For many years folks I have wondered why those who call themselves MxPie.info have continued to aid the media Cartel in attacking WinMX and its users and exposing all users privacy to the RIAA and its lackeys, the answer simply seems to be because one person was able to convince the others that he knew what he was talking about, that person was Sabre and so now's a good as time as ever to deal with how he mislead the rest of his team, many of whom have already left WinMX.
I looked over this thread to get a brief idea of his views and they
seemed relevant until you take a closer look at the facts.
https://forum.gemini777.net/pie-team-informational-meeting-on-blocking-filtering-t621.htmlFor the sake of simplicity I will scan through the questions asked by the rest of the team and answers given by Sabre, lets see if we can spot the misleading activity and highlight the truth.
[20:19:57] <Sabre'> Sure, what the RIAA is doing to the wpn network is a pain in the ***.
[20:20:11] <Sabre'> Is it legal for them to do so? Probably.
[20:20:27] <Sabre'> Is it legal for you, as individuals, to filter them. Probably
So that's Sabres take on the matter of WinMx attackers, whats wrong with what he said ? Firstly it is a criminal offence in most countries to orchestrate a "distributed denial of service" attack aimed at a user of a computer network, so its more than a pain in the rear its a criminal action, here's what the wikipedia states:
http://en.wikipedia.org/wiki/Denial-of-service_attackA denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the concerted efforts of a person or people to prevent an Internet site or service from functioning efficiently or at all, temporarily or indefinitely. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers. The term is generally used with regards to computer networks, but is not limited to this field, for example, it is also used in reference to CPU resource management. [1]
One common method of attack involves saturating the target (victim) machine with external communications requests, such that it cannot respond to legitimate traffic, or responds so slowly as to be rendered effectively unavailable. In general terms, DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
Denial-of-service attacks are considered violations of the IAB's Internet proper use policy, and also violate the acceptable use policies of virtually all Internet Service Providers. They also commonly constitute violations of the laws of individual nations.[2]
His next remark states casually that you have the right to filter or prevent access to your own machine and its resources from outside entities, this of course is your right under law, you haven't after all entered into any binding contract with anyone and thus there is no right in law to use your resources, so lets replace "probably" with "definitely", there are no laws on the statute books that allow anyone access to your machine with the exception of employed law enforcement personnel and in most cases such access will require a court order.
Lets move swiftly on.
[20:21:15] <(¯`·.¸Unique¸.·´¯)> Q #1 from me: What is the general difference in "blocking" vs. "filtering" content and/or computers/ip's. Perhaps ok to get the words and their meaning straighten out from the beginning. If there may be a difference in legal terms.
[20:21:37] <Sabre'> for the purpose of this discussion filtering and blocking are the same.
A sensible question is asked and quickly derailed, lets look into the real answer, what is the difference ? I answered this question some time ago but its unlikely anyone at pie info took the time to read this.
https://www.winmxworld.com/tutorials/fake_file_info.htmlWhats the difference between blocking and filtering ?
Blocking is the process of denying the use of your machine or its resources from unauthorised access,
in simple terms this is to not allow the flooders to join you as a secondary and flood the WPN.
Filtering is to place a device or software program in between the normal activity stream and use it to only allow or disallow certain activity to pass further on to the original process,
once again in simple terms this is being used here to describe the action of rejecting traffic originating from flooders who have joined the network via unprotected host files.
A stark reality here is that nearly all flooding comes via host file users and those that do use PG2 are still open to receive the flooded results from others who have no protection at all.
It is unfortunately still the case that
all flooding across the network comes via primary connected host file users who are not using any blocking
solution to prevent the infiltration of network attackers at secondary level.
[20:22:13] <Sabre'> So you might ask why didnt front code just implement filtering and be done with it?
[20:22:41] <Sabre'> Legally that becomes a grey area at best. Your now possible violating the RIAA's first amendment rights.
[20:23:19] <Sabre'> I still cant find anything that shows the RIAA's actions here to be illegal.
It is perhaps easiest to state that if you don't look then its unlikely you will find anything illegal. One has to ask does a non-profit organisation (RIAA) have first amendment rights at all let alone a right that trumps personal property rights, that is the question that is being posed here does anyone have the right to force you to listen to them ? I,m not aware of any such right and using the "law of common sense" I don't believe any such right exists globally, sure folks can speak but again we have not entered into any contract with the speaker and thus our rights to ignore them remain intact.
