Home » News » Peripheral News » Six Major ISPs Join P2P Clampdown

Six Major ISPs Join P2P Clampdown

Gordon Kelly by

Six Major ISPs Join P2P Crackdown

It looks like the carte blanche crackdown we feared on P2P file sharing is gathering momentum...

News is breaking today that six of the country's largest ISPs have agreed to deals with the BPI to monitor and warn customers about the illegal file sharing of copyright materials. BSkyB, BT Retail, Carphone Warehouse, Orange, Tiscali and the ever willing Virgin Media are the providers in question and between them they represent approximately 90 per cent of all UK broadband connections so this is most certainly a sea change. The Motion Pictures Association of America (MPAA) and BERR are also aboard creating a truly unholy and intimidating alliance.

Under the new agreement signatories are committed to development consumer education programmes and developing legal online services but - in the words of the BPI: "Most importantly, for the first time ISPs will be required to work with music and other rightsholders (sic) towards a 'significant reduction' in illegal filesharing (sic)."

“This MOU represents a significant step forward, in that all ISPs now recognise their responsibility to help deal with illegal filesharing," said BPI Chief Executive Geoff Taylor. "Government has played an important role in bringing all parties together to arrive at this point, but the work really begins now. We look forward to creating the procedures necessary to effectively tackle repeated unlawful filesharing with the other signatories and Ofcom."

Over the next year hundreds of thousands of warning letters are now expected to be received by customers suspected of file sharing by these ISPs. No definitive agreement is yet in place regarding the eventual punishments for persistent offenders but the BPI is known to favour a 'three strikes' policy that ultimately sees users' broadband connections cancelled - something of which ISPs must be fearful.

Ok, voice of reason for a moment. We're in chicken and the egg territory here, ie: if the record industry would stop squabbling amongst itself long enough to come up with a compelling alternative to file sharing (a flat rate, cross record label subscription service is currently the best bet) then it would be able to move from a position of strength not hypocrisy since it has arguably been exploiting customers for years.

Secondly, persistent file sharers will simply move to ISPs not involved with the BPI (expect Be Unlimited/O2 to get sizeable boosts) and new ISPs will always resist membership as long as possible to attain customers. Lastly, the insecure nature of WiFi, modem cloning and shared connections in general (let alone the fact most of us are on dynamic IP addresses) means the prosecution system is highly unlikely to be perfect 100 per cent of the time,and it'll only take a few high profile cases to see public credibility come crashing down.

Either way though hold onto your seats people, this is likely to be one heck of a bumpy ride...

Link:

BPI Press Release

Go to comments

Martin

July 24, 2008, 6:49 pm

This is ISPs trying to get around their stupid business model of selling 'unlimited' (a seemingly unambiguous word abused beyond recognition) broadband for prices that are too low and then complaining when people actually use it as such. Well, that and parasitic media organisations trying to screw the consumer and hold on their flawed business model too.





I sense a renaissance for newsgroups...





To anybody jumping ship over this news, I recommend http://ukfsn.org/

Matt G Baish

July 24, 2008, 7:15 pm

While it (generally) remains cheaper to buy a high quality physical CD from PLAY or CD-WOW or the like & then rip to MP3/WMA (at whatever quality you want) than it is to download low quality DRMd digital copies then I have absolutely no sympathy for the record companies at all.





Re: a subscription service; I personally don`t think this is the way to go at all unless you buy A LOT of music and you have a LOT of time to listen to it all - PAYG works best for me (maybe 4 - 6 albums a year + free internet radio :) ).

TheEvilGenius

July 24, 2008, 7:28 pm

Out of curiosity it will be interesting how much stuff you have to download before you are targeted by one of these letters. One wonders if it'll be just the bigger users, who download 100s of gigs a month, or everyone. I myself use uTorrent, and can download between 0 to 12 gigs a week. I shall keep an eye out for a letter...





I've heard mention of the idea that there should be ISPs set up specially for downloading, whereby you pay a small premium for complete unlimited, uncensored download limits.

Zeus

July 24, 2008, 7:36 pm

I believe the term "hypocrisy" is used very well.For me the main issue is concept of price that people are forced to pay in once country versus another.





