Has the RIAA Wormed 95% of P2P Networks?

DancingSword was one of many to submit links to a strange story about the RIAA hacking back by sending a worm through the major peer-to-peer networks, supposedly with a 95% infestation rate. Hoax or not?

Remember

[lifechooser (446921)]

95% of networks is not 95% of files.

Re:Remember

[Tim C (15259)]

Ah, but it's not "95% of networks", it's "95% of computers participating in p2p networks".

That said, I really doubt the veracity of this. To me, it's more likely to either be a hoax by someone trying to get noticed, or scare tactics to get people to stop using p2p and delete their mp3s. It seems to me very unlikely that anything with such a high rate of infestation would have gone completely unnoticed.

Re:Remember

[dohcvtec (461026)]

It seems to me very unlikely that anything with such a high rate of infestation would have gone completely unnoticed

I wish I could agree, but from reading the article and the Bugtraq post, it seems that for now, all this thing really does is sends the RIAA a list of what MP3 files you have on your system. It apparently doesn't destroy anything, and the post vaguely describes the method of contacting the RIAA as "specially crafted requests over the p2p networks." For both of these reasons, it may very well go unnoticed on many systems. It is unclear, however, what happens on machines with infected MP3s, but no P2P software.

However, the post also goes on to mention that the OpenBSD release song MP3s on the ftp.openbsd.org server are/were supposedly infected with this worm, and that Theo De Raadt was none the wiser to this fact. This is not surprising, since it's clear that Gobbles does not like Theo, but it is significant if it is true.

Re:Remember

[Oculus Habent (562837)]

Not only sued into oblivion, but the individuals creating/distributing/authorizing the worm/virus/invasive program are subject to arrest and a per infection fine should the government feel the desire.

Windows Clients/hosts?

[pgrote (68235)]

No mention of whether this affectes Windows clients/hosts or not. Any idea?

Re:Windows Clients/hosts?

[by Anonymous Coward]

Read the advisory written by Gobbles:

Introduction:
Several months ago, GOBBLES Security was recruited by the RIAA (riaa.org)
to invent, create, and finally deploy the future of antipiracy tools. We
focused on creating virii/worm hybrids to infect and spread over p2p nets.
Until we became RIAA contracters, the best they could do was to passively
monitor traffic. Our contributions to the RIAA have given them the power
to actively control the majority of hosts using these networks.

We focused our research on vulnerabilities in audio and video players.
The idea was to come up with holes in various programs, so that we could
spread malicious media through the p2p networks, and gain access to the
host when the media was viewed.

During our research, we auditted and developed our hydra for the following
media tools:
mplayer (www.mplayerhq.org)
WinAMP (www.winamp.com)
Windows Media Player (www.microsoft.com)
xine (xine.sourceforge.net)
mpg123 (www.mpg123.de)
xmms (www.xmms.org)

After developing robust exploits for each, we presented this first part of
our research to the RIAA. They were pleased, and approved us to continue
to phase two of the project -- development of the mechanism by which the
infection will spread.

It took us about a month to develop the complex hydra, and another month to
bring it up to the standards of excellence that the RIAA demanded of us. In
the end, we submitted them what is perhaps the most sophisticated tool for
compromising millions of computers in moments.

Our system works by first infecting a single host. It then fingerprints a
connecting host on the p2p network via passive traffic analysis, and
determines what the best possible method of infection for that host would
be. Then, the proper search results are sent back to the "victim" (not the
hard-working artists who p2p technology rapes, and the RIAA protects). The
user will then (hopefully) download the infected media file off the RIAA
server, and later play it on their own machine.

When the player is exploited, a few things happen. First, all p2p-serving
software on the machine is infected, which will allow it to infect other
hosts on the p2p network. Next, all media on the machine is cataloged, and
the full list is sent back to the RIAA headquarters (through specially
crafted requests over the p2p networks), where it is added to their records
and stored until a later time, when it can be used as evidence in criminal
proceedings against those criminals who think it's OK to break the law.

Our software worked better than even we hoped, and current reports indicate
that nearly 95% of all p2p-participating hosts are now infected with the
software that we developed for the RIAA.

Things to keep in mind:
1) If you participate in illegal file-sharing networks, your
computer now belongs to the RIAA.
2) Your BlackIce Defender(tm) firewall will not help you.
3) Snort, RealSecure, Dragon, NFR, and all that other crap
cannot detect this attack, or this type of attack.
4) Don't fuck with the RIAA again, scriptkids.
5) We have our own private version of this hydra actively
infecting p2p users, and building one giant ddosnet.

