MPAA Trying To Rootkit Universities?
from the how-nice-of-them dept
Just as the MPAA is strongly pushing for a new law that would require universities to take proactive measures to prevent unauthorized file sharing from happening on university networks, the group is also apparently pushing certain universities to install some MPAA-sponsored software to monitor network usage. However, after examining this “toolkit” some are noticing that it appears a lot more like a “rootkit” than a “toolkit.” Depending on how a university’s network is configured, it could actually reveal a lot of private info to the outside world. The software also phones home to the MPAA, despite promising not to report back any information. There are a few other oddities as well. While it could password protect some of the exposed content, it never prompts the user to do so — and, at the same time, it disables logging who accesses the pages revealing all the info. While it could all be a coincidence, effectively the MPAA has made it so that it (and others) can spy on university network usage without being tracked in many cases. People in the article note the similarity to the Sony rootkit situation, where software designed to “protect” actually opened up huge security vulnerabilities.
Filed Under: mpaa, privacy, toolkit, universities
Companies: mpaa
Comments on “MPAA Trying To Rootkit Universities?”
Stupid
This is getting ridiculous… ISPs, schools, are not enforcers for these a$$hats. Wake up and smell the new markets available IDIOTS!
Unbelievable that the MPAA has the audacity to send a letter asking all of these Universities to police their networks. I hope all of those schools make it clear that they do not work for the MPAA, and that the MPAA doesn’t get the free use of University resources for its own agenda.
The lesson learned from the Sony rootkit episode was that the record companies are above the law (no one from Sony ever went to prison or was even charged over their rootkit). So now why shouldn’t the movie companies think they can do the same? And you know what? They’re probably right. The FBI is in love with these guys.
Paying the cost
And is the MPAA agreeing to indemnify the Universities and all of the University users when their software crashes the system or results in a leak of private information?
Re: Paying the cost
>And is the MPAA agreeing to indemnify the Universities
>and all of the University users when their software
>crashes the system or results in a leak of private >information?
The upside on a MPAA rootkit causing the release of private information is that there would finally be grounds to sue them into oblivion.
Re: Re: Paying the cost
Haha, I was just thinking of that possibility. Hopefully by the time I go to school, a number of information leaks will put them in check.
When it's time to cut and run...
Anyone who has had on older car can tell you that there comes a time to cut your losses and buy a new car. The repair and maintenance costs far outweigh the costs and benefits of purchasing something newer. I think that time has come and gone for the RIAA and MPAA. The current business model is outdated and in grave danger of loosing the connection to it’s buyers altogether. It’s a different world than the one that record and movie dynasties are used to. They either need to adapt or they will run head long into the tar-pits of extinction themselves.
If the new world of eBusiness is embraced by the entertainment industry, I think that there could be an exponential growth in revenue.
Re: When it's time to cut and run...
I don’t know…
Maybe this is their new business model. They can’t seem to make any decent films, maybe they’ve caught on to how entertaining it is to watch them bumble around like a bunch of clueless morons?
universitytoolkit.com
Anybody check to see if the GNU or GPL is being broken by their distribution of Xubuntu, Snort, etc.? They’re distributing this toolkit as a bundled ISO install, but I don’t see any evidence that they are also releasing the complete source code for this distro and the included tools.
http://www.xenu.net
rootkit==teh 3/i1
Via Kreb’s blog, a quote from Steve Worona, director of policy and networking programs at EDUCAUSE:
IOW, it doesn’t matter what a hacker might think is the definition of a “rootkit”. All you need to know is . . .
r0ot|
Run away!
Re: rootkit==teh 3/i1
There have plenty of individuals (i.e. not corporate executives) convicted of computer crimes on the basis of what they actually “did” despite not really “intending” any harm. Intent (supposed) only seems to be a defense for corporate executives.
sadly, its breaking the law in a bad way
they’re basically asking you to give up your own rights by installing their software…so it might be a legal grey area.
Re: sadly, its breaking the law in a bad way
If they don’t reveal what all it is going to do (and I don’t think they have) then it’s what’s called a “trojan”. The record and movie industries have been lobbying congress for laws to specifically make it legal for them to plant trojans for some time now. While they haven’t gotten that yet I guess a promise of immunity from the Justice Department is almost as good.
On top of that...
You know, they could save themselves a lot of bandwidth cost by using bittorrent to distribute that ISO image…
EtG
Techdirt comment handling
P.S. Techdirt has a comment handling problem in html post mode with both backslashes (unescaped) and with: & (ampersand)l (ell) t (tee) ; (semicolon).
Backslashes showed up fine in preview. Backslashes disappeared on post.
& (ampersand)l (ell) t (tee) ; (semicolon) also showed up fine in preview. Everything in rest of paragraph disappeared on post.
Anyhow, “rootkit == teh 3vi1”.
RIAA
Leo LaPorte isn’t gonna like this
Re: RIAA
What is Leo LaPorte’s postion? Also Kim Komando? I only have listened to them incidentally so I don’t know how “activist” they are (if at all).
They think you are stupid
Yes, that’s right, MPAA. Nobody ever looks to see what the software they install is actually doing. Everybody just installs whatever you give them and takes your word for it that it’s all safe and honest.
After all, you are the trustworthy ones, and anybody who would question your right to distribute your “toolkit” is obviously a criminal.
Once again, this proves that the MPAA and their ilk really do think the rest of the world is stupid.
Corporations Defining What is Legal
To reiterate the prior posts, we seem to be descending into a society where corporations (in the name of protecting their profits) will deprive the consumer of any rights, will judge the consumer’s guilt, will establish the penalty, and will invoke the penalty all without due process. We are becoming a Nation of, by, and for the corporations.
It’s made from a linux variant, yet they don’t make their code available. So, in fact, they are violating copyright law with this. Right?