Perfect example on amazon. National Treasure 1 and 2 Bluray on amazon.com = $40 about &#16320 but here in the UK we pay &#16329. Who is screwing who. Global release dates would also help.Another complaint is that our privacy is being taken away. I just hope other companies like Be can stand up to BPI and the likes and defend their clients. I almost feel sorry for the other ISPs if they can, the minute Virgin send me a letter is the minute I phone up Be.








Another consideration around the downloading of bad quality mp3s is a solution to maybe sell songs/albums in FLAC or some other lossless format. I know the files are bigger but broadband is getting faster for generally the same price that of course barring f'ed up traffic management policies which get mentioned in the 'What you Need to Know' section rather than what I would calling the contractual binding "Terms and Conditions"

Zeus

July 24, 2008, 8:46 pm

Evil one user reported getting a letter saying someone in his house downloaded a single song. The music type of song was one he would never even download so maybe case of hijacked wifi...Agree with Martin usenet with the ability to use ssl is the way, however I know isps can use certain software to decode ssl traffice albeit it being a little hard to manage based on the sheer volume of traffic.

Pbryanw

July 24, 2008, 9:52 pm

I think of file-sharing as a multi-headed Hydra, you chop off one head and lots more grow in its place. I think file-sharers will just find new, more subtle, ways of getting their mp3s & movies.





The other problem I see is that legal movie & music download services just aren't good enough at the moment. I can think of loads of instances in the past where iTunes hasn't got the song I was looking for in their catalogue. And the movie situation is even worse with nobody offering a comprehensive catalogue of films, from all studios, available for legal download online.

ilovethemonkeyhead

July 24, 2008, 11:52 pm

i listened to this on BBC news - maybe i heard wrong, but the newsreader claimed "among a list of government proposals include a flat monthly 'download whatever you like' service for music and films".





i was about to build a throne and lay a red carpet for whichever politician said that - somebody higher up the chain must have seen sense.





oh, and Zeus now has a new best friend: Lossles/Uncompressed music has to be the way forwards - DRM free Apple Lossless on iTunes isa must, now, i don't know anybody who sells lossless music.

stephenallred

July 24, 2008, 11:57 pm

How are they going to monitor encrypted p2p connections?


Zeus: SSL, which has been superseded by TLS theses days, both using combinations of RSA, Diffie-Hellman, ECDH, SRP, PSK, DSA, ECDSA, RC4, Triple DES, AES, IDEA, DES, Camellia, RC2, HMAC-MD5, HMAC-SHA, MD5, SHA, MD2, and as such decrypting them is well into being an NP-complete problem, the computing power required to break the encryption is astronomical, which is how it works. So no, ISPs, or anyone else, cannot decode them. If in doubt, use a larger modulus and exponent on your public key.

kdot

July 25, 2008, 1:27 am

so how do you distribute that securely.. making it irrelevant imo.





I would pay a flat rate fee, as long as they had all types of music not jus mainstream but more indie albums and mixtapes.





It's a smart move by BPI (dont see what the ISP's get out of it) as they dont sue, so regardless of if the wifi was hacked (easy!) or anything else the account holder can still be punished easily.

The Pope

July 25, 2008, 2:14 am

Here's the thing - IMO this has nothing to do with ISPs and their "unlimited" business models. If I wanted, I could stream iPlayer and spend loads of cash at the ITMS and download LOADS of gigs each month. Case in point - my housemate lost his Steam folder and had to re-download about 40GB worth of LEGAL games.





So it's not about bandwidth. It's about the studios having a big moan and bullying anyone they can. As has been said already, they're always one step behind and blocking one thing just forces pirates to change tech. They should focus on improving their own product to the point where the balance tips in their favour.

Pazza

July 25, 2008, 3:09 am

Hold on just a minute... If I was to use a well known file storing web service to store my documents, pictures & music etc. which amounts to quite a collection - many GB's! (legal I must add) and I upload / download on a regular basis for backups and so forth - does this mean Virgin Media or similar are going to look at my personal stuff and restrict my internet speed for doing it? Is it me or is this completely illegal and an invasion of my privacy?? Data protection act must come into this spying somewhere!!

Simon 5

July 25, 2008, 3:54 am

If i buy a CD then download the the songs on that CD using bittorrent, is that illegal. Havent i just purchased the right to have an MP3 of the music and isnt the method i use to get the MP3 irrelevant. I am just wondering if i got a warning letter and sent back a receipt from HMV would I be let off.

