Media Defender screw up

[..Ñøßߥ..]

http://slyck.com/forums/viewtopic.php?t=37857

MediaDefender-Defenders proudly presents 9 months worth of
internal MediaDefender emails

By releasing these emails we hope to secure the privacy and
personal integrity of all peer-to-peer users. The emails
contains information about the various tactics and technical
solutions for tracking p2p users, and disrupt p2p services.

A special thanks to Jay Maris, for circumventing there entire
email-security by forwarding all your emails to your gmail
account, and using the really highly secure password: blahbob


So here it is, we hope this is enough to create a viable
defense to the tactics used by these companies, also there
should be enough fuel to keep the p2p bloggers busy for
quite some time.

All i can say it, lmfao.

[rav1960]

From: Neil Saxby
Sent: Thursday, August 16, 2007 7:44 AM
To: Rick Moreno; Ivan Kwok; Octavio Herrera; qa
Subject: RE: P2P Monitoring Reslts - MediaDefender - July & August 2007 EMI

 

Just spoke to Steff and assured him that we are looking to ramp up our effectiveness on all networks.

 

Major concerns for them are:

 

1.       ed2K (eMule)

2.       WinMX

3.       SoulSeek

 

I know there are some issue with SoulSeek atm and that these are being ironed out so hopefully this shouldn’t be an issue when the next results come in.

 

I can ask them for eMule .mets if you think they would be useful at this stage, but keep in mind that there will be several of these as they are testing across multiple territories.

 

We discussed the issues with singles and Steff has suggested adjusting their spoofing request sheet to include likely singles (as opposed to first single).  Do you think this would be helpful?  The issue for them is that they often start protection before any singles have been discussed…  The anti-piracy department do not currently have the resources to revisit projects and alert us of singles that are on the album.  It is dangerous to discuss the fact that adding extra protection to singles makes us more effective as EMI expect the same level of protection to be applied to all tracks (regardless of the fact that the majority of users are only looking for the single).  Rick is now going to send Steff details of all active projects on a weekly basis.  I will endeavor to verify this list on a weekly basis and let Rick know about any singles I can identify.

 

If you have any other thoughts/questions please let me know and I’ll follow up with EMI.

 

Cheers,

Neil 
.........................................................................

look they have winmx in there how interesting, and one else looking at the emails?

[..Ñøßߥ..]

I haven't had a chance to read them yet, but WOW is all  can say, im sure there are some more gems in there also.

[Lagerlout666]

[Hi Randy, after some internal discussion, here’s our preliminary list.

1) Intermittent glitching ("mech, intermit")  done in a way that's more random sounding vs periodic.
2) Bit-resample,  such that there is audible artifacting (sounds like a bad mp3  encode).
3) shifting channels (sounds like a speaker cut out).  Again, the goal should be to sound somewhat random.
4) Laugh-track, at a  respectable volume level.
5) Saw-tooth volume, so long as the volume goes to (or close to) zero, so that the track can't be fixed by an inverse saw  increase.
6) Beep, at a high volume

In the future, you might do experiments with static noise overlays (sounds like faulty recording equipment), voice over (public  domain audio), and overlapping songs.

You probably don’t want to apply any effect for the first 30-60 seconds, so the user thinks they got a good track.  We should take some care  to ensure that when there is intermittent effects they happen in the same places so that it's not possible to take the good portions of one version and splice them with the good portions of another version to get a complete (and perfect) third version.

Best,

-c

lol, thanks for telling us ya tricks ya wasters, shame not much said about winmx so far, ya all must well know you are screwed here lol,

[Me Here]

Well I have been doing some reading of comments made on this on other sites and found some very interesting comments in these posts..

One of the most interesting to me was the results of tests that some of the cartels run on their own content, no doubt to keep tabs on the service they get for their dollar.. lol

The only WinMX results I was able to find seem to have the MediaDefender workers baffled..

Infact they go on about FOX's methodology for testing and even put ppl in charge of making sure they are using the correct methodology to test.. Which I can only assume means Fox was using a fake filtering WinMX to test and MediaDefender want them to use 'their' recommended methods which include using Pie instead of the DLL to search (see last quote)

From: Octavio Herrera
Sent: Monday, July 02, 2007 10:59 AM
To: qa.Subject: What does thismean?
http://www.slyck.com/story1517_WinMX_Group_Goes_Offline
Thanks,
Octavio Herrera.

---------Reply-----------
For us, it doesn't mean too much. We cover the "more popular" version of.WinMX, which is the MXPie patch. This change only affects the patch by the WinMX Group. The MXPie version is still alive and we're still hitting on it.
-TH

Reference to June Tests:

June 2007
Very unusual results for WinMX.  Let me know what is going on there.  Is it a regional issue?
R

---------Internal Discussion-----------

14 Jun 2007
Currently, WinMX's resources are very limited. It's running on top of  .other services. I can convert some of the FastTrack ones to WinMX if  .it's not good enough...-Ivan.