Due to our NDA with the RIAA, we are unable to give out any other details
concerning the technology that we developed for them, or the details on any
of the bugs that are exploited in our hydra.

However, as a demonstration of how this system works, we're providing the
academic security community with a single example exploit, for a mpg123 bug
that was found independantly of our work for the RIAA, and is not covered
under our agreement with the establishment.

Affected Software:
mpg123 (pre0.59s)
http://www.mpg123.de

Problem Type:
Local && Remote

Vendor Notification Status:
The professional staff of GOBBLES Security believe that by releasing our
advisories without vendor notification of any sort is cute and humorous, so
this is also the first time the vendor has been made aware of this problem.
We hope that you're as amused with our maturity as we are. ;PpPppPpPpPPPpP

Exploit Available:
Yes, attached below.

Technical Description of Problem:
Read the source.

Credits:
Special thanks to stran9er@openwall.com for the ethnic-cleansing shellcode.

Re:Windows Clients/hosts?

[i.r.id10t (595143)]

If this is the case and they are distributing a binary based on GPL code from xmms/mpg123/etc. then don't they have to release the source as well?

Re:Windows Clients/hosts?

[taviso (566920)]

oh please, this comes from the same guy that bought you Hewlett Packard 48 Series Calculators advisory [attrition.org].

its funny, laugh.

Re:Windows Clients/hosts?

[ManUMan (571203)]

How does their software know what media is illeagal? If I have ripped my own collection of CD's so that I can listen to them when I want to using my PC, how does the RIAA know? Further, if I am not sharing those files, download a song just to listen to it then delete the file, why does the RIAA get to infect my PC with a virus? --JS

Re:Windows Clients/hosts?

[Geertn (526524)]

On bugtraq, this was mentioned by gobbles, who also did the Apache and OpenSSH exploit. The signed message verify at hushmail says it is signed correctly, so I guess it's the real Gobbles. The scary thing is, GOBBLES always mentions something really unrealistic, but suddenly he proves it...... like the apache and openssh exploits... scary

Re:Windows Clients/hosts?

[evilviper (135110)]

What are you talking about? The only thing ``unrealistic" about the Apache exploit was that the ``experts" didn't believe it was exploitable on 32-bit systems.

As for the OpenSSH bug... it was discovered by ISS, announced and fixed by the OpenBSD team, and then, a week later (or so), they released an exploit. All they did was make a diff of the two versions to find the security problem, then write a small script that exploits it... That's more tame than almost all other exploits, since they did not find it themselves, and did not have to do much work to exploit it, since it (the bug) was already explained in detail.

Re:Windows Clients/hosts?

[t0shstah (629986)]

Apparently the "hydra" uses exploits/overflows on a number of popular media players - including xmms, which is a Linux mp3 player and WinAMP, which is a Windows mp3 player. Therefore that would suggest it can infect multiple operating systems.

More details including the original post can be found here [securityfocus.com].

I still doubt the possible risk/effectiveness - or even that its true though.

Is the RIAA liable to hacking chages?

[mcbridematt (544099)]

I wonder, If the RIAA sends a worm through P2P networks and shut's the networks down, can the RIAA representatives be charged with hacking?. Besides, not all files on P2P networks are illegal.

Re:Is the RIAA liable to hacking chages?

[mpe (36238)]

The Berman Bill has not become law, and under the USA Patriot Act, Hacking can be considered terrorism.

Even if it was law it would only protect the RIAA if they only hacked machines in the US. Which wouldn't be easy to do. Imagine how silly the US government would look refusing an extradtion request for a "terrorist suspect" too.

That explains...

[by Anonymous Coward]

why all my porn has been changed to Hillary Rosen with a strap-on.

Re:That explains...(hold on a minute)

[gosand (234100)]

why all my porn has been changed to Hillary Rosen with a strap-on.

Wait a minute...
THAT'S NO STRAP-ON !

Creation of viree is a crime

[Max Romantschuk (132276)]

Well a worm is a form of a virus, and it is a crime to create one... One would presume that the RIIA would not be stupid enough to try and play a vigilante.

Re:Creation of viree is a crime

[hesiod (111176)]

Never use "RIAA" and "not [...] stupid enough" in the same sentence... It's bound to get you proved wrong.