Gordon394

July 25, 2008, 4:25 am

@Simon - sadly yes. In the eyes of the law it is seen in the same way as buying a loaf of bread from the baker then stealing a second one on the way out...

life

July 25, 2008, 4:42 am

It's absolutely outrageous but this has been on the horizon for quite a while now, you can expect the legislation being banded about for next year will be another disaster. The ISPs are certainly no saints and deserve our absolute scorn for their deceptive marketing, poor infrastructure reinvestment and unfair usage policies, but make no mistake - it is the government that is forcing them to capitulate to the whim of (largely) American corporate interests here. The government have repeatedly threatened them with heavy regulation if they didn't fall in line.





This whole affair is just the ISPs saying "Look Mr Brown, we're doing our best, honest guvna!" to limit the damage to themselves. I suspect they will send out a fair few scary letters but enforce the harsher penalties loosely in practice, and when inevitable false-positives start hitting people with threatening letters and loss of a critical infrastructure service they paid in full for, it will get viciously slapped down and consumer lawsuits will begin (crack out the popcorn!) Failing that almost certain outcome, technology (as always) will evolve to level the playing field - P2P services will force heavy encryption, increased anonymity and traffic pattern obfuscation. The key thing here is that they don't even have to make it an impossible job for the ISPs/Goverment/BPI, just too costly and difficult for them to continue pursuing effectively.





@ Stephen - Zeus is actually correct. You are thinking about decryption in terms of brute forcing key combinations to break the cipher, which I agree is next to impossible with common modern algorithms like AES or TwoFish. However, your ISP doesn't need to brute PKI keys because it acts as a permanent MITM with any connections to or from your modem, and has the capability to monitor the complete TLS handshake process to obtain all the data they need - the cipher, keys, hashes, MACs, pseudo-randomisations etc - to get at the contents. They certainly can't do it en mass (for technical and legal reasons), but it's within the capability of any network administration... there are even COTS products that do the legwork for you.





Computer Security 101: There is and never will be such a thing as a completely secure encryption algorithm, protocol, system or network. SSL/TLS is both secure and efficient in many situations, but like everything else it's not a magic bullet.

gchester

July 25, 2008, 5:44 am

ok if im going to be hounded by the BPI FBI MPAA various ISPs till i stop downloading there is no need for me to have a "high speed connection" anymore is there? what the hell im i going to do with 50megs download speed when im not allowed to download anything? i on average download about 20gigs a week on HD films alone not to mention a few albums from itunes and torrents on a regular basis. i would happily pay a download tax just to shut them up we have been paying it for years anyway on tapes and cds why not the net?

TheEvilGenius

July 25, 2008, 1:07 pm

I have to say that 90% of my downloading is for (mostly) older games. Things like Dark Messiah, Riddick etc. I'm not aware of any service that offers the option not only to download music and films, but also to download a large collection of games, bar things like Xbox market place etc.





@ Zeus: If they're gonna send out a letter to everyone who has ever downloaded a song, then they're in danger of getting rid of large portion of their customers in one move. This has the potential to seriously back-fire in the faces of the ISPs, and it's only a matter of time before some enterprising soul capitalises on that, and comes up with a "download friendly" set up.





The only reason I use Tiscali is that it's one of 3 ISPs I can get in my area. The others are BT and Virgin, which dosn't bode well. Thing is at the end of the day sharing illegal files is just that: illegal. It's hard to argue a point for fairer usage when that usage breaks the law, however dumb it may be...

ChaosDefinesOrder

July 25, 2008, 1:20 pm

@Simon





This used to be exactly true in the UK (in america you're allowed to make a legal backup) however just recently the copyright law has been ammended:





It used to be that buying a legal CD, bringing it home and ripping to MP3 was illegal "OMG you copied it (for personal use) A copy OMG!" similarly, if you buy a song on iTunes, then copy it to your iPod, that was illegal! (SERIOUSLY!!!!)





The law has now been updated so that if you own the physical media, you can make as many personal copies as you like (rip to MP3/FLAC, copy to MP3 player) Similarly if you purchase individual tracks legally, you can copy those to MP3 players.





The best bit: If the CD is one with the f***ing stupid copy protection that stops it playing on a PC, you're legally allowed to download the MP3s - by any means - so you can play it on PC/MP3 player!!!

