[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [dvd-discuss] RIAA Subpoena Process-Flaws
- To: <dvd-discuss(at)eon.law.harvard.edu>
- Subject: RE: [dvd-discuss] RIAA Subpoena Process-Flaws
- From: "Hiddink, Gerrit (Gerrit)" <ghiddink(at)agere.com>
- Date: Fri, 10 Oct 2003 07:58:07 +0100
- Reply-to: dvd-discuss(at)eon.law.harvard.edu
- Sender: owner-dvd-discuss(at)eon.law.harvard.edu
- Thread-index: AcOOhfF/IaTc+8+LTnC9Yj9IU/+OhAAdQlFg
- Thread-topic: [dvd-discuss] RIAA Subpoena Process-Flaws
Hi,
in principle your thinking is right, but in practice it is not
that simple. Why?
- computers do not just maintain "time" but also log the time zone
they're in. So computers around the world have a common sense
of "time", which consists of local time plus timezone info.
- you can set up a bogus DNS server, but that doesn't make it the
ISP's DNS that RIAA will demand logs from. Besides, a DNS does
the IP number - to - hostname conversion, so changing the DNS
won't give you a different IP number.
- IP numbers, when given back by the user, are not immediately
handed out to someone else because IP will also get confused.
It is rested for a while to 'cool off' and have all connections
that may still be associated with it time out.
Regards, Gerrit
> -----Original Message-----
> From: Glendon Gross [mailto:gross@xinetd.com]
> Sent: Thursday, October 09, 2003 6:52 PM
> To: dvd-discuss@eon.law.harvard.edu
> Subject: Re: [dvd-discuss] RIAA Subpoena Process-Flaws
>
>
> It almost seems as though the RIAA method presumes an incorrect (i.e.
> Euclidean) view of space-time... so that one could defeat the
> system by
> merely setting up Network Address Translation, or by setting one's
> computer clock to a different year. What is to prevent a user from
> putting bogus information into their DNS in order to defeat
> the system?
> It's fairly easy for someone to set up a bogus DNS server.
>
> What concerns me more is the danger of false positives.
> If the subpoenas are based on a flawed system, then information
> regarding the limitations of the method might be useful in defending
> against the subpoenas.
>
> microlenz@earthlink.net wrote:
> >
> > The thought occurred to me that if the RIAA is basing their
> subpoena process on
> > the time stamped DNS IP addresses, there might be a problem
> with that....whose
> > time?
> >
> > The RIAA has their time. The ISP has theirs. The user has
> theirs. In a DNS
> > environment RIAA can say to the ISP give me the name of
> this user who had IP
> > address WWWW.XXXX.YYYY.ZZZZ at time 123456.67543 (THEIR
> clock) the ISP gives it
> > at THEIR clock. IF the RIAA got the time from the user
> that's the USER'S CLOCK.
> > They can be off quite a bit of established time....but wait
> their's more.
> >
> > If RIAA get's the IP address just before an IP address is
> given up and that is
> > reallocated immediately then if RIAAs and the ISP's clocks
> do not agree then
> > will get the wrong name for the user.
> >
> > So the issue becomes how does RIAA get their subpoena info?
> That might be worth
> > investigating.
>