On Jun 13, 2007, at 8:59 AM, Ben Grodsky wrote:
 Ivan,
Are there enough resources to WinMX, if we turn on another 80 projects? If not, what kind of resource shift would need to take place for this?  Thanks, Ben.

--------Reply---------

14 Jun 2007
Currently, WinMX's resources are very limited. It's running on top of other services. I can convert some of the FastTrack ones to WinMX if it's not good enough.
-Ivan.

First week in Aug Test results:

Results Summary..1st week in aug.
28 Weeks Later (France)..
DirectConnect - 1 real out of 25 attempts..
Shareaza - 4 real out of 25 attempts..
WinMX - 15 real out of 25 attempts..
BT, eD2k, Gnutella - 100% effective..

The Simpsons (France)..
BitTorrent - 7 real out of 50 attempts..
DirectConnect - 1 real out of 25 attempts..
Shareaza  -  4 real out of 25 attempts..
WinMX - 18 real out of 25 attempts....

----Reply to UMI asking about said results----
...We had two bad fails on. WinMX because the services weren't turned on for these networks....

Thats a load of crap they are telling UMI, they did indeed have services running on WinMX ...LOL

Second Week Of Aug Test Results: (didnt find actual number for this week test but here are the comments about them)

2nd week of testing in August
Hi Ty and Ivan:
Do the Ares and WinMX results make sense for this week?  I am complaining about Gnutella results and was wondering if we had outages in the other systems of if there is more I should complain about.
R.

-----Reply------
Actually, for the two fails on Gnutella, those two tracks were not marked as singles.
For WinMX, there were no outages on our end. We'll need QA to verify.that.
-Ivan.

Unknown Week of Testing seems to match first week but this is definatly not that weeks tests:

The latest batch of results contains the results for DC, FT, Shareaza.and WinMX. 
Like the France tests, we had the two fails on WinMX because services were not turned on.  The 7 real files that came in for "Prison.Break" on Shareaza were unexpected as we were 100% effective in our internal testing.  We'll run additional tests on Shareaza to make sure we're hitting properly.
Results Summary

Pathfinder
DirectConnect - 3 real out of 25 attempts.
100% effective on FT, Shareaza, WinMX

Prison Break
Shareaza - 7 real out of 25 attempts
WinMX - 18 real out of 25 attempts.
100% effective on DC, FT

The Simpsons Movie
DirectConnect - 3 real out of 25 attempts.
Shareaza - 1 real out of 25 attempts.
WinMX - 10 real out of 25 attempts.
100% effective FT..

Team,  please see the attached results.  Let's make sure all emi projects are set up correctly.  I am seeing way too many fails on gnutella. 
Also, are we even up on winmx?
Attached is the agreed methodology. 
They are testing themselves (not using audible or bay).  Neil will take the lead on getting info from Steff regarding clients used, .met files, etc...
Thanks,
O.


August 21, 2007 2:27 PM.To: Rick Moreno.
Cc: Ivan Kwok; qateam; Jay Mairs.Subject:
Re: Fox project count
Rick,
I just talked to Ivan and there should be adequate resources for turning these on. Please turn on WinMX for these 146 projects.
QA- please keep an eye on WinMX and let us know if you see any.effectiveness issues tomorrow and Thursday.
Thanks,
Ben.


There are 146 projects in FOX under four labels.
FOX - 47..FOX PREMIER - 6..FOX TV - 31..FOX Extra Protection  - 62 these are mostly foreign titles.
Thank you,
Rick Moreno.

RE: Turn on WinMX.
I added winMX to Amy Winehouse, James Morrison, and the following 4 projects that had high requests, MIKA-LIFE IN CARTOON MOTION-2006-12-19, KAISER CHIEFS-YOURS TRULY ANGRY MOB-2006-12-19, TAKE THAT-PATIENCE-2006-10-10, BIAGIO ANTONACCI-VICKY LOVE-2007-03-15.
Please review and close.

There are tons of fun bits to read here, this has effectively shut them completely down as of this moment and since last night their servers are NOT running on the WinMX network and I can only assume the same is true any where else.  This has caused major security issues for them as many logins, passwords, IPs, domainnames, cell phones, addresses, Industry personal information and much much more has been revealed in this mess.  Macrovision is still in operation btw on WinMX and I do expect MediaDefender to either re appear shortly regrouped or their clients to move back to Macrovision and this would increase their presence.. we are watching this closely for you.