20:24:05] <Jim.at.work.> not even interfering with innocent peoples connections?
[20:24:14] <Sabre'> Innocent?
[20:24:32] <Jim.at.work.> people not trading copyrighted materials
[20:25:27] <Sabre'> In what way are hte interfering with your connection?
[20:25:52] <Jim.at.work.> by flooding it
[20:26:49] <Sabre'> The area of them connecting to a persons computer that is open for access by all makes your claim of disruption grey
Once again the answers to Jims question is found here,
https://www.winmxworld.com/tutorials/fake_file_info.htmlWhat is the problem with companies flooding the WPN to protect copyright?
The main complaint against these companies ( besides stealing bandwidth ) is that if a user types in a search term that is in the uploaded fake files lists, all of the Primary Nodes that contain the fake listing will reply with the fake data and on a large network such as the WPN this can currently average at between 5000 -15,000 results.
This massive amount of traffic in such a short space of time effectively removes the user initiating the search from the network, if this was a Primary user it would be near certain all of the Secondaries being supported would disconnect causing some to fall from chatrooms and lose ongoing transfers,
it's also highly likely if this user was also hosting a chatroom all of the users in the chatroom would fall/drop out
This then is the legal basis for a claim of DDos as outlined above, the flooders are committing an illegal attack and thus protecting yourself from criminals is not illegal anywhere in the world to my knowledge, it is all simply black and white.
[20:28:37] <Sabre'> Other legal issues about blocking/filtering go to some cases where the very fact that I believe it was Napster was ordered to either filter the copyright material or stop.
[20:29:07] <Sabre'> So would it be possible for winmxgroups own software to be turned against us all?
[20:29:12] <Sabre'> Certainly
[20:29:31] <Sabre'> Both from a legal standpoint, and a practical standpoint that -could- occur.
Whats been missed by most of those listening to Sabre here is that when Sabre asserts these legal case histories and the law it applies
only in the US and not from where WinMxGroup was located in another countrys jurisdiction and thus his already fragile premise of legal liability is demolished completely.
As we all know winmxgroup no longer exists but has been replaced by a more democratic and distributed architechture so that those offering network support resources are able to do so without taking sides or bothering with politics, there is no longer a single peer cache domain, there are now 4 and not all located in the same global regions thus redundancy exists for those wishing to connect. Connecting is of course not illegal and Sabre himself makes this clear later on in his rhetoric and for once I agree with him, its not illegal to connect to a filesharing network.
For those wishing to read how the current connection architecture is more flexible and preferable to a simple fixed IP system take a peek here.
https://www.winmxworld.com/tutorials/patch-operations.htmlLets continue along here and look at how very intelligent questions are emerging and unfortunately being deflected once again by Sabre who either obscures or deflects the topic, it must be pointed out here that no members of the winmxgroup or wimxworld technical teams where invited or informed about this debate and thus no view counter to Sabres is made, instead the pie info team are forced to rely on what he says with no way of checking any of his assertions for themselves.
20:32:00] <Gemini777_> from napster case: Page: Respectfully, in Napster, it came from the fact that Napster had failed to exercise control it currently had. And the Ninth Circuit's order in Napster, this court's order said that that obligation is cabined by the existing architecture of the system.
[20:32:48] <Sabre'> That comes from the primise that if you are capable of stopping illegal activites you are obligated to do so.
[20:32:56] <(¯`·.¸Unique¸.·´¯)> ...will there be a legal difference in whats actually being filtered? Filter files by name or filter clients/users by amount of queries within a time frame?
[20:33:18] <Ñî¢ôlè> so then, the question is, are we capable of determining the content of files shared?
[20:33:19] <Sabre'> No unique, law cares little about technique
[20:33:44] <Sabre'> thats not the only question nicole
[20:33:56] <(0)-(Beertje_Colargol)-(NL)> If I understand correct; pri collection facilitates searches - correct ?
[20:34:07] <(0)-(Beertje_Colargol)-(NL)> after connecting a peer is not used
[20:34:13] <(0)-(Beertje_Colargol)-(NL)> so how can it filter ?
[20:34:29] <Sabre'> It can filter/block the data coming to it Beertje. The current dll does that.
[20:34:44] <Sabre'> It simple filters search results coming from the IP addys on the block list.
[20:34:46] <(0)-(Beertje_Colargol)-(NL)> the data being specific ips are blocked ?
