The wrong target

Our congressfolk are talking again about targetting PCs that are used for illegally trading in copyrighted material.

Dave’s take: “…if I have an MP3 audio recording of a speech I made and recorded with my own equipment, and publish it on my own server, Mr Hatch’s robot might conclude I was a pirate and destroy my recording and possibly my computer.”

What Dave and the congressfolk overlook is that the lion’s share of illegal file swapping takes place on compromised machines. The serious file swappers realize that it is not in their interest to share files on machines that can easily be traced back to them. So they troll the net looking for insecure machines, particularly insecure machines with big hard drives and fast outbound bandwidth. When they find such a machine, they break in on a Saturday night or Sunday afternoon, when the machine’s owner is likely to be out of the office. Then they set up an FTP server and tell their friends about it in an impromptu IRC chat room. Everyone goes happily about their swapping and clears out by 8am Monday morning.

How do I know this? My Windows development machine at MIT was compromised twice in the space of two months. Both times a copy of Serv-U had been set up and loaded with gigabytes of movie files. MIT’s network security team was gracious enough to alert me to the problem so that I could back up my data before wiping and re-installing.

Now consider who the search and destroy tactics would hurt. It wouldn’t be guys like Dave with only a handful of files on their server. Nor would it would be the serious file swappers who know better than to proffer their wares through their cable modem connection. The computers getting clobbered would be those of unsuspecting university employees and office workers.