I have to say these previous remarks and quotes just tickle me pink, confirming what I already knew.. Using WinMX with the Dll patch is the most effective way there is to avoid fake files.. getting the best results of any p2p system they or the Industry tested across the board.


Happy WinMXing ...

[Lagerlout666]

best news ive heard in a long while. you have had more time to read threw that than me lol, shame someone doesnt email them exposing the lie they told about their effectivness on winmx, telling them to use a defective patch that makes them look better is a damn dirty drick to keep the coffers up, infact i have the email addy, i may do it myself lol

[GhostShip]

Hmm regardless of certain peoples claims it seems the industry watchdogs have spoken and affirmed that winmx is one of the best places to get real files and if you use the correct patch, zero fake files as Fox seems to have noticed, perhaps mediadefender should hire some monkeys, at least they might do a better job than the current team who seem to have no clue why anything is happening let alone be able to do anything about it 


Anyway folks, although KM is currently being the worlds biggest annoyance I think we should all give the guy a big hand for doing an excellent job in creating what has been an durable and lasting solution against companies like this attempting to damage the network for their own ulturistic purposes, also could I thank current and former members of the winmx blocklist team for ensuring the protection provided by the dll was always up to date and effective, my thanks, and those of the users are to you unsung folks who served the community with no though of gain or fame.

Thanks blocklist team, winmx users salute you 

[MinersLantern]

not to want to complain or anything about filtering or not but...
I see no fake files, nor can macrovirgin, etc connect.
Maybe cause I dont search for silly terms like 'free' or 'viagra'  or 'and' lol
Router and iptables take care of undesired connections way faster than can any patch.
Still is as it always has been, once the little light goes green, it makes no difference what patch or cache you are using winmx goes wild from that point on. Except for the filtering of fakes which are easier to filter by simply not searching for them.
I shall now prepare for flameage.

[MinersLantern]

or searching for weirdness like whoever/whatever 'MIKA-LIFE IN CARTOON MOTION-2006-12-19, KAISER CHIEFS-YOURS TRULY ANGRY MOB-2006-12-19, TAKE THAT-PATIENCE-2006-10-10, BIAGIO ANTONACCI-VICKY LOVE-2007-03-15.' is  lmao

[GhostShip]

Lantern can I ask you not to post potentially copyrighted titles here.

There is no need to flame you as its clear you have no understanding of how winmx works, you can rectify this by visiting these pages.

https://www.winmxworld.com/tutorials/wpn.html

And this one to explain how the flooding operates in a scattergun fashoin regardless of search term.

https://www.winmxworld.com/tutorials/fake_file_info.html

[..Ñøßߥ..]

For those not wish to DL all the emails, you can veiw them all laid out nicely here:   http://www.mediadefender-defenders.com/


Enjoy!

[Scyre]

I am happy to know that no matter how devious they get, there will always be a time when "everything comes out in the wash"

I hope this serves as a wake up call to the media cartel and they see that they can only abuse the citizens for so long before they get caught.

As for the claims that they are gonna go to the FBI with everything, that is laughable. What are they gonna say?

"Someone is passing around proof that we are illegally performing massive DDOS attacks on every network we can think of, and we want the genie put back in the bottle please"

LMFAO!

Best Regards, and Be Good!
Scyre

[7]

:waves:

Woot!  Been busy recently so only just caught onto this... should make for some interesting reading.

About 'DDoS', the http://www.mediadefender-defenders.com/ address appears to be suggesting they have evidence of MD involvement in attempting to force their site offline (if I'm reading it correctly);

Code: [Select]

Update:
We just confirmed that 54 known (and 1020 out of 1257 IPs hit by subnet) MediaDefender IP addresses
participated in the DDoSing yesterday (18th). Shame on you! :P

You can also stop by on IRC: #MediaDefender-Defenders @ EFnet
Apologies if this is old news to you lot, I've not looked around for other related threads yet. 

[Lagerlout666]

i like the reply to the c&d order. damn that is one way to say kiss my arse roflmao

[Cobra]

I take a break from this site (the only place that I get P2P news from with the exception of an occasional Google find) and look what I miss!

Not even taking inot consideration who they are or what they do, that leak is rediculously massive! My IP would shut down out of shame if that much information about its users had been accidentally leaked out.

[Me Here]

I agree Cobra,

in all honesty I cant see them recovering from this scale of information being spread.  Frankly I don't feel sorry for them in the least, after reading through the good bits and seeing how they lie to their customers about what is actually happening in the world of p2p and are turning to attacking the servers of Piratebay and possibly the Slyck site, I have even less respect for them. 

