Mamado Inside

21 March 2007

P2P poisoners’ tactics

Filed under: p2p, web — mhussein @ 3:29 pm

arstechnica had an enlightening interview with the largest company in a -usually- very secret business.

MediaDefender is the largest company in a business that aims to disrupt p2p networks on behalf of large music labels and movie studios.

MediaDefender uses four main methods in their quest, to quote the interview:

Decoying. This, in a nutshell, is the serving of fake files that are generally empty or contain a trailer. The goal is to make legitimate content a needle in a haystack, so MediaDefender works hard to ensure that its copies of files show up in the top ten spots when certain keywords are searched for. Everything about the file is tailored to look like the work of pirates

but decoying has a down side: the bandwidth. Because MediaDefender actually serves these large but bogus files, it incurs a significant bandwidth bill by using this technique.

Spoofing. Spoofing sends searchers down dead ends. MediaDefender coders have written their own software that interacts with the various P2P protocols and sends bogus returns to search requests, usually directing people to nonexistent locations. Because most people only look at the top five search results, MediaDefender tries to frustrate their first attempts to download a file in hopes that they will just give up.

Interdiction. While the first two techniques try to prevent searchers from locating files, interdiction prevents distributors from serving them. The tool is generally used when media is leaked or newly released; the goal is to slow its spread in those crucial first days. MediaDefender servers attempt to create constant connections to the files in question, saturating the provider’s upstream bandwidth and preventing anyone else from grabbing the data.

Swarming. Though he acknowledges the BitTorrent networks can be hard to disrupt, Lee points out that MediaDefender can use “swarming” to make life more difficult for users trying to download copyrighted content. BitTorrent works by using a hash file to reassemble a file from many pieces, each of which may have been downloaded from a different user. MediaDefender simply serves up its chunks of these files, but instead of providing the proper data, its chunks contain static or nothing at all. BitTorrent will discard such junk data, but a flood of it can slow a user’s download to a crawl.

This as expected doesn’t stop the p2p networks, but it can delay the distribution of the pirated content for few weeks, that will be enough for MediaDefender customers to take their profits home.

add to Digg it Stumble It! Add to Blinkslist add to furl add to ma.gnolia add to simpy seed the vine TailRank


Blog at