[unisog] Recent increase in RIAA complaints

Arnold, Jamie harnold at binghamton.edu
Mon Apr 21 01:42:59 GMT 2003

A recent news article..

1. Encrypting File-sharing Programs Put Colleges on the Spot
The escalating war between the Recording Industry Association of America
(RIAA) and peer-to-peer software programs, such as Kazaa, has positioned
college IT staff and students squarely in the middle of the battlefield. In
the past, RIAA has pressured colleges to enforce the Digital Millennium
Copyright Act (DMCA), or risk being taken to court. Typically, RIAA informs
the college that a particular student is violating the DMCA, and the college
notifies the student with a threat to discontinue his or her data service
for some period of time. On the horizon, however, are new versions of
peer-to-peer software programs that threaten to upset this pattern. These
versions will not only encrypt the user, but may also encrypt the headers,
making it near impossible for colleges to segregate such traffic, a
double-whammy that is sure to clog most college networks and send a
college's bandwidth costs soaring. This fear was spelled out in late March
on a listserv for college residential network (resnet) operators. "The
latest P2P bandwidth hog to find its way onto our network is Filetopia
(www.filetopia.org). The spooky issue here is that it seems to be encrypted,
and is tough to trace where the server is," wrote the resnet manager. Why is
this important? If the user cannot be identified, then the college IT
manager has no one to crack down on, making it very difficult to enforce the
DMCA on behalf of RIAA. "Encrypted and anonymous file-sharing programs like
Filetopia can be a real problem for colleges trying to prevent students from
inappropriate file sharing," said Thomas A. Lewry, an IP attorney with the
firm, Brooks & Kushman, in Southfield, Mich. "For example, Filetopia uses a
'bouncer' to hide the IP addresses so the connection can't be traced. This
can make it difficult to find the students who are using the program."
Filetopia responded by email to questions from DMCA Alert, confirming that
"Protocols are completely encrypted, headers and all. I don't think there is
any way that hardware, which allows http traffic, can stop Filetopia." The
latter would be very problematic for colleges that have invested tens of
thousands of dollars on packet-shaping equipment that is specifically
designed to block such files.


-----Original Message-----
From: Dax [mailto:dax at resnet.ucsb.edu] 
Sent: Friday, April 18, 2003 12:37 PM
To: Phil.Rodrigues at uconn.edu
Cc: unisog at sans.org

	I know many people on this list already subscribe and participate in
the ResNet administrator's list, but for those of you who don't, or didn't
know about it, I would encourage you to visit


	and check out the archives.  There's been many (somewhat
lively) discussions about this subject there of late.  You may find many
answers to questions about other schools and their policies there.


On Thu, 17 Apr 2003 Phil.Rodrigues at uconn.edu wrote:

> We are anticipating a much heavier flow of these next academic year, 
> and are starting to make plans to handle them.  It has swamped the 
> staff I have working on this, and we now have to make staffing 
> decisions (and thus budgetary decisions) based on this increase in
> Where do I send the complaints to get *my* money back? ;-)
> If someone has the magic solution for this let me know.  This has 
> required a lot of phone calls, emails, explanations to the students 
> who get them, and most importantly (and time consuming) good, 
> documented follow-up practices.  We also hope to step up our 
> proactive, educational efforts, but I am not optimistic that proactive 
> warnings and clear policies alone will stem the flood of these complaints.
> I am a fool if I challenge these complaints in a public forum, but I 
> feel a bit like a business decision by en external corporation is 
> increasing the load on me and my already strained staff to the limit.  
> We already fully cooperate with these complaints, and always intend 
> to, but this is clearly a measure to put more pressure on us to put 
> more pressure on the students.  We are more than an ISP to these 
> students - we feel a need to tell them what might happen if they share 
> these files, to explain what the complaints mean when they get one, 
> and to explain how they can comply with the media companies' requests.  
> My broadband ISP has not done any of this for me, or at least not that I
am aware of.
> Are schools being targeted because we harbor more of these "copyright 
> criminals", or because we are more involved with our users?  Are ISPs 
> seeing a similar increase?  Does anyone really think the home 
> broadband market is seeing less copyright abuse than we are?  (They 
> are certainly seeing more than their share of security incidents.)
> Phil
> =======================================
> Philip A. Rodrigues
> Network Analyst, UITS
> University of Connecticut
> email: phil.rodrigues at uconn.edu
> phone: 860.486.3743
> fax: 860.486.6580
> web: http://www.security.uconn.edu
> =======================================
> Doug Nelson <nelson at clunix.cl.msu.edu>
> 04/17/2003 04:24 PM
>         To:     jason-alexander at uiowa.edu (Jason Alexander)
>         cc:     unisog at sans.org
>         Subject:        Re: [unisog] Recent increase in RIAA complaints
> > 
> > Anyone see this letting up any time soon.  We're getting  lots of these.
> Sure - in two weeks, most of our students are gone for the summer.
> I don't expect things to be much better this fall, though, barring any 
> changes in policy or law which would require us to take a more 
> proactive role in addressing DMCA/copyright issues.
> Doug Nelson                                              nelson at msu.edu
> Network Manager                                          Ph: (517) 
> 353-2980
> Computer Laboratory
> Michigan State University

More information about the unisog mailing list