Visit Your Local PBS Station PBS Home PBS Home Programs A-Z TV Schedules Watch Video Donate Shop PBS Search PBS
I, Cringely - The Survival of the Nerdiest with Robert X. Cringely
Search I,Cringely:

The Pulpit
The Pulpit

<< [ Bob Tube ]   |  We Can Run, but We Can't Hide  |   [ Steal This Column ] >>

Weekly Column

We Can Run, but We Can't Hide: How BayTSP is Enforcing the Digital Millennium

Status: [CLOSED]
By Robert X. Cringely
bob@cringely.com

If you look at Mark Ishikawa's business card, you'll notice that it lists nostreet address for his company, BayTSP, just a post office box. This is for good reason, since Ishikawa is one of the few Silicon Valley CEOs who regularlyreceives death threats. Uninvited visitors are not welcome at BayTSP, which hasa post office box in Los Gatos, CA, but could really be anywhere in the Bay Area.

I certainly have no idea where the company lives, but I know why Ishikawa has somany enemies. It is because BayTSP acts as the primary enforcer for the DigitalMillennium Copyright Act (DMCA), a law that is widely reviled in the technicalcommunity.

The DMCA, which was put in effect in 2000, was an attempt by the U.S. Governmentto bring copyright law into the cyber age. But many people — including, oddly,Mark Ishikawa — think the DMCA goes too far by making it illegal for me to eventell you how to circumvent encryption or copy protection technologies. It makes the very passing of knowledge against the law whether or not that knowledge is ever used.

"It's a very flawed piece of legislation," says Ishikawa, who predicts that thegovernment will rewrite the copyright law again "in eight or nine years" tocorrect the mistakes in the DMCA. But until then, the DMCA is the law of theland, and Mark Ishikawa is the Internet's top cop.

BayTSP is paid anywhere from $200 to $50,000 per month by owners of intellectualproperty — primarily software companies, movie studios, and record companies --to find who is illegally copying, distributing, or helping to distribute withoutpermission their intellectual property. For example: Adobe Systems arranged to have Russian programmer Dmitry Sklyarov arrested at the 2001 DefCon security conference in Las Vegas for violating the DMCA by showing how to circumvent copy protection in Adobe's eBook software. The arrest was made on information supplied by BayTSP.

Now I am not in any way a fan of the DMCA. The purpose of this column thisweek is not to examine the DMCA, but rather, to gain some understanding of how it is enforced. BayTSP is an interesting company, and coming to understand how it does what it does can be very useful as you will shortly see. So please don't write to me complaining about the DMCA. Write to your Congressionalrepresentatives.

Mark Ishikawa came to the data security business from the Dark Side, having beenbusted years ago for breaking into the network at the Lawrence Livermore National Laboratory. Preferring employment to jail time, he became a security consultant for the Lab and a lot of other places. Eventually, Ishikawa started a large ISP and web hosting company that he sold at a profit. Now he runs BayTSP.

BayTSP's business falls into two areas — law enforcement and anti-piracy — andit uses the same tools for both businesses. These tools are spider programs that scour the most traveled parts of the Internet looking for users who are offering to others files that are either illegal to even own or at least illegal to share. An example of the former is child pornography. BayTSP tracks for the FBI the global carriage of kiddy porn. When a big child pornography bust takes place, it is generally on the basis of evidence gathered by BayTSP.

"There seems to be an increase in child abductions and murders in the U.S.," says Ishikawa, "and when the abductors are caught and you look on their home computers, you inevitably find kiddy porn. So it is a precursor to this bad behavior, and just as the Internet makes it easy to distribute child pornography, it effectively encourages these criminals. We are working to end that."

BayTSP's spider programs use patented algorithms to scour public web siteslooking for pictures, video, and music files. "Our algorithms are adaptive,"claims Ishikawa. "You can cut a picture in half and we'll still find it,matching the cut-down version against a database of originals, effectivelymatching the electronic DNA of the target."

One thing BayTSP's spider programs don't do is sit at the Internet peering points sniffing all packets as they go by. "That would be wiretapping, which isillegal," he says. "All we do is go to the same places any user could go, lookat the same files anyone else could look at, and we only probe the ports on yourcomputer that you have made public."

Now we get to the part I find especially interesting, and where I think there is a lot of confusion among users. This has to do with how BayTSP finds out who isdistributing kiddy porn or pirated music files. If you think your activities onthe Internet are anonymous, you are wrong. When BayTSP finds an IP address thatappears to be the source of child pornography or pirated music or video files,under the DMCA, it can subpoena ISP logs. These logs can directly connect evendynamic IP addresses to user accounts, making it clear very quickly who owns theoffending account. Every ISP keeps these http logs, and even products forso-called anonymous surfing aren't effective in circumventing the technique.

"We have 100 percent coverage of peer-to-peer file sharing," Ishikawa claims. "If you are illegally sharing copyrighted materials, we know who you are."

Then why aren't there more arrests? In part, this is because the intellectualproperty holder who is paying BayTSP gets to set its own comfort threshold forexactly how much file sharing is too much, and how BayTSP should deal withoffenders. "Adobe only wants to send out cease and desist orders, while somemovie studios want to put people in jail," Ishikawa says. "There are people onthe Net offering 50,000 to 60,000 files at a time for sharing. These people will get busted for sure."

For lesser offenders, under the DMCA an intellectual property holder can makeyour ISP remove the offending content from its servers. So while you may not goto jail, you might find that your Gnutella songs are no longer available. Repeat offenders lose their accounts completely. One issue is how quickly ISPs remove the offending material. "Sony wants it gone in an hour, but Uunet takes two weeks," says Ishikawa.

According to Ishikawa, we'll see major arrests in October of people who have been illegally (and flagrantly) sharing movies. With the evidence already gathered, the game is afoot, meaning this week is too late to stop sharing those movies and expect to get away with it. This might be a good time to get a lawyer.

Not even Osama bin Laden can escape the gaze of BayTSP. According to Ishikawa,the FBI thinks terrorists are sharing information by hiding it in images postedon eBay using a process called steganography. Doesn't that sound a little toosophisticated for al-Qaida? Can that picture of a dented Ford F-150 pickup with a For Sale sign really be saying, "Bomb the infidel Cringely's house?" Maybe,maybe not.



Comments from the Tribe

Status: [CLOSED] read all comments (0)