[20:34:57] <(0)-(Beertje_Colargol)-(NL)> (that ry to connect to mx)
[20:35:02] <Sabre'> And data from those IP's is dropped as well.
[20:35:13] <^Kasey^> ok sabre on that note
[20:35:15] <Sabre'> This is not a technical discussion about how the dll works.
[20:35:16] <^Kasey^> i block ip
[20:35:20] <(0)-(Beertje_Colargol)-(NL)> the pri swarm responds to that - o
[20:35:27] <^Kasey^> i block ip's in my firewall that are flooding me
[20:35:30] <^Kasey^> or portscanning
[20:35:30] <Ñî¢ôlè> IF we're capable of distiguishing file content, and IF we can block fake files, then RIAA can and will come after us for not blocking legitmate files
[20:35:35] <^Kasey^> isn't that filtering?
[20:36:29] <Sabre'> And you do have a legal right to do that as an indidual Kasey
[20:36:41] <(0)-(Beertje_Colargol)-(NL)> Just trying to get what can / canot be done so I can try to campain againt dll better; in all dutch room km people keep popping up confusing the prople urently on pie
[20:36:47] <^Kasey^> is it legal for me to use pg2 then?
[20:37:16] <Sabre'> Grey area Kasey
[20:37:32] <Sabre'> like I said the legal side of this is very muddy at best.
[20:38:00] <Ñî¢ôlè> if it's illegal, then regular pop up blockers are illegal also
[20:38:00] <¤/¥\~\/~]Ф-צ×(¯°¤§h¥Kïtt¥¤°¯)צ×> i would think that it depends on which Country you are from also
[20:38:07] <^Kasey^> then why is PIE so adamant about legal issues? if we're not sure of the anwers?
I have to say at this point that Kasey seems to stand out alone in asking where are the "emperors clothes", well done Kasey
Napster as Gemini reference operated a "centralised" network which meant that all traffic between participants passed across Napsters central server and thus they had full control of their users activities and for this reason a judge decided that as this was the case they should take some steps to halt such activity. WinMX of course is based on a hybrid "decentralised" network model that means that there is no central point of control, no single user has any idea what any other users is doing except when they actively interact, thus such case law has no place in this discussion as its of little relevance.
What could be a point of legal liability is if the operator of such a network profited from and aided and encouraged folks to share copyrighted files, a case history (Grokster Case) does exist for this scenario in the US but only applies when the aforementioned activity has (or is) been taking place and of course aside from the fact that we here don't operate the network (you the users keep it alive !) there are no advertisements on this site nor was there any on winmxgroup, we have never told folks to share copyrighted content and thus the case has no bearing on us or any other WinMX support site, why its often brought up is to spread fear and alarm to those who have not taken the time to read the full judgements and facts in each case.
One persistent claim often made by Pie info is that if you can filter internet IP's you can filter or disrupt filesharing activity and this makes you liable for such activity, this of course is not the case and one look at the WinMX network protocol shows this to be a flawed and erroneous claim, as outlined here (again), look at the" Xnetstat" screenshot image for an idea of why they stand out so simply and can be located using a simple TCP viewer.
https://www.winmxworld.com/tutorials/fake_file_info.htmlIts pretty simple to spot network attackers who attempt to connect from multiple IPs within a range as being up to no good and no one need have any idea what they are claiming to be sharing. An overview of how file sharers interact is found below and once again there is no single point or method of control that exists to halt filesharing whether it be users own or infringing material. Look at image 9 for a visual overview of why any claims of central intervention are impossible.
http://mxcentral.winmxworld.com/index2.htmlLets get back to some more of the claims made by Sabre ..
[21:02:54] <Kayleigh> they say on that thread dll does not filter content but only filters fake ips from connecting to their peer caches ... they say that is not illegal.... is that true?
[21:02:56] <¤/¥\~\/~]Ф-צ×(¯°¤§h¥Kïtt¥¤°¯)צ×> i dont know about that wording
[21:03:06] <¤/¥\~\/~]Ф-צ×(¯°¤§h¥Kïtt¥¤°¯)צ×> can be worded diff and produce same effect i think @ kasey
[21:03:11] <Sabre'> Technically thats not what it does.
[21:03:19] <^Kasey^> i was asking sabre...
[21:03:24] <¤/¥\~\/~]Ф-צ×(¯°¤§h¥Kïtt¥¤°¯)צ×> my bad
[21:03:39] <Kayleigh> what makes filtering illegal in dll then?
