Thursday, May 29, 2008

What gives MediaDefender the right to launch a DoS attack against Revision3

I just started reading Molly Wood's blog and that's where I first heard about the Denial of Service (DoS) attack that Revision3 suffered from over the Memorial Day weekend.  Jim Louderback, the CEO of Revision3, wrote a detailed explanation of what happened and who was responsible for the attack on a Revision3 blog post.

Before I go any further, Revision3 uses Bittorrent (BT) to distribute their own content to their viewers so that bandwidth demands on Revision3's site are greatly reduced.  What Revison3 is doing is legal and is what Bittorent was designed for.

In a nutshell, an anti-piracy organization named MediaDefender had been illegally storing Bittorrent (BT) tracker files on Revision3's BT server for months.  They used a back door into the Revision3 server.  At some point, the illegally placed files were detected by Revision3 and they closed the security hole that allowed MediaDefender to gain unauthorized access to their servers. 

That's when the bovine excrement hit the rotating air circulation device.  The MediaDefender server lost contact with their BT Tracker files and launched a DoS attack.  What they did was flood the Revision3 servers with SYN requests, causing a "SYN Flood" type of attack.  In layman's terms, it's the equivalent of kids ringing your door bell and running away before you open it.  Except here it was happening to Revision3 8000 times a second.

This attack basically stopped anything Internet related at Revision3.  Their web servers, RSS feeds, BT feeds, and everything else outwardly facing was just dead in the water.  It also took out their email.  This caused real and measurable costs to Revision3.

I'm not a lawyer, but I'm pretty sure that it's not legal to gain unauthorized access to another company's servers.  The DoS attack was definitely illegal and the FBI has already been brought in.  They suffered measurable losses and MediaDefender should be held legally responsible for the damage they caused.  They should pay compensatory damages for the employee time wasted, for the extra bandwidth costs, and for the lost revenue while the Revision3 sites were down.  In addition, they should pay punitive damages to give them a strong financial incentive not to launch any more DoS attacks.

Jim's description of the events was well written and very even handed and should be read by everyone.  Any company using BT or other forms of P2P technology to distribute their own content is at risk being attacked by MediaDefender.  This isn't the first time that MediaDefender has been accused of launching DoS attacks.  What MediaDefender did was wrong, both morally and legally.  How can this type of attack be prevented in the future?  To quote from an old episode of Star Trek:

"...I've found that evil usually triumphs...unless good is very, very careful." - Dr McCoy.

You can't beat an outfit like MediaDefender by resorting to their tactics with DoS attacks against their servers.  First of all it wouldn't work, and more importantly it's just as wrong as their attack.  I think Revision3 should sue for damages and we should all contact the companies that use MediaDefender.  We should tell them that we don't want to buy products from companies that are associated with MediaDefender.

Getting back to Molly, I first heard about her blog when she mentioned it on an episode of Cranky Geeks.  I get Cranky Geeks as a TiVoCast download to my my TiVo and I just started watching it.  After two episodes, I've had enough of Dvorak but it was worth listening to the viewpoints of the other debaters on the show.  Molly's blog is well written and is focused on digital rights and copyright issues (and abuses).

The inspiration for the Star Trek quote came from the comments for a post on The Coding Horror blog.  That post discussed the issues of how to block comment spamming on blogs and forum sites.  It's a great quote and I hope the guy who first used it in the Coding Horror comments doesn't mind me using it here.


  1. I believe you are absolutely correct. If someone flooded my door with nonsense and stopped me from living my life, I would ask to have the police bring criminal charges against them and go far beyond civil legal action. This is not less than criminal harassments. MediaDefender (if that is in fact the party who did the DoS attack) done with computers what extortionist do by phone and other threats; and they carried it out.

  2. According to Jim Louderback at Revision3, MediaDefender admitted that they had placed the torrent tracker files on the Revision3 server and their machines caused the DoS attack. They only disputed the frequency of the attacks. Louderback has the server server logs to prove the frequency of the attack.

    While I don't think MediaDefender intentionally targeted Revision3, the fact that they have automated intrusion and attack systems is just morally reprehensible.


Note: Only a member of this blog may post a comment.