Script kiddies, SOPA, DCMA DDOS, Megaupload, and Intellectual Propery Protection

over the last few years or so, the small cottage industry of copyright protection has been slowly shifting from “we protect your files” to “we will nuke your enemies from the orbit” type services. And they have been getting better at it.

Terminally Incoherent describes DMCA DDOS: Why compliance is not an option. DMCA is the Digital Millennium Copyright Act [Wikipedia] and a DDOS A distributed denial of service attack.

The concept is simple – DMCA works quite well against casual infringement. If someone uploads copyrighted material on their blog, or on Youtube you can easily bring it down with a single request. The problem is with organized file sharing sites – torrent communities, cyberlockers, file sharing forums, etc… When you have a large community of people committed to infringe your copyright no matter what, then takedown notices become mostly useless. As soon as you get your IP taken down, someone else will “re-up” it in the same forum. So you have to issue another DMCA request, and another, and another. If you want to suppress the availability of the file in said forum, you need to be faster than the pirates. You must request a take-down as soon as the file re-surfaces, and you have to make sure it goes down before the bulk of sites users can find it.

So over the last few years or so, the small cottage industry of copyright protection has been slowly shifting from “we protect your files” to “we will nuke your enemies from the orbit” type services. And they have been getting better at it.

This does not surprise me. If there is a tool to be built, someone will build it. In fact, I find this industry somewhat fascinating because it actually follows what Charles Stross predicted in Accelerando. He came up with an idea of a “legal DDOS attack” in which bunch of expert systems would gang up against a legal entity to inundate it with threats, civil suits, inquiries and etc… Unless you had an equally potent legal system in place, your company would drown in the sea of legal paperwork in a matter of days, if not hours. And just like IRL, the first use of such systems in Stross’ book was to aid the failing entertainment industry.

A ‘script kiddie’ is a person who writes a simple program to automate some tedious chore on a computer. In this case, it is used to indicate people who write simple programs to find potential copyright infringement files in the I’net, determine the website owner, and then issue a legal request to remove the file. Using a simple program means that the whole thing is automated and much much faster than if a human were doing it. Sometimes it is so fast that the repeated automatic requests bog down the website denying service to its normal readers. That is the DDOS aspect of the issue.

As you can see, the author mentions a coordinated “carpet bombing” attack executed by several companies with a clear aim of crippling the website, and forcing it to shut down under the pressure. They were not really interested in protecting their client’s intellectual property – they were out to cause disruption and damage to their target community. And they did it using classic script kiddie tactics – via a coordinated DDOS.

This is similar to other uses of legal harassment to achieve ends that are sometimes questionable. The small claims court case against Honda about fuel efficiency is another. The same set of tactics can be seen in the efforts for gun control.

The moral of the story is about when good intentions go awry. The ends start to justify the means. SOPA, a bill in Congress to enhance website takedown on suspicion of copyright infringement was another front in the effort. SOPA was set aside due to the uproar created to protest it on the web. This argument has a long ways to go and will be a ‘nailing jelly to a tree’ effort for a long time yet if it follows debate in similar issues. (although it is good to see a lawsuit against railroads because they hauled asbestos dismissed because the railroads just haul it, they didn’t put it to use).

Comments are closed.