[21:03:54] <Sabre'> It filters connection and data from ip addresses on a list maintained by KM/Me Here.
[21:04:03] <Sabre'> It does this filtering on your computer.
[21:04:22] <Sabre'> Kayleigh did I say it was illegal?
[21:04:30] <Kayleigh> no
[21:04:34] <Kayleigh> but I want to know
[21:04:38] <Sabre'> I said it was a grey area at best, and could be used to take legal action.
As you can clearly read Sabre admits finally that its not illegal to block folks from your own computer, this is in contradiction to what he has already stated above.
He also kindly reinforces our position by confirming that individual files are not in fact filtered but simply that IPs are Blocked, IP's that are used to mount attacks on the networks users, thus the law is once again black and white, there is no grey in this. He is right in that legal action could be taken, users who are attacked by commercial organisations in a ddos fashion should report the criminals IP's and the time and date to the federal burea tasked with protecting folks from such criminals.
Now that thats cleared up whats next ? time to trash the only viable (and by little coincidence competing ) patch ? Seems so...
[21:08:29] <Sabre'> Ok, we all go out and install the DLL (god forbid) and now we are 50% effective in filtering...
[21:08:55] <Sabre'> so we go push on the asia and other non english speaking areas to adopt
[21:09:13] <Sabre'> We get to a whoppoing 80% effective deployement of a filtering technology.
[21:09:27] <Sabre'> Guess what happens next? The RIAA changes its game plan.
[21:10:37] <Sabre'> There have been tons of attempts to filter things on the internet.
[21:10:47] <Sabre'> Just look at how hard it is to attempt to keep someone banned from a room?
[21:11:00] <Sabre'> You think the RIAA isnt a lot smarter than some WinMX users wanting to hassle your room?
[21:11:31] <Sabre'> I can promise you the second the filtering gets anyplace close to being effective they well change it in ways that it is all for not.
If as Sabre suggest they all go out and use an IP blocking system whether its in a dll or stand alone then there would be
no flooding, this seems to have been missed by him and by the rest of the info team, DLL users never see the network attackers or their false search results, where does Sabre think the flooders are coming from if there are no users hosting them ?
He now foolishly attempts to obscure the topic once more by suggesting that if the network is flooder free then other kinds of attacks will take place, *newsflash* Sabre other attacks have already taken place and been defeated ,it all comes down to whats allowed by the WinMX protocol, you cant sent fake packets using any old packet type, WinMX will only identify one packet type for each connection level when it comes to search results and thus they cant change anthing there its set in stone, so what else can they do ?
What we have seen over the years has been various efforts to leverage something called the "buffer overflow attack". This was fixed in later winmx versions and many more exploits where fixed by the time of the final WinMX release 3.54.beta 4, for this reason we also questioned why pie info suggest using older unprotected client types (3.53).
So having seen that there are few real attack vectors for the attackers to really use whats left for pie info supporters ?
That my friends is up to you, we have spent 5 years working here to ensure the network is kept viable and we understand that most of the pie info folks have been mislead and maybe are low on trust but unless we move away from old dogma and go forward with scientific and rational decisions and improvements we will lose the network and its userbase, this is not an idle prediction, with up coming legislation being earmarked to have a heavy impact on alleged infringing file sharers we need help to close a security door on network attackers and we cant do that while Pie info deliberately hold that door open, we are facing a threat that only Sabre and those using an unprotected host file on primary can halt.
Sabre is on record as stating that its impossible to block the attackers, we say that thats a pretty low thing to claim when your actively aiding them to hurt the WinMX community , if you believe he is telling you the truth then WinMX is dead in the water and I ask you simply to leave now rather than wait until its gasping for breath, if your not sure that a patch can indeed filter the attackers out try the community patch and ensure your not forming part of the cartels attack tool, there are no other options, please ask, rant, or simply discuss anything you want with me here in this thread you will not be fobbed off and lied to, many folks still want to support WinMX but to ensure we are not decimated in the next year
I need all your help and support NOW.
Sabre if you care for the network as much as you claim then close your peer caches and join the community patch initiative, there is always room for commited folks even ones who dont see eye to eye with us and this will overnight close a massive security hole we are facing, we can go forward from there with at least some basis for trust as occured with Vladd and MxPie.com, doing the right thing may be hard but its still the right thing or is your pride more important than WinMX and its users ?
The situation is now one of lose Sabres cache or lose the majority of the networks userbase, I cant put it any clearer than that, united we can always make a difference.
