Update: Wired reports an interview with the hackers that brought down Comcast. If the two teens who claim responsibility for the attack are legit, the motivation behind the Comcast hack was just, well, hatred for Comcast in general and not a statement about the company's P2P policies.
I came across two seemingly unrelated items this morning about nasty hacker attacks. The first is this post at TorrentFreak discussing a malicious hack of Comcast's home page. For a period of time, the hackers appear to have changed the Comcast DNS/WHOIS records to point at a non-Comcast page, resulting in customer misdirection to a non-sensical page and sparking fears that customers' user names and passwords were being filched.
The second item is this excellent explanation by Revision3's Jim Louderback about his company's Memorial Day weekend outage. Revision3 was brought down by a denial-of-service attack by digital media entertainment company ArtistDirect, which runs an anti-P2P technology subsidiary called MediaDefender.
As it turns out, these two attacks possibly share a common root cause: the BitTorrent P2P protocol (not BitTorrent the company). And they should both serve as object lessons about the risks that companies face when they try to mess with P2P content distribution.
Regarding the Comcast outage, TorrentFreak speculates that Comcast got hacked because the top cable operator has throttled and continues to throttle BitTorrent and other P2P protocols as part of its network management procedures. (Comcast has vowed to switch to a protocol-agnostic management system by the end of this year.)
There's no denying, however, that Revision3's DOS attack was directly related to the BitTorrent protocol. The company traced the attack to MediaDefender's servers. Not only did MediaDefender's interim CEO Dimitri Villard and VP of Operations Ben Grodsky admit that their company was responsible for the attack, but MediaDefender had also copped to injecting a broad array of tracking torrents into Revision3's servers for months.
Why would MediaDefender do this and for whom? Well, Revision3 uses the BitTorrent protocol for legitimately sharing large files, including its own music and HD-quality video. MediaDefender gets paid to disrupt P2P networks, counting Sony, Universal Music, the RIAA and the MPAA among its clients.
Louderback doesn't know who was paying MediaDefender to track his company's P2P network or whether the attack was intentional. MediaDefender says that the DOS attack was a mistake, a result of a vulnerability created when Revision3 rejiggered its server.
He does know that the authorities will get to the bottom of this. "Was it malicious? Intentional? Negligent? Spoofed? I can’t say. But what I do know is that the FBI is looking into the matter," Louderback wrote.
Here's what I conclude from both seemingly unrelated attacks: any big company or industry group, whether it's Comcast or Sony or the MPAA, that tries to block or mess with P2P protocols could find themselves in a vicious cycle of payback. Comcast has already learned this lesson the hard way, through the public condemnation of its network management practices and now through a possible revenge-motivated hacker attack. And you can be certain that neither ArtistDirect nor its presumably entertainment industry clients are going to welcome the FBI's investigation.
Cynthia Brumfield at 11:41 AM|Comments(1)
The Revision3 thing is BS - I hope MediaDefender gets punished in some way, but who knows. It probably wasn't an intentional "attack," but they were obviously leeching/tampering with Rev3's stuff prior to the packet flood.
Comcast has a bigger issue than a temporary site redirect and defacing with the the FCC looking into claims of throttling. Met a Comcast guy at last night's Chicago event, but couldn't give him a hard time before he was pulled away. ;)
Posted by: Dave Zatz at May 30, 2008 7:13 AM
Blogs We Read
