RIAA/MPAA/BayTSP EPIC FAIL

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • feather
    Shanghai ooompa loompa
    • Jul 2004
    • 20898

    RIAA/MPAA/BayTSP EPIC FAIL

    Fucktards.

    Our good friends over at TechDirt discovered an interesting anomaly and enormous security hole in BayTSP's website today.

    BayTSP, a Los Gatos, CA-based company, is best known for putting the cease-and-desist smackdown on peer-to-peer copyright violators. The site serves infringement information forms to offending parties on behalf of the copyright holders. Think of them as the online debt collectors of the BitTorrent universe, with all the information security risk that implies.


    BayTSP's process involved sending suspected copyright violators a URL to a "Web Infringement Response System." These pages were online forms containing fields with infringement notice ID numbers, email addresses, IP addresses, DNS names, and URLs that would identify users by household or even by device.


    If the information were secure, this might be fine. However, in some monumental lapse of judgement, the entire site was left open to search spiders and accordingly indexed by Google, allowing anyone with hackerish leanings ample opportunity to create all kinds of mischief.


    A Google search for "'infringement information' site:baytsp.com" yields distressing results. Some of the pages have been removed, but you can still have a look at the cached versions:

    Whoops!



    Not only have the forms been online for Google and the waiting world to view; the forms could also be completed and submitted online by just about anyone.


    More technically savvy tricksters could send infringement notices of their own. "And, on top of that," the TechDirt blogger writes, "some have discovered that BayTSP's site has some scripting vulnerabilities such that you could create a fake complaint and get people to, say, download malware or enter credit card data."


    Although this recent debacle is simply one more PR disaster for the media industries themselves, my first thoughts were echoed by TechDirt commenter Mechwarrior: "Once this hits 4chan, it's over."

    i_want_to_have_sex_with_electronic_music

    Originally posted by Hoff
    a powerful and insane mothership that occasionally comes commanded by the real ones .. then suck us and makes us appear in the most magical of all lands
    Originally posted by m1sT3rL
    Oh. My. God. James absolutely obliterated the island tonight. The last time there was so much destruction, Obi Wan Kenobi had to take a seat on the Falcon after the Death Star said "hi and bye" to Leia's homeworld.

    I got pics and video. But I will upload them in the morning. I need to smoke this nice phat joint and just close my eyes and replay the amazingness in my head.
  • i!!ustrious
    I got some N64 Games Yo!!
    • Mar 2008
    • 12308

    #2
    Re: RIAA/MPAA/BayTSP EPIC FAIL

    was over b4 it happend
    (((( }-d|-__-|b-{ ))))

    Comment

    Working...