Headline Feeds
Revision3, an entertainment network for the Web, had planned to release its two most popular shows last Friday evening in time for the Memorial Day weekend. Instead, chaos struck, and the Web 2.0 company found itself unable distribute videos or advertising or respond to clients' requests.
Even its internal e-mail servers were brought down.
The source of the IT meltdown, Revision3 eventually discovered, was a denial of service attack launched by MediaDefender, a company commissioned by the entertainment industry to stop illegal trading of copyrighted content on the Internet.
MediaDefender did not return a call from TechNewsWorld.
Collateral Damage
MediaDefender is one of a number of companies that essentially do the legwork for music companies and movie studios -- as well as their industry associations, the Recording Industry Association of America and the Motion Picture Association of America -- that want to stop, or at least slow down, peer-to-peer trading of copyrighted songs and movies.
Besides mounting DoS attacks, their tactics include scouring the Internet for illegally traded content and then downloading it to enable prosecution.
Revision3 was swept onto the battlefield because it uses BitTorrrent to distribute its content. "They saw us as a 'distributor' -- even though we were using Bittorrent for legitimate reasons, Jim Louderback, Revision3's CEO, wrote in a blog post on the incident.
It's the first time he's heard of MediaDefender going after a legitimate distributor in such a manner, Louderback told TechNewsWorld, though he made a point of saying that he didn't think it was deliberate. In fact, after Revision3 was finally able to reach MediaDefender on Tuesday, the DoS attack stopped, and the firm could open for business again.
How It Happened
Revision3 was able to identify MediaDefender through the Internet protocol address of one of the packets that it captured. As it pursued its investigation of the incident, Revision3 learned from Dimitri Villard, interim CEO of MediaDefender parent ArtistDirect, that the firm had been inside Revision3's network for months, injecting a broad array of torrents into its tracking server.
"They were able to do this because we configured the server to track hashes only -- to improve performance and stability," Louderback wrote in his blog post. "That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit."
The DoS attack was launched, he said, after the company noticed unauthorized use of the tracking server and took steps to deauthorize torrents pointing to non-Revision3 files.
"MediaDefender's servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server," Louderback explains. "[Ben] Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second."
Grodsky, vice president of operations at MediaDefender, maintains that MediaDefender did not do anything specific to target Revision3, according to Louderback's post. His version of events was that once Revision3 turned off MediaDefender's back-door access to the server, traffic piled up because its packets weren't being acknowledged.
Louderback pointed to the irony of the situation. "Here is an old media company that cannot comprehend that a new media firm would willingly use BitTorrent to distribute their content," he told TechNewsWorld.
He added that conversations with MediaDefender have elicited promises that it will check before targeting a distribution source with a DoS attack.
No Lawsuit?
Although DoS attacks are against the law, Louderback said he doesn't have the time or resources to sue MediaDefender.
The DoS attack may have cost his firm as much as US$100,000, he estimated. "No one could access our site all weekend. We get about four million page views a month, so that is a lot of video not to deliver."
He does plan to invoice MediaDefender for lost revenue and employee time devoted to solving the problem.
Revision3 would be well within its rights to sue, Dave O'Neil, a partner with O'Neil & McConnell, told TechNewsWorld.
"If there was no legal foundation for the interference, MediaDefender would be liable for every bit of damage -- and not only lost revenues but also consequential damages," he said, such as losing a long-term client because of the attack.
A lawsuit would also be form of poetic justice, O'Neil suggested. "What is good for the goose is good for the gander. I would think these companies would want to be held up to the same high legal standards that they expect from others."
Talkback: 