Dunno about all that

[Etrigan_696 (192479)]

But there's definitely some sort of maliciousness out there. Grab a gnutella client and search for something - ANYTHING - and it'll likely show up as an mpeg of about 1.5MB. Typically it's one of three or four porn movies. Search for "Smoke Marijuana on the International Space Station" and you'll end up downloading a blonde chick dancing around in a red towel.

Re: Dunno about all that

[BabyDave (575083)]

That's malicious? I'd say it's pretty damn generous!

Oh, and this is vaguely relevant [penny-arcade.com]

The Register is wrong..

[dj28 (212815)]

The actual exploit was posted on buqtraaq yesterday. You can find it here. [securityfocus.com] That link has the original post from the group explaining what the exploit is, how the RIAA is supposedly involved, and it has the exploit as an attachment. Check it out and decide for yourself if it's a hoax.

Re:The Register is wrong..

[EricWright (16803)]

The scary thing behind what was posted to Bugtraq is that it explicitly states that all digital media on the system is cataloged, and the list is sent to the RIAA. This assumes all digital media on a system is an illegal copy.

Sure, if the worm comes into your system over a P2P network, there's a good chance that at least *some* of your mp3s are pirated, but there's no way to differentiate pirated mp3s and those you ripped/encoded from your own CD collection.

I could easily see someone downloading a public domain work via P2P network, getting infected, and having their 40GB mp3 (ripped/encoded from legally obtained sources) library listed to the RIAA "for future prosecution."

I love the whole guilty until proven innocent attitude here. Sounds like a bad "In Soviet Russia..." joke.

I Am Utterly Innocent but Possibly Infected

[FreeUser (11483)]

The scary thing behind what was posted to Bugtraq is that it explicitly states that all digital media on the system is cataloged, and the list is sent to the RIAA. This assumes all digital media on a system is an illegal copy.

Yes, it does. And it shows what criminal, despicable, disgusting excuses for human beings work for, or with, the RIAA.

Sure, if the worm comes into your system over a P2P network, there's a good chance that at least *some* of your mp3s are pirated, but there's no way to differentiate pirated mp3s and those you ripped/encoded from your own CD collection.

All of my mp3 and ogg files are ripped from my own rather large, but no longer growing CD and Vinyl collection (because now I do not buy CDs, ever, nor will I, ever again). All of my avi's are recorded from my own television, my own animations, or my own media, and are not traded, ever. Indeed, none of my stuff is traded, ever.

However, I did install gtk-gnutella in order to download the hiliarious fan fiction Star Trek episode "Savage Empire", because the web site distributing the files had been slashdoted. A perfectly legal download, for which, if this story is true, these unlawful thugs have infected my machine.

I have enough money, and the will, to persue a very harsh lawsuit against these fucks if this story has any veracity, and if I am infected, and I will not hesitate to do so.

"In Corporate Fascist America You and Your Data Belong to the Copyright and Media Cartels. Bend Over and Enjoy the Ride, Consumer."

Re:The Register is wrong..

[Hellkitten (574820)]

isn't it a no-no to put your legally ripped-from-cd tracks into your "share" directory for others to copy?

all digital media on the system is cataloged, and the list is sent to the RIAA.

So what exactly makes you think it'll only search your shared folder?

URL to the original BugTraq posting

[sboyko (537649)]

This is the original posting [securityfocus.com].

Reading the posting, it seems unlikely.

Link to Security Focus

[MImeKillEr (445828)]

This [securityfocus.com] article may have more info that the one linked in the article.

worm code

[macrophage (198249)]

Hey, I found a copy of the worm's code:

RIAA - 0wn3d by.... ;p
oooh riaa want's to hack Filesharing Users / Servers ? - better lern to secure your own server...
Sorry Admin - had to deactivate ur accounts - they'll be reactivated after 2 hours

greetz : Rage_X, BRAiNBUG, SyzL0rd, BSJ, PsychoD + all the others who want to stay anonymous :]
wanna contact ? mailto:h4x0r0815@mail.ru

Oh, wait, that was the RIAA's web page. Never mind!

Legally

[Hasie (316698)]

Where does this leave the RIAA legally? The bill mentioned in the article that would allow the RIAA and other copyright holders to crack computers to prevent piracy is not law yet. Does that mean that this would be regarded as just another worm with the authors being thrown in jail (like the authors of Love Bug and others)?

Nah.

[llamalicious (448215)]

I've got at least 7 mp3 downloads running right now and none of them appear to be infe($!$%. .AF0ERIAA.`/2#..-

Hoax

[evilviper (135110)]

I sincerely doubt that this is true for a number of reasons. First of all, if they were hired to write the software for RIAA, don't you thing secrecy would both, be part of the agreement, and be completely necessary?

In addition, I find it had to believe that all the antivirus companies are sitting on their collective asses, and completely missed an infection that is supposedly on 95% of computers that participate in P2P.

Further, if anyone was to do something such as this, they would most certainly get in serious trouble for, what is essentially a widespread, illegial, interstate, wiretap.

In addition, I'd just like to say that there is no reason to put much faith in Gobles... As Theo said, he's more or less the next ``fluffy bunny". If anyone can be said to have a severe ego problem, it is him...

Re:Hoax

[Zayin (91850)]

I sincerely doubt that this is true for a number of reasons. First of all, if they were hired to write the software for RIAA, don't you thing secrecy would both, be part of the agreement, and be completely necessary?

Have you considered the possibility that they were hired by the RIAA to *claim* that they wrote the software, to scare people away from p2p networks?

Re:Hoax

[Zigg (64962)]

Have you considered the possibility that they were hired by a group who wants to make the RIAA look more evil (or perhaps are acting on their own), and the RIAA actually has nothing to do with it?

not sure

[Tom (822)]

Forget the RIAA bashing, the Gobbles guys know what they do. That said, this is very un-gobbles from what I've seen from them in the past. Not the technology, but the comments in the source, for example. Then again, they're supposedly a large group.

From the little info that is available, I'd give them a 50-50 chance that it's true. That would be interesting.

If It's True...

[E-Rock-23 (470500)]

...then it's an illegal act, period. Unless the Berman Bill is retroactive to a date prior to this supposed worm launch, it occoured before the bill is ever passed, and is illegal no matter what.

This supposed worm disables functions of a computer. Therefore, it is malicious, as is anything that modifies system performance without the user's knowledge and consent.

If this is true (95% infection rate? Doubt it), then we have one heck of a piece of ammo to use against the RIAA, if indeed they contracted this worm. The Price Fixing settlement, in that case, is just the beginning.

Dubious Legality

[Mr Guy (547690)]

An exploit of this nature is of dubious legality

Dubious? How is there any doubt? Assuming this passes the farmer test (it's not just bullshit in a bag), how can there be doubts it's illegal. At best, it's invasion of privacy. At worst, it's cyber terrorism as defined by the Patriot Act.

The existance of a P2P client doesn't a criminal make, especially since the example given in the article by the l33t hacker is a perfectly legal file: the public MP3s (written to celebrate each OpenBSD release).

It's junk, like the quad-browser yesterday.

The biggest thing to fear is that the RIAA will use this to make up more numbers [guidance.net.nz].

Want to be secure? Use systrace...

[evilviper (135110)]

Currently, systrace is available for OpenBSD and NetBSD, but work is going on to make it available for Linux as well.

So, any program you have that opens untrusted content (xmms, mplayer, mozilla, etc) can be run with systrace, and you can selectively enable certain types of activity all the time... disallow certain activities allways, and be prompted for selective approval or denial of everything else.

Even though I believe this to be a hoax, it's certainly true that it could be done, and something like systrace is needed to guarantee a bug in a program you run can't be used to take over your system.

If the RIAA release such files...

[altgrr (593057)]

...they are breaching copyright law by distributing a copyrighted work, regardless of whether or not the exploit is included.

The suggestion that the RIAA might be releasing files with exploits in is worrying on several counts. Firstly, it is an invasion of privacy for such a worm to be reporting back to the RIAA. Secondly, the RIAA, in taking the law into its own hands, does not deserve a hearing based on any evidence it so collects. Thirdly, the RIAA incriminates itself by being the illegal distributor of copyrighted works. Fourthly, the second and third points are likely to be ignored by the law.

I'd certainly hope that this is a hoax - there is a far simpler way for the RIAA to get information on who's downloading files - put a bogus file out with a name conveniently misspelt, a few extra characters in or something in the ID3 tag. Do a search for this file, then View User's Other Files. Instantly, you have a list of what that person's sharing, you can download the file and get the IP address, find their ISP and deal with them. If that doesn't provide sufficient information to the RIAA in a non-incriminating way (you're agreeing to disclose the files you're sharing, right?), I don't know what does.

Typical RIAA stupidity?

[dmaxwell (43234)]

Assuming that the RIAA has created a p2p worm wouldn't it be the height of stupidity to announce it's existence? On the one hand they can generate some fear among p2p users and get a slight decrease in trading. On the other hand, if it really exists it is going to be found in very short order. If it's found by the wrong people (to them) then this is going to backfire in very short order. Once the details are known, I don't imagine it would be very hard to inject loads of spurious info into their violator database.

The SecurityFocus posting has lots of bragging about how network security tools won't find their exploit. I beg to differ. They aren't going to dodge tcpdump running on a machine that is a gateway for an infected machine. The way gnutella is supposed to work is known. To a trained eye, their "cleverly crafted" network requests are going to stick out like a sore thumb. In any case, just knowing a thing exists greatly simplifies finding it. We'll know in short order if they're hoaxing or not.

Bugtraq Source

[BadBlood (134525)]

So, has anyone downloaded the source example from bugtraq, compiled it, and seen what happens?

RIAA statistics

[Loonacy (459630)]

Only 10% of the computers were really infected. But they were FAST computers, so they count as 95%.

I'm pissed off

[Sandman1971 (516283)]

Ya know what pisses me off? If this is true, then users like myself have been illegitamately hit.

I have a copy of Metallica's Kill Em All on tape. My tape is pretty worn out. So I hit the Fastrack network to download the songs. Now under Canadian law, this is perfectly legal as I own an original copy of the album.

But now my PC is infected by a worm/trojan because a cartel ^H^H^H^H^H some 'company' believes that everyone who downloads MP3s are doing so illegally. Nice when a company thinks that everyone is a criminal. Congress really needs to wake up and start protecting the people again, and not mega corporations. And other countries need to shove back when the US tries to push it's own laws onto them.

Gobbles is a glory whore

[essdodson (466448)]

To anyone who's read their advisories in the past this comes as no surprise. Gobbles's sole motivator here is to draw attention. From their security advisories that sound as if they're written by a third grader, to their advisories posted in comic form on their highly deceptive website www.bugtraq.org [bugtraq.org] I've seen little from them that demands respect.

Besides, if they were working with RIAA, wouldn't the RIAA also have paid them a few bucks to secure their site? If they have, wow, bang up job so far.

People Lack Humor

[Col. Panic (90528)]

Gobbles is very tongue-in-cheek. Their posts, while they contain actual, working exploits, are meant to be funny. They deride or praise the list moderator, poke fun at script kiddies (shout outz duudz), and are generally pretty damn funny.

This is no different.

If you wanted to...

[Windcatcher (566458)]

force the makers of MP3 players to recheck their source code to ensure that such holes DON'T exist, this would be a way to do it. Publish an exploit, link it to all major players, invoke the RIAA demon, and watch the coders scramble. Right now:

- Coders are, I'm sure, crawling through their code to look for and fix any security holes,

- Users are running firewalls and packet analyzers to check for any worm-like behavior,

- Some P2P users are taking a second look at checksums.

If such vunerabilities exist, I'm sure they won't for much longer. If the Berman bill ever becomes law, there won't be much to hack.

Let's see, how many languages can I say "liar' in?

[ndnet (3243)]

Where to begin.... I'll only deconstruct the SecurityFocus message.

First, the fact that these programs have exploits is no surprise, but one media clip (probably MPEG (maybe MP3)), since while Windows Media Player and WinAMP offer universal playback, do ALL of them? Could one file even hit exploits in all these programs?

Second, since each is likely to have a different vulnerability, the amount of worm data in a file would be a decent chunk. Wouldn't it be noticed?

Third, an NDA would state that there can be no mention of it until it is ACTIVATED and USED. Now, Ad-aware-style programs will pop up to clean it if it exists.

Fourth, how many files would this have to be to get 95% of P2P users? The only way it could is by infecting every file you share, but SOMEBODY would have to notice that, whether the file size changes or some A/V data is thrown out.

Also, the idea of "specially formatted P2P requests" to inform RIAA is laughable. Even if the P2P software itself were compromised, a firewall user could notice it. Furthermore, consider the average media collection - hundreds of MP3s. Considering it would have to send artist name and song name, the amount of data would be well over 1MB unless compressed, and even then on dialup users it would have to be staggered.

Also, what kind of backend would this take? Multiple servers, a huge internet connection. Considering how big the P2P networks are, wouldn't this have to be a massive monitoring system? There aren't that many locations with these resources INSTALLED, so finding the facility would not be hard.

And why mention you have a IDENTICAL worm that you use to build a DDOS NET? Simple. Get those who don't care about privacy too much kicked up about that.

Finally, this sounds very strangely like RIAA-induced hypnosis - here are a few lines which show that they probably are lying and not even working with RIAA, just agree with RIAA's ideas.

"victim" (not the hard-working artists who p2p technology rapes, and the RIAA protects)

4) Don't fuck with the RIAA again, scriptkids.

Until we became RIAA contracters, the best they could do was to passively monitor traffic. Our contributions to the RIAA have given them the power to actively control the majority of hosts using these networks.

There are some spelling mistakes. There are factual holes that they cover with the claim of an NDA. In short, the probability of a hoax is about 98%.

Did anyone think P2P was good for security?

[melonman (608440)]

I don't pretend to know much about the gory details of how it works, but P2P has never struck me as the best way ever invented to ensure the integrity of your system.

Last week a client asked to bring his PC into the cybercafe to download some files using eDonkey. After a couple of days, my observations were that

• It was going to take him another month to get a whole video of anything (cf 90 minutes for a whole Redhat CD over the same connection)
• The only downloads that worked were XXX
• His software opened 200 connections through my firewall, compared with about 20 for the rest of the cybercafe (our machines are thin clients, he was on a different subnet)
• He was receiving from 100 or so different ports, some of which are also used by well-known worms and trojans

So I told him to take his eDonkey elsewhere... is there any way to know what you are really connected to with this sort of system?

Re:*cough* bullshit *cough*

[wackysootroom (243310)]

I agree. A healthy dose of scepticism is needed here. First of all, if the RIAA really *did* want to infect the p2p networks with a worm, they would make GOBBLES sign a non disclosure agreement.

Could this be FUD straight from the RIAA to scare people into not running p2p apps? Is it a rumor started by GOBBLES to create a stir against the RIAA, or is it legit?

Who cares? I'm gonna fire up my gnutella client and share open source software until the day that p2p is illegal.

Re:*cough* bullshit *cough*

[Verteiron (224042)]

This is amusing, actually. Tell me again how one puts a "virus-worm hybrid" into a non-executable file and have it infect mp3 players on multiple platforms? Oh, and do it so that none of the millions of people listening to MP3s notice? While maintaining compatibility with things like handheld players? Oh, and let's not forget the linux people running programs like Integrit, which would let them know if something had modified their mpg123.

Please, I can't even believe this got posted.

Re:*cough* bullshit *cough*

[Cally (10873)]

> Please, I can't even believe this got posted

I think it's interesting, and I'm glad it was posted, although my first reaction was the same as everyone else, BOLLOCKS! But as lots of other people, including the mighty Register have pointed out, Gobbles has a good record for making apparently silly claims, letting people scoff, then proving them wrong. I think the real story is "Gobbles makes outraegous claim, what the hell is he up to?"

Speculation: Theoretically, I guess it's possible that there's an overflow in a library widely used in mp3 players. Remember the SMTP vulnerabilities last year, or the zip library hole that affected everyone from RedHat to Microsoft? Heh, that's the trouble with those pesky BSD licensed libs ;) Suppose Gobbles did find a zero-day hole. Remember that 95% of p2p users are going to be Windows users, so they're probably all using the same OS libs in their clients - for network access, say, if not for mp3 playback. Bear in mind that this worm would be pretty silent - it wouldn't be throwing rude messages up on the screen, it'd be sneaking around and trying to hide itself... Suppose it was only released in the wild a week ago. Perhaps it used the Kazaa auto-updating features to distribute itself over the network . Hmmm, this is actually starting to sound feasible. Now, obviously if the RIAA hav done this, then they're in deep, deep trouble: even the copyright mafia and Bush junta would have a problem trying to make out that this is anything but deeply criminal action. Posit: Gobbles, or another ethically challenged researcher, decides to try to discredit the RIAA... what better way to do it? Can you imagine the 9o'clock TV news headlines if there turns out to be a whiff of fire behind the smoke?

Re:If you can't beat 'em

[RobotRunAmok (595286)]

Well, bad sentence construction usually indicates an American. Apparently, the US public education system is merely designed to instill a yearning for low quality cars, fast food and WWE into it's students - spelling, grammar, mathematics and any kind of art or culture seems to be off the menu

Hm. Interesting.

By the way, where are you from, son? If I was to judge you from your post, as you have seen fit to judge others, I'd say, hmmmmm, let's see... Arrogant... Cowardly... ridiculously placing foot in mouth by mis-using it's while criticizing another nation's school system...

France?