All Your P2P are Belong to RIAA

Page 2 - Seeking answers? Join the AnandTech community: where nearly half-a-million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: Citrix
During our research, we auditted and developed our hydra for the following
media tools:
mplayer (www.mplayerhq.org)
WinAMP (www.winamp.com)
Windows Media Player (www.microsoft.com)
xine (xine.sourceforge.net)
mpg123 (www.mpg123.de)
xmms (www.xmms.org)


I think that Microsoft and WinAMP and the others will have something to say about this.
Click to expand...

"Please tell us what you found?" or something less intelligent?
 
OutHouse

OutHouse

Lifer
Jun 5, 2000
36,410
616
126
Originally posted by: n0cmonkey
Originally posted by: Citrix
During our research, we auditted and developed our hydra for the following
media tools:
mplayer (www.mplayerhq.org)
WinAMP (www.winamp.com)
Windows Media Player (www.microsoft.com)
xine (xine.sourceforge.net)
mpg123 (www.mpg123.de)
xmms (www.xmms.org)


I think that Microsoft and WinAMP and the others will have something to say about this.
Click to expand...

"Please tell us what you found?" or something less intelligent?
Click to expand...


Ok hows this? F**K YOU!!! :|
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: Citrix
Originally posted by: n0cmonkey
Originally posted by: Citrix
During our research, we auditted and developed our hydra for the following
media tools:
mplayer (www.mplayerhq.org)
WinAMP (www.winamp.com)
Windows Media Player (www.microsoft.com)
xine (xine.sourceforge.net)
mpg123 (www.mpg123.de)
xmms (www.xmms.org)


I think that Microsoft and WinAMP and the others will have something to say about this.
Click to expand...

"Please tell us what you found?" or something less intelligent?
Click to expand...


Ok hows this? F**K YOU!!! :|
Click to expand...

And then those exploits are made public and oops, another unpatched Microsoft bug where plenty of exploits will be floating around causing havoc from the skript kiddies and jr hax0rz alike.
 
U

UberDave

Platinum Member
Apr 9, 2002
2,360
0
0
well, if it's true say goodbye to the entire world, because we'll all be in jail.


:fawk:
 
R

Rainsford

Lifer
Apr 25, 2001
17,515
0
0
That's what I love about the Internet, rumors start flying just because someone says something that might possibly be true. There could be a small grain of truth in this (although I doubt it), but it seems kind of unlikely. There is no reason at all to believe this, no proof, no information outside of one source. People can be made to believe anything if they want it to be true or are afraid it is.
 
D

dmcowen674

No Lifer
Oct 13, 1999
54,889
47
91
www.alienbabeltech.com
Originally posted by: UberDave
well, if it's true say goodbye to the entire world, because we'll all be in jail.


:fawk:
Click to expand...

If you have setup_wm.exe on your machine you have been tagged and cataloged for this prosecution sting that will be unleashed this year.
 
P

ProviaFan

Lifer
Mar 17, 2001
14,993
1
0
Wow, they sure are professional:
Don't fvck with the RIAA again, scriptkids.
Click to expand...
rolleye.gif


Concerning the security aspect, I wonder if they've found some way to exploit this bug in Winamp and other players, or if this is something different.

And I wonder what they're going to do about those of us who have ripped all of our (legal) CDs, but have no other MP3 files on our hard drives? I guess we're just going to say "Fvck fair use" and let the RIAA sue everybody for making (legal) backups of their own CDs. :|
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: Rainsford
That's what I love about the Internet, rumors start flying just because someone says something that might possibly be true. There could be a small grain of truth in this (although I doubt it), but it seems kind of unlikely. People can be made to believe anything if they want it to be true or are afraid it is.
Click to expand...

While this is true to a point, the fun can start happening now, while this is a rumor (if it is 100% rumor). How do we modify things to protect ourselves from this eventuality? It has been proven that .pdf files can contain exploit information, and I believe mp3s also fall on that list.

Now, something based on the principle of a warhol worm could be extremely deadly in this case. There is another type of worm that is like this, but I forget the name at the moment. Basically, if you can find an exploit for KAzaa or attatched to one of these files that someone downloads and will exploit whichever media player they use (I would target winamp and WMP first and foremost), how many infections could you get in an hour? A day? A week?

