so-kosher techniques to fight piracy including launching DDoS attacks. You see, Aiplex is not the first or only company resorting to strategies like this. Seeing that their very own tactics were being used against their beloved p2p sites, Anonymous decided to take the matter into its own hands. And, as they promised, Anonymous took down the Web sites of RIAA, Aiplex, and ACS:Law, the law company that was hired to hunt down the infringers. So they did. The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, they exposed the backup of their confidential files containing the e-mails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by ISPs, including Sky, BT and Plusnet. And this information appeared on the website, unencrypted. Ooops, sorry! This unfortunate faux pas led to the company’s gory tactics being revealed to the hacker world who eagerly downloaded all this good information. Apparently, ACS:Law had been extracting money from the alleged infringers by encouraging out-of-court settlements. The firm's confidential (and now not-so-confidential) business plan shows that, while the amount of money demanded in the letters varied depending on the rights holder, the number of letters sent out by the law firm has turned its business into "a numbers game," so the payments of between £300 and £500 quickly added up into a handsome sum. Crossley, whose clients were mostly in the porn industry, came up with what seemed to be the perfect scam: track down BitTorrent infringers, convert their IP addresses into real names, and blast out warning letters threatening litigation if they didn’t cough up some cash. Except that the scheme had its flaws. Unless you are aggressively following the threats, people don’t take you seriously and if you are too aggressive, they bond together and resist collectively (both of which were the case here). Not to mention, the average file-shares don’t have extra of cash laying around to begin with, otherwise they would buy the movie in the first place. On top of this, according to a the same leaked business plan, only a fifth of money collected from damages paid was given to the rights holders, turning the law firm, which keeps 80% before paying ISPs and IP tracking companies, into cash cowsAnd so last week, the Internet witnessed ACS:Law going down in a spectacular fashion. But not before shaking down other companies. Everything seemed to come down like a house of cards. British Telecom (BT), the owner of PlusNet, admitted to sending to ACS:Law unencrypted personal data of 500 users who had been suspected of illegally downloading porn following a court order. But because they sent the data unencrypted (hoping that the unprotected files would be securely stored by ACS:Law), they breached the Data Protection Act, in addition to violating the very same court order they were following because the order had specifically stated that PlusNet should send this data in an encrypted form. The story doesn’t end here. After the collapse of ACS:Law, Gallant MacMillan (another law firm famous for hunting down infringers) rose up to the occasion to take over where ACS:Law has left off… and declared that it will use whatever method necessary to bring down the file-sharers and went to court to subpoena the IP addresses of additional suspected infringers. Seeing what had happened to BT, the ISPs weren't so hot in delivering this information when presented with flimsy proofs. Guess what happened to Gallant MacMillan and its client, the Ministry of Sound? Yup, you guessed it! Their sites went down, though they had a little bit more dignity than ACS:Law when doing so. If you are interested in the details of the entire operation, you can find them here. Already, the data leak is bringing important questions into the limelight, questions that exceeds copyright issues, but also, as you can suspect, verges upon privacy violations. Privacy International lost no time is expressing outrage by the breach and decried it as a “travesty of data security.” The quality of the standards set forth by The Digital Economy Act of England, while deemed to be satisfactory, is questioned as a result of all the dust that Anonymous brought up following its DDoS war. Even if ACS:Law’s evidence (sending warning letters by turning ISP into customer names) would be sufficient under the current regulations, it would still may not be considered as acceptable evidence in court. Privacy International is already seeking legal advice about the possibility of bringing charges against BT for contempt of court. If found guilty, the firm could face a fine of up to half a million pounds if it is found in breach of the Data Protection Act.