Basically all servers IPs are compromised which would be a huge financial struggle I would imagine to purchase new contracts on new ones let alone buy out any remaining contracts left on the old ones.  That alone could easily do them in, that coupled with the lack of trust that any one would have for them, I wouldn't hire them now, would you?   LOL

I think they'll try hard to negotiate deals for a buy out, its about the only option they have now that is feasible really.  And even that is shaky with the software being readily available to anyone that really wants to take over.. LOL

I think we'll see an increase here and on other p2ps of Macrovision presence and things for us will go on as they have.. they flood we block...

the climate does seem ripe lately to gather up files.. LOL

[Cobra]

LOL *watches the blocker triple in size with the addition of this flood of server-IP information*

Is MD on the stock market? I would be interested in seeing the plummet of it over the past few days!

[James420]

Well, if these IP's are added to the block list. That'd kinda make no sense.

MD knows that all of that stuff has been made public, not even they are stupid enough to do any kind of attack from behind them now. Besides, they've kinda crumbled having lost everything. Even their own source code to the stuff they make to flood networks.

I believe they'll just eventually join up with a different flooding company, and then come back and try to get revenge for what happened to them. No one on the net has been made a laughing stock like that in...forever.

[ñòóKýçrÕôK]

Re: screen shot directory

--------------------------------------------------------------------------------

To: "Dylan Douglas" <dylan@mediadefender.com>
Subject: Re: screen shot directory
From: Ivan Kwok <ivan@mediadefender.com>
Date: Wed, 13 Jun 2007 17:14:46 -0700
Cc: "Ben Ebert" <ben@mediadefender.com>, "Colin Keller" <ckeller@mediadefender.com>, "Gerald Rode" <gerald@mediadefender.com>, "Jay Mairs" <jay@mediadefender.com>, "Nainesh Solanki" <nsolanki@mediadefender.com>, "Sergio Alvarez" <sergio@mediadefender.com>, <stefan@thezonie.org>, "Ty Heath" <heath@mediadefender.com>
Delivered-to: mdjaym@gmail.com
In-reply-to: <F55A72EF782B43428EBF605551914B20A39D89@mdexch01.mediadefender.com>
References: <F55A72EF782B43428EBF605551914B20A39D89@mdexch01.mediadefender.com>

--------------------------------------------------------------------------------
Ok, it's working now.
Gerald, why did you comment out the web server setting "AllowOverride All"? My url rewriting stuff needed that option enabled. Anyhow, I re-enabled that setting for the screenshot directory only now.


-Ivan

On Jun 13, 2007, at 4:06 PM, Dylan Douglas wrote:


Oh, so does the embedding crap work then?  Or was that just a test?   Cause if it doesn't we might want to figure out what we need to do.

--------------------------------------------------------------------------------
From: Ivan Kwok
Sent: Wednesday, June 13, 2007 3:54 PM
To: Dylan Douglas
Cc: Ben Ebert; Colin Keller; Gerald Rode; Jay Mairs; Nainesh Solanki; Sergio Alvarez; stefan@thezonie.org; Ty Heath
Subject: Re: screen shot directory


I don't store any actual screenshot files on the server. I just store all of them in the database.

-Ivan

On Jun 13, 2007, at 2:47 PM, Dylan Douglas wrote:


Ivan,
 
Can you check that you are still writing to the screenshot directory?  Colin was trying out the embedded link stuff for MySpace and several files didn't have screenshots.
 
I don't think I moved it when I was rearranging the site.  But, if I did, please change your code.
 -D
 -----
Dylan Douglas
MediaDefender

Not sure what's goin on there but it would appear at a glance that they are scopin peep's MySpace accounts. I try to tell people MySpace is da debil's work!

[ñòóKýçrÕôK]

New Staff Reply - [PM !BGK-216259]: FW: Magpic reports - new material for pirates.

--------------------------------------------------------------------------------

To: jay@mediadefender.com
Subject: New Staff Reply - [PM !BGK-216259]: FW: Magpic reports - new material for pirates.
From: "Ben Grodsky" <projecttickets@mediadefender.com>
Date: Wed, 13 Jun 2007 14:48:55 -0700
Delivered-to: mdjaym@gmail.com
Reply-to: projecttickets@mediadefender.com

--------------------------------------------------------------------------------
New Staff Reply: FW: Magpic reports - new material for pirates.

Jonathan,

Yes we changed the redirect on our webserver from the monster website to this "do you have the crazy" link.

Herden, Pedro, Gerald, Rendy, Niles, and Mark - for any decoys you post for "The Host," please use this special MOV decoy that Bo and Hrach prepared (\\mdfile01\public\Leaks).

Thanks,
Ben

Ticket DetailsTicket ID: BGK-216259
Department: BitTorrent
Priority: Low
Status: Open
Link:Click Here
 

Games afoot maybe?