MPAA anti-university software
p2pnet news | MPAA News:-
A huge security hole has been uncovered in an application custom-built
to boost the Hollywood effort to seriously interfere with education at
American universities across the land a la the RIAA —- only more effectively.
Among other things, with it, the MPAA can, “drill down and find out
where that IP address is going. Myspace, PirateBay, Grandma’s website,
whatever,” blogs David Taylor, a senior information security specialist for the University of Pennsylvania.
“If a person on the network has a personal website they might even
be able to get a name and contact information of that user. And to add
more weirdness to this scenario the Apache webserver logging is
disabled. So you will not know what IP address accessed the application
and what pages were accessed.”
And the irony is: the MPAA application was developed with open source software.
Unbelievably, the MPAA wants the universities to install it and if they follow the trend established under the RIAA’s current blackmail and extortion scheme, many of them will do exactly that.
Warner Music, EMI, Vivendi Universal and Sony BMG’s RIAA (Recording
Industry Association of America) is attacking US students like a rabid
dog, using unpaid school administrations and staffs as the heavies.
Now Hollywood’s MPAA (Motion Picture Association of America), with
Time Warner, Viacom, Fox, Sony, NBC Universal and Disney behind it, is
harassing US universities it claims are home to file sharing pirates.
Hollywood is claiming it’s being ravaged by criminals and thieves
illicitly sharing its movies online, at the same time reporting record-breaking, mind-boggling profits.
‘Open source tools (snort, ntop, etc) bundled with MPAA supplied custom rule sets’
“Friends,” says Matthew Nocifore on the Educause Security list,
“I’m hearing that some university presidents have recently been
contacted by ‘Education/Outreach’ executives of the MPAA asking that
university IT staff install MPAA developed ‘network wiretap and traffic
monitoring’ software to help identify and stop the distribution of
infringing traffic.”
“The toolkit, freely available via http://universitytoolkit.com,
is a collection of open source tools (snort, ntop, etc) bundled with
MPAA supplied custom rule sets running on the Ubuntu OS,” says
Nocifore, going on:
Apparently
the MPAA has even suggested that president arrange a conference call
between university and MPAA technical staff to assist in campus
deployment of the toolkit.
However, the MPAA app is a Beta and, “Beta is not suitable for a production environment.”
The tool, “seems to be introducing some severe vulnerabilities to
the privacy of users and direct access (unauthenticated and totally
anonymous) to the logs of all network traffic that can be accessed from
any remote system on the Internet,” he says, going on:
“It also appears that they are providing false information to exactly what this toolkit does.”
‘ … now the MPAA has way more information than they are supposed to have’
Taylor downloaded a copy and techies will find chapter and verse on the results on his site where, among other things, we find:
What if
I log into my MPAA networked desktop computer and think today I want to
go look at the sensor on the University of Tinfoil Hats’ network. I go
there and load up the main application and get a list of IP addresses
that are showing to be on the Kazaa network. I get the MAC address and
all information I can get. Then I send that information to the packet
henchmen (MediaDefender, etc) and tell them to find this IP address and
generate data for a DMCA notice. Well, now the MPAA has way more
information than they are supposed to have. Actually information that
would normally require a subpoena.…
So lets get to the “the content of traffic is never examined or displayed”:
They are using
Snort which is a free intrusion detection system that is able to view
the packet headers and contents of packets and compare to a list of
predefined signatures to determine if specific things exist in the
packet. Normally this is used to detect attacks on the network and is
also used to enforce company policies.
Meawnhile, in a considerable understatement, he adds:
I think
Perhaps the MPAA jumped the gun a bit when they began to send the
letters out asking folks to install this toolkit. There are a lot of
changes that need to be made before a tool like this could be installed
in a production environment. And of course anyone that is responsible
for running a network should always make sure to look closely at
devices and applications before putting them into production.
Definitely stay tuned.
Powered by ScribeFire.
No comments:
Post a Comment