  • As operation Payback is a Bitch finished up its second week, things seem to be winding down. For those of us who are unaware of what went down, here’s a recap: The operation is launched by Anonymous against the entertainment companies, in particular MPAA (Motion Picture Association of America) and RIAA (The Recording Industry Association of America) and their legal watchdogs to support bitTorrent sites like The Pirate Bay. Within days, it developed into a cyberwar in which everyone got its share of the pie. The sit down may not be over yet. Anonymous stated that the attacks will continue until they are no longer "angry." Embracing the manifesto “we manifest anarchy,” the organization believes that the industry organizations’ “long outdated traditional views on copyright infringement enforced solely by rich and powerful corporations need to be modified in light of the modern age on the Internet, the Information Age,"The manifesto of the aforementioned operation is quite interesting in that it reveals how anarchic behavior may ensue when policies, in this case those that relate to copyright issues, are inadequate to respond to the needs of the contemporary age. Quite interesting that such criticism would be voiced by a group that was born out of the message boards of 4chan infamous for its crass humor and profanity. But at the same time, you don't have to be a genius to see the obvious. In the absence of functional regulators or laws, related parties are ravaging the loot while waving the banner of "doing good." And the manifesto announced by Anonymous, cited in full in Slyck in its entirety, demonstrates this chaos. The relevant section is as follows: “There have been a massive lobbyist-provoked surge in unfair infringements of personal freedom online, lately. See the Digital Economy Bill in the UK, and “three strikes” legislation in the EU which both threaten to disconnect internet connections based on accusations supplied by the music and movie industries. In the USA, a new bill has been proposed that could allow the USA to force top level registrars such as ICANN and Nominet to shut down websites, all with NO fair trial. Our tactics are inspired by the very people who provoked us, AiPlex Software. A few weeks back they admitted to attacking file sharing sites with DDoS attacks.”The problem, perhaps, is not just the inadequate copyright laws, but also the inability of the industry to adapt itself to the contemporary needs of our culture. In a recent interview with TorrentFreak, Fritz Attaway and Craig Hoffman, the two of the top suits of MPAA, admits that the large part of the problem "is developing new business models that consumers will access legally and find that experience superior to illegal access.“While the two are optimistic and believe that the industry is doing an excellent job in attaining that goal, the latest events that transpired prove that we have a long way to go. In the meantime, the groups are seeking justice in any way they can and no one is too sure who is the sheriff in town is or even if there is one. As is the case with most cyber-protests, it is not even clear who the victim is.To fight back against the anti-piracy lobby, Anonymous did what it does best: to initiate one of the largest cyberwars to date and, to maintain momentum, says Tom’s Guide, the group sought out more members by sending out flyers and recruiting people through Facebook, Digg, Reddit and other sites and made sure they had access to the tools they needed. Who is on the menu? The aforementioned associations, MPAA and RIAA, The British Phonographic Industry (BPI), The Australian Federation Against Copyright Theft (AFACT), StichtingBeschermingRechten Entertainment Industrie Nederland (BREIN), ACS:Law, Aiplex, Websheriff, and Dglegal. Ultimately, what happened on the Internet, did not stay on the Internet. The initiative ended up being far more consequential than it initially was thought to be, exposing scams, personal information of hundreds of people, ACS:Law’s dirty laundry, and… well… the names and information of those who illegally downloaded gay porn... or porn... Come on... admit it... we're all one big happy family here ;-P Well, you get the idea. The stench of the mess is so potent that it may require some radical cleaning up that requires more than fining people and putting them into jail. The story starts like this: The Operation Payback was initiated when RIAA had hired AiPlex Software, an India-based company working on behalf of Bollywood studios, who admitted [http://torrentfreak.com/anti-piracy-outfit-threatens-to-dos-uncooperative-torrent-sites-100905/] to using not-so-kosher techniques to fight piracy including launching DDoS attacks. You see, Aiplex is not the first or only company resorting to strategies like this. Seeing that their very own tactics were being used against their beloved p2p sites, Anonymous decided to take the matter into its own hands. And, as they promised, Anonymous took down the Web sites of RIAA, Aiplex, and ACS:Law, the law company that was hired to hunt down the infringers. So they did. The real damage to ACS:Law, however, came after the DDoS attack when, in their