Re: FC: Draft of Rep. Berman's bill authorizes anti-P2P hacking

[InfoSec News <isn () c4i org>]

Forwarded from: Russell Coker <russell () coker com au>

On Wed, 24 Jul 2002 12:44, you wrote:
> http://news.com.com/2100-1023-945923.html?tag=politech
>
>    Could Hollywood hack your PC?
>    By Declan McCullagh
>    July 23, 2002, 4:45 PM PT
>
>    WASHINGTON--Congress is about to consider an entertainment
>    industry proposal that would authorize copyright holders to disable
>    PCs used for illicit file trading.
>
>    The legislation would immunize groups such as the Motion Picture
>    Association of America and the Recording Industry Association of
>    America from all state and federal laws if they disable, block or
>    otherwise impair a "publicly accessible peer-to-peer network."
>
>    Anyone whose computer was damaged in the process must receive the
>    permission of the U.S. attorney general before filing a lawsuit, and a
>    suit could be filed only if the actual monetary loss was more than
>    $250.

This might allow some interesting situations.

Imagine if a law enforcement agency had some undercover agents
investigating illegal activity on the net (could be piracy or
something else) and were participating in P2P file sharing.  What
happens when the RIAA launches a virus on them and takes out all their
computers?  How exactly do you determine when a non-profit
organization such as a local police station has suffered $250 in
damages?

How would such a law deal with attacks (either deliberate or by
mistake) on people and/or companies in other countries?  Are the
Americans trying to authorise attacks on servers in other countries?  
If so how should we respond to such illegal attacks?


Firstly I think we need to setup a RBL service that lists all the IP
addresses known to belong to criminal organizations (any organization
that wants to attack my machines in breach or the relevant Dutch and
Australian laws is a criminal organization) such as the MPAA and the
RIAA.  Any responsible ISP administrator has a duty to protect their
customers from such criminals.  Also this should probably be extended
to organizations that support those criminals, of course some
customers would complain that they want to access the web sites about
new movies etc, so you would need to have two different categories of
users with an automated method for users to change their settings as
to whether they want to be protected from such attacks.

The next issue is that of ingres filters.  All responsible ISPs have
filters setup so that (except in the rare cases of dual-homed
customers) the customer can't use a source IP address other than the
address that is assigned to them if they want their packets to go
anywhere.  This makes it easy to track customers who do bad things and
discourages them from trying it.  In the case of the RIAA, perhaps the
ingres filters should not stop packets destined for those networks.  
After all if the RIAA is going to attack your customers it seems fair
to allow them to retaliate.


Russell Coker



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.