Overdrivesdl

July 25, 2008, 2:14 pm

Look folks, lets not get to deep into technicalities here. We all have a degree of influence here by hitting the respective ISP`s where it hurts,ie `in there pockets` ! If we were all to cancel our contracts with the offending parties and jump ship to an ISP which has to chosen (and is committed to) not being part of this oppresive intrusion we can really shake things up. This attidude we have to taking things lying down so to speak is partly the reason why we pay more for things in this country (ignoring tax of course). Hit them hard were it hurts most, this will cause panick on a grand scale, and who knows things may change for the better !


Can anyone recommend a good ISP out there who is prepared to be brave and make a fortune to boot ? I'll go first !!!

TheEvilGenius

July 25, 2008, 3:04 pm

@ Overdrivesdl: The problem is that for some of us in more rural areas, we can ONLY get the larger ISPs, ie the ones that are causing all this fuss in the first place. Smaller ISPs that are less likely to use throttling etc, don't have the coverage needed to supply a service to those of us not living in a large town or city. We have little option but to stick it out.

Alan Edwards47c

July 25, 2008, 4:29 pm

Man-in-the-middle attacks by the ISP against SSL are possible using an SSL proxy - basically, the client thinks it's talking to the target site, but the proxy intercepts it. The proxy then negotiates with the target web site.





I don't know about Usenet and BitTorrent clients, but a stock web browser would scream if the ISP tried this. The browser would be expecting a certificate from ebay.com (or whatever) but would actually get it from your ISP.

Zeus

July 25, 2008, 6:15 pm

Well I'm sure you've all read the new post Be told BPI politely get lost.:)





@Life must admit I do kinda like your way of thinking there but someone invading my privacy no matter their intentions is still wrong.





@Evil thats what I'm hoping that everyone will just get tired of all the admin work which I hope costs a lot of money and I hope the result is even less revenue when people do leave.








Copy protection, monitoring of things by ISPs is always gonna take a back seat 'where there is a will there is a way'


The idea is they need to get rid of the 'will'. Give people what they want like lossless format downloads, pay the same price for DVDs here in the UK as in America and so forth will definitely reduce that.It will always be a loosing battle until the global population is treated fairly. I will admit I download a lot but most of what I download I would not buy anyway. I go and watch most of the great movies in Cinema sometimes more than once and I do my bit in buying legitimate media.

Andrew Marshall

July 25, 2008, 7:32 pm

Often when this argument comes up there seems to be a prevalent opinion that record companies are staffed exclusively by Mercedes driving executives and that they deserve what they get. Even if this were true, it cannot be used to justify theft and certainly not when said companies employ thousands of people across the globe from the people who package cds to web designers to sound recordists and the artists themselves, all of whom eventually get the bulk of their income from record sales.





I cannot condone what the BPI are doing, but the issue is one of invasion of privacy and not of the morality of illegal downloads. As a professional software engineer my income depends on people paying legally for the products I develop, so I can certainly sympathise with others in the media industry who are losing money due to theft of the products that they work so hard on. The fact that some people perceive media as too expensive is no justification for theft.

Overdrivesdl

July 25, 2008, 8:40 pm

Just a follow up to my earlier comment. I have now cancelled my BT contract and will be switching to Be in the next couple of weeks.


Vote with your feet folks (if you can !)

Andy0d2

July 26, 2008, 1:20 am

Yet another instance of our freedoms being slowly but surely taken away from us.

mossmanfly

July 26, 2008, 5:39 am

@Pazza - no your ISP wont monitor your downloads and if you do have backups of music etc online downloading them should be fine.





From my understanding of how the BPI will monitor P2P, is by searching for Artists appearing on P2P programs. I havent used Kazaa and the like for years and years, only use Bit Torrent myself, so will use that for my example.





There are many free sites that are search engines for torrents that show you torrents hosted on different sites for you to connect to. When you connect to a torrent the torrent client will show you the IP of all the connected computers, similarly your IP will appear on every other PC your connected to. So if you have BPI search for a torrent and they connect to that torrent then your IP will be visible to them if you are connected to their PC.





So with that theory you may or may not be caught so to speak, it all depends on you being in the right place at the right time. There are programs that try and filter out IP addresses that are known to be bad, whether they work or not Im not sure, if the IP there checking from isnt in the banned list then you've had it.





There are private sites that you can go to and they can be safer, but again someone from the BPI could be a member so they maybe equally as unsafe as your general free torrent.

comments powered by Disqus