If you had an exploit for Kazaa and could trojan it to exploit the vulnerability in connecting Kazaa machines you could easily take out a couple of hundred machines in under an hour. You get infected. Someone connects to you to get Oops_I_did_it_again.mp3 and gets infected. 2 people connect to that machine to get Anna_kornakova_upskirt.mpeg and bang_bus_7_the_buses_fight_back.mpeg and get infected. And so on and so on. Estimations for a pure warhol worm are 1million machines in 15 minutes. The modified worm I am talking about obviously will take a little longer, but by disguising the exploit as "normal kazaa traffic" it could be easier to hide. Plus, hiding exploits in these media files offers you another method of infection.

This is not a simple "Is this true?!" situation we are looking at here. We should also be looking at "What if?" and "When will we see this?" Its not a new idea, and this message will bring the idea out into the forefront of the media (atleast the geek media for now). This idea will be sown into every skript kiddy, dick, and harry and it will happen.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: jliechty
Wow, they sure are professional:
Don't fvck with the RIAA again, scriptkids.
Click to expand...
rolleye.gif


Concerning the security aspect, I wonder if they've found some way to exploit this bug in Winamp and other players, or if this is something different.

And I wonder what they're going to do about those of us who have ripped all of our (legal) CDs, but have no other MP3 files on our hard drives? I guess we're just going to say "Fvck fair use" and let the RIAA sue everybody for making (legal) backups of their own CDs. :|
Click to expand...

The RIAA has been bad mouthing and trying to stop fair use for a while now. Its nothing new.
 
B

BDawg

Lifer
Oct 31, 2000
11,631
2
0
Originally posted by: n0cmonkey
The RIAA has been bad mouthing and trying to stop fair use for a while now. Its nothing new.
Click to expand...

Looks like they'll get more of their wish.

Link
 
K

KeyserSoze

Diamond Member
Oct 11, 2000
6,048
1
81
Originally posted by: n0cmonkey
Originally posted by: KeyserSoze
Originally posted by: n0cmonkey
Originally posted by: KeyserSoze
Come on AT'ers, we got a whole bunch of geeks here.

Doesn't this just sound like a bunch of BS???







KeyserSoze
Click to expand...

The part about the RIAA contracting GOBBLES sounds like BS. But the rest of it is more than feasable. What part sounded like BS to you?
Click to expand...


I gess the part about this "Hydra" that NO ONE has found/detected/or been made aware of, with all the smart people we have right now in this world.




KeyserSoze
Click to expand...

The best part about it (and this may be getting too technical for ATOT :p) is that you can blend it in with normal Kazaa traffic. The people that look for these things look for things that are different or wierd that set off alarms. If you can blend the worm traffic in with normal traffic it would be much harder to spot.
Click to expand...



Alright, that's exactly the answer I was looking for. I just figured someone could *easily* monitor their traffic, and be able to detect this.




KeyserSoze
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: KeyserSoze
Originally posted by: n0cmonkey
Originally posted by: KeyserSoze
Originally posted by: n0cmonkey
Originally posted by: KeyserSoze
Come on AT'ers, we got a whole bunch of geeks here.

Doesn't this just sound like a bunch of BS???







KeyserSoze
Click to expand...

The part about the RIAA contracting GOBBLES sounds like BS. But the rest of it is more than feasable. What part sounded like BS to you?
Click to expand...


I gess the part about this "Hydra" that NO ONE has found/detected/or been made aware of, with all the smart people we have right now in this world.




KeyserSoze
Click to expand...

The best part about it (and this may be getting too technical for ATOT :p) is that you can blend it in with normal Kazaa traffic. The people that look for these things look for things that are different or wierd that set off alarms. If you can blend the worm traffic in with normal traffic it would be much harder to spot.
Click to expand...



Alright, that's exactly the answer I was looking for. I just figured someone could *easily* monitor their traffic, and be able to detect this.




KeyserSoze
Click to expand...

If you know what you are looking for, you can monitor anything :)
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom