TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
1 edit | reply to rosco
Re: If it's easy to break into your house, it's OK then?
said by rosco  :they could start with an IP block restriction...it cant be that hard to figure out sprint's ip's. even a username/password page could be inserted with generated passwords for subscribed phone numbers sent to the phone via text message.. It isn't just Sprint.
»www.mobitv.com/channels/
They have this product available for multiple vendors. One is Palm WiFi. That is, the connection could be coming from any HotSpot anywhere. IP blocks won't work there.
And anyway, their system is just feeding Real Player streams:
Where 554/X could be 554/"any # 1 to 9999"
and "station name" can be any characters. And if your device supports 3gpp it works.
--
My BLOG .. .. Internet News .. .. My Web Page |
|
bear73
Metnav... Fly The Unfriendly Skies
Premium
join:2001-06-09
Grand Forks Afb, ND
·Midcontinent Commu..
| reply to MyDogHsFleas
true, but possession is 9/10ths of the law. if you leave it in the open, and someone walks off with it, you have no recourse.
--
If ya gotta go, Go with a SMILE!
»www.thereligionofpeace.com/ |
|
tmh
@qwest.net
| reply to MyDogHsFleas
said by elios :It is no more legal to steal something off my front yard than it is to go in my open back window and steal something. Who's stealing? All HoFo is saying is "this guy keeps all his stuff in his front yard. Look! I can see a TV, some underwear, and a blow up rubber dolly." |
|
rosco
Premium
join:2003-11-10
USA
 ·Verizon Online DSL
| reply to TKJunkMail
said by TKJunkMail :said by rosco :they could start with an IP block restriction...it cant be that hard to figure out sprint's ip's. even a username/password page could be inserted with generated passwords for subscribed phone numbers sent to the phone via text message.. It isn't just Sprint. »www.mobitv.com/channels/ They have this product available for multiple vendors. One is Palm WiFi. That is, the connection could be coming from any HotSpot anywhere. IP blocks won't work there. And anyway, their system is just feeding Real Player streams: Where 554/X could be 554/"any # 1 to 9999" and "station name" can be any characters. And if your device supports 3gpp it works. good points, it will be challenging to secure their product.
This is still MobiTV's fault for not addressing these issues earlier on in their business process...like before they launched.
Even though I still feel that howardforums.com should not give in to mobitv, this will probably turn into a very expensive legal battle, and I don't know if it would really be worth it to howard chui. |
|
MyDogHsFleas
Premium
join:2007-08-15
Austin, TX
 ·AT&T U-Verse
·AT&T Southwest
| reply to bear73
said by bear73 :true, but possession is 9/10ths of the law. if you leave it in the open, and someone walks off with it, you have no recourse. Which planet are you living on? Of course I do. I call the police, I ID you as the guy who walked onto my front yard and took something that belonged to me, they arrest you. When you tell the judge "possession is 9/10 of the law" and "but he left it out where it was easy to take" he laughs in your face and doubles your sentence for being stupid. |
|
MyDogHsFleas
Premium
join:2007-08-15
Austin, TX
·AT&T U-Verse
·AT&T Southwest
| reply to rosco
said by rosco : I have to point out that it is not a security bypass. There was NO security in place. obscurity != security You are absolutely correct, technically. There is no question their "security" is technically an easily-bypassed joke. I think they are now realizing this.
You are wrong, legally. It is a security bypass. |
|
dot_null
Premium
join:2004-06-28
Kennesaw, GA
 ·Callcentric
·Comcast
·VoiceStick
·AT&T Southeast
| How could it be a security bypass if MobiTV has no security?
Their webserver will serve up that text file to anyone who asks for it, even if the referrer is listed as HowardForums. No one had to crack, hack or do anything else to receive these streams. If you look at how web servers work, this is akin to asking a building with a doorman permission to enter the premises and he blindly grants it, without stopping to ask whether you had legitimate business in the building. |
|
Noah Vail
Premium
join:2004-12-10
Lorton, VA
·RoadRunner Cable
| reply to MyDogHsFleas
Who Lives in a Web Site?
The whole house analogy is faulty.
In a house, everything is private and there is an expectation that the stuff you have at the beginning of the day, you'll still have at the end of the day.
MobiTV is a business. The purpose of a business is to get rid of their stuff. On the web, lots of sites give their stuff away. Most video traffic being streamed, is FREE content.
If you assume a video link is gratis, you'll be right more than not.
That having said, most everyone who is streaming MobiTV as a result of HF, probably knows MobiTV would rather they pay for it.
However, MobiTV is injecting a non-pay access to their content into a public highway system. When a user travels that link, there is no barrier, warning sign or request that they pay. It is an unmarked route of travel with nothing to differentiate it from any other route.
They attempted to hide it within a pay system, but someone found it posted it in a plain sight. So MobiTV wants to sue plain sight.
No one is forcing MobiTV to stream their content. They could shut it down anytime they chose. No one forced them publish a non-pay link. The attempt to hide it within another delivery system does not change the fact that it is an open access point of entry.
If MobiTV would rather people not availed themselves of a free link to their content, they should stop publishing a free link to their content.
NV
--
Abortion: A Republican Plot to Thin the Liberal Herd. |
|
MyDogHsFleas
Premium
join:2007-08-15
Austin, TX
·AT&T U-Verse
·AT&T Southwest
| reply to dot_null
Re: If it's easy to break into your house, it's OK then?
said by dot_null :How could it be a security bypass if MobiTV has no security? Their webserver will serve up that text file to anyone who asks for it, even if the referrer is listed as HowardForums. No one had to crack, hack or do anything else to receive these streams. If you look at how web servers work, this is akin to asking a building with a doorman permission to enter the premises and he blindly grants it, without stopping to ask whether you had legitimate business in the building. Again, you are confusing the technical means of securing a website with the legalities involved. In DMCA terms, there was a circumvention of protection.
Here's a summary of RealNetworks vs. Streambox that I found. In this case, RealNetworks sued Streambