gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76630 Posts in 13452 Topics by 2079 Members - Latest Member: Texasstarpride July 29, 2021, 09:25:05 pm
*
gfx*gfx
gfx
WinMX World :: Forum  |  WinMX Help  |  Fake Files  |  Hello Macrovision
gfx
gfxgfx
 

Author Topic: Hello Macrovision  (Read 3293 times)

0 Members and 1 Guest are viewing this topic.

KM

  • Guest
Hello Macrovision
« on: May 19, 2006, 12:37:05 am »
I'll cut to the chase, give up... we're not going anywhere.

As a few people may have noticed there has been a little activity with the block list the last couple of days, well that's an understatement but anyway...

Macrovision are playing sneaky with us, It looks like they finally figured out how we are detecting them, and now have changed tactics - it's not working (I'll refer you to the block list again...) we have more than 1 way to detect you...

OK, and now everyone is confused, well here's the story:

As you know flooders have been connecting to the network, a single *nix system runs a custom made application that can make secondary connections to thousands of primary users, each one it connects to it it uploads a list of 3000 non-existant files to be shared, then the primary will flood those files out as search results.

We were simply doing a search for various flooded files, by looking at the IP Address of the secondary user that the files originated from we could clearly see many users with fake files from the same IP Address - IP Address gets added to the block list, that flooder is now unable to use winmxgroup patch users to flood the network (it can not only flood using primaries connected using hosts files - note even those running peer guardian are still being used to flood to a certain extent due to peer guardian only updating the list once a day)

That method worked well, they got to flood files, the primaries using the winmxgroup patch would keep the flooders off (thereby allowing enough free slots for legitimate secondary users to connect) everyone was happy (except a slight annoyance at having the fake search results) - we have been in that state of balance now for a while.

So, what has changed? They have started running flooders that are not flooding.

hu? how does that work? I hear you cry, well they figured out we were using the search results to locate them, so now they are still connecting to thousands of primaries, but not uploading the fake file lists (there are still plenty using the old system though so they still flood fake results)

They probably thought if they do that then they can fill up all of the secondary slots on every primary (as they won't be spotted, so won't be blocked) and then it would mean that as all primaries are full, legitimate users would be unable to connect.

A cunning plan, personally I would have done that a long time ago if i was them but I guess they are a little slow (well, nobody ever called them smart) however they did catch up in the end. One small flaw in their plan... we did spot you, and you can't avoid the blocklist... oh well, better luck next time? I think not

OK Macrovision, you may be slow but you do get there in the end, just one thing you seem to be missing - I would be able to do a great job of it if I were in your position, however lucky for the users, I'm not... I know exactly how I would do it, and therefore I know exactly how you will do it - and I am always one step ahead of you... want to call it quits yet? or do you really want to turn this in to a full fledged battle?

* KM gets down off of his soap box and gets back to watching more and more of macrovisions attackers getting added to the block list

Offline Valor

  • Forum Member
Re: Hello Macrovision
« Reply #1 on: May 19, 2006, 02:25:24 am »
This makes it more important than ever if you use a hosts file to connect to winmx, use peer guardian with winmxworld blocklist or use the winmxgroup patch whitch automatically blocks the bastards. Failure to do so is helping the RIAA bastards!!!!

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Hello Macrovision
« Reply #2 on: May 19, 2006, 08:14:15 am »
For those wishing to know a little more about the company that attacks the WPN take a look here.

http://www.macrovision.com/products/activereach_network/hawkeye/index.shtml

Their advertising for music and video solutions

http://www.macrovision.com/pdfs/Hawkeye_Music_Final.pdf

http://www.macrovision.com/pdfs/Hawkeye_Video_Final.pdf


The network Macrovision operate is called the Smokeblower Network and utilises a whole range of servers mostly operated by Globix Corporation, they often connect through normal ISP block allocations to try to hide themselves, try being the operative word.

Ok so now you know who the enemy is and how they attack us all, please make sure your blocking them from the network and help maximise the work of the anti flooding team who have been hard at work on your behalf for nearly a year, lets all do our part, cheers folks

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Hello Macrovision
« Reply #3 on: May 20, 2006, 11:50:12 am »
Hmm it looks like someone is awake at Slackrovision..lol


From this morning we have detected a change in the flooding pattern that was expected a while ago, we are still fully able to add the flooding  IPs to the blocklist with no effort at all, although some new users will possibly experience annoyances with there searches, the ball is in our court it seems.

Watch this space  :wink:

KM

  • Guest
Re: Hello Macrovision
« Reply #4 on: May 20, 2006, 01:38:27 pm »
i think it was their way of saying hello back? :-)

although i think they were also answering my question, guess they don't want to call it quits...

Offline SamSeeSam

  • Forum Member
  • The Sky will never Fall on our heads
Re: Hello Macrovision
« Reply #5 on: May 21, 2006, 06:07:21 pm »
I know it is a dumb question. But who exactly are macrovision? They are some way or the other related to the RIAA I presume.

"So, what has changed? They have started running flooders that are not flooding.

hu? how does that work? I hear you cry, well they figured out we were using the search results to locate them, so now they are still connecting to thousands of primaries, but not uploading the fake file lists (there are still plenty using the old system though so they still flood fake results)"

I couldn't make that part of your thread out. Could anyone elaborate please?

Thanks
Sam
Reconnect to winmx with the blocking patch :)
Patch link :
http://patch.winmxconex.com/

Spread the word now :)

Offline Me Here

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
  • We came, We Saw, We definitely Kicked Ass!
Re: Hello Macrovision
« Reply #6 on: May 21, 2006, 11:29:10 pm »
Macrovison is the maker of software that is designed to protect copyright holders interests.  The RIAA/MPAA employ them to do so on various p2p networks.  They have developed software that cause many problems for users on Networks such as this one, indiscriminately targeting users whether they are sharing legal files, chatting, and searching for free software or programs.  The files they upload and the manor in which they do it are designed to make it difficult to find real copies of copyrighted material on the network and make folks go to the stores and buy instead.  *Laughs uncontrollably*..

The side effect of such a strategy is connection problems for innocent users all over this network that use it for completely legitimate and legal purposes, using regular ISPs to carry out DDOS attacks on the primaries. 

In our defense we have developed our own strategies to protect the interests of the users of WinMX from such illegal attacks.  We can track their IP numbers they use to upload these thousands of files to the network with amazing accuracy and speed.  By using the WinMXGroup patch you are protecting not only yourself but the entire network, because without this protection this Macrovision software would take up all available secondary slots on primaries, leaving none for real users.  Cause most of the primaries on the network such major stability problems using WinMX software would be virtually impossible.

What has changed is they have began to use IP addresses to simply take up secondary slots, without uploading any of the normal fake files (or at least uploading them right away).  This could be a ploy to keep certain IP addresses from being detected by our team and placed on our blocklist.  It wont work, but if I were them I would have done the same.. *laughs evilly now*..

The theory is if they can avoid being placed on the block list they can take up secondary slots.. making the network 'unstable', and then also avoid detection of the IP address, as we have stated that in the past we used search results to detect the IPs.  This is not longer the sole detection method so there is not a lot they can do, as long as there are WinMx Group users blocking and pg2 users to a extent as well.

As Ghostship mentions also here, we are now seeing them use the Drive letters in file paths also for this same purpose I suppose, and as KM says its futile really.. we have them dead to rights if they join this network as a secondary with the intentions of causing damage.  Simple.


Offline Zénar

  • Forum Member
  • *****
    • ZenMX
Re: Hello Macrovision
« Reply #7 on: May 24, 2006, 09:49:22 pm »
Just to know, they also attacks Zion++ and ares or they just try to kill winmx?

Offline Me Here

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
  • We came, We Saw, We definitely Kicked Ass!
Re: Hello Macrovision
« Reply #8 on: May 24, 2006, 10:48:25 pm »
Its uncertain to me exactly which networks they operate on but i am sure they are on filetopia.  Its probable they are operating on most netwroks.


KM

  • Guest
Re: Hello Macrovision
« Reply #9 on: May 25, 2006, 02:10:05 am »
they have been confirmed to operate on a few other networks - and some people from those networks have shown some interest in our blocklist for that reason as we are the only ones maintaining a list like that, however they are typically using peer guardian which is too slow at updating for the dynamic addresses so our list isn't being used properly for other networks

my guess would be that they are probably attacking every p2p network they can find

Offline SamSeeSam

  • Forum Member
  • The Sky will never Fall on our heads
Re: Hello Macrovision
« Reply #10 on: May 25, 2006, 08:52:37 am »
"Macrovison is the maker of software that is designed to protect copyright holders interests"

Technicially, aren't they on the wrong side of the law. I mean you can't just go and attack a network and disrupt so many people who use winmx for good purposes for the sake of a few people who don't buy anything? Since when did they become the government to decide that they had to 'protect' the interests of the RIAA?
Reconnect to winmx with the blocking patch :)
Patch link :
http://patch.winmxconex.com/

Spread the word now :)

KM

  • Guest
Re: Hello Macrovision
« Reply #11 on: May 25, 2006, 11:07:03 am »
yes, but who is going to sue them for it? they don't directly effect single users, so all of the users combined would have to do it, and who would do it on their behalf? etc etc..

Offline Me Here

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
  • We came, We Saw, We definitely Kicked Ass!
Re: Hello Macrovision
« Reply #12 on: May 25, 2006, 11:28:36 am »
The United States gov decided that money makes laws long ago.. recently  they have decided that hell.. with enough money you dont really even need clear laws.. we can pretend to sue grandmothers, 12yo kids, and anyone else we can scare into sending money to a collection agency because we said so.. we dont need a law to back us up..

So why would these same ppl paying billions a year to congress and senate care about us.. they dont.. trust me they dont give a crap about ppl, artist nothing but money.

WinMX World :: Forum  |  WinMX Help  |  Fake Files  |  Hello Macrovision
 

gfxgfx
gfx
©2005-2021 WinMXWorld.com. All Rights Reserved.
SMF 2.0.18 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.033 seconds with 23 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!