haste to put everything in order, they exposed the backup of their confidential files containing the e-mails of its only lawyer, Andrew Crossley, in addition to thousands of personal records that were handed over by ISPs, including Sky, BT and Plusnet. And this information appeared on the website, unencrypted. Ooops, sorry! This unfortunate faux pas led to the company’s gory tactics being revealed to the hacker world who eagerly downloaded all this good information. Apparently, ACS:Law had been extracting money from the alleged infringers by encouraging out-of-court settlements. The firm's confidential (and now not-so-confidential) business plan shows that, while the amount of money demanded in the letters varied depending on the rights holder, the number of letters sent out by the law firm has turned its business into "a numbers game," so the payments of between £300 and £500 quickly added up into a handsome sum. Crossley, whose clients were mostly in the porn industry, came up with what seemed to be the perfect scam: track down BitTorrent infringers, convert their IP addresses into real names, and blast out warning letters threatening litigation if they didn’t cough up some cash. Except that the scheme had its flaws. Unless you are aggressively following the threats, people don’t take you seriously and if you are too aggressive, they bond together and resist collectively (both of which were the case here). Not to mention, the average file-shares don’t have extra of cash laying around to begin with, otherwise they would buy the movie in the first place. On top of this, according to a the same leaked business plan, only a fifth of money collected from damages paid was given to the rights holders, turning the law firm, which keeps 80% before paying ISPs and IP tracking companies, into cash cowsAnd so last week, the Internet witnessed ACS:Law going down in a spectacular fashion. But not before shaking down other companies. Everything seemed to come down like a house of cards. British Telecom (BT), the owner of PlusNet, admitted to sending to ACS:Law unencrypted personal data of 500 users who had been suspected of illegally downloading porn following a court order. But because they sent the data unencrypted (hoping that the unprotected files would be securely stored by ACS:Law), they breached the Data Protection Act, in addition to violating the very same court order they were following because the order had specifically stated that PlusNet should send this data in an encrypted form. The story doesn’t end here. After the collapse of ACS:Law, Gallant MacMillan (another law firm famous for hunting down infringers) rose up to the occasion to take over where ACS:Law has left off… and declared that it will use whatever method necessary to bring down the file-sharers and went to court to subpoena the IP addresses of additional suspected infringers. Seeing what had happened to BT, the ISPs weren't so hot in delivering this information when presented with flimsy proofs. Guess what happened to Gallant MacMillan and its client, the Ministry of Sound? Yup, you guessed it! Their sites went down, though they had a little bit more dignity than ACS:Law when doing so. If you are interested in the details of the entire operation, you can find them here. Already, the data leak is bringing important questions into the limelight, questions that exceeds copyright issues, but also, as you can suspect, verges upon privacy violations. Privacy International lost no time is expressing outrage by the breach and decried it as a “travesty of data security.” The quality of the standards set forth by The Digital Economy Act of England, while deemed to be satisfactory, is questioned as a result of all the dust that Anonymous brought up following its DDoS war. Even if ACS:Law’s evidence (sending warning letters by turning ISP into customer names) would be sufficient under the current regulations, it would still may not be considered as acceptable evidence in court. Privacy International is already seeking legal advice about the possibility of bringing charges against BT for contempt of court. If found guilty, the firm could face a fine of up to half a million pounds if it is found in breach of the Data Protection Act.

Transcript

  • 1. Operation Payback (…is a bitch):
    Hacktivism at the Dawn of Copyright Controversies
    Burcu S. Bakioğlu
    palefire@palefirer.com
    @PaleFire
  • 2. Piracy
    Cultures
    Production
    Distribution
    Consumption
  • 3. REGULATION
    Corruption
    Criminalization of society
    Privacy
    Surveillance
    Threat to creativity
  • 4. Network Society
    horizontal modes of communication
    alternative strategies of resistance
  • 5. Sites of Struggle
  • 6. Hacktivism
  • 7.
  • 8. Operation Payback is a Bitch
  • 9.
  • 10. Operation: Payback is a bitch –
    Wikileaks"the future of cyber protests"
  • 11.
  • 12. Outcome:
    Porn industry = leading piracy war
    Companies not interested in stopping piracy but exploiting it
    ISPs not following Data Protection Act (Privacy violation)
    IP = Person
    Surveillance
  • 13. Burcu S. Bakioğlu
    palefire@palefirer.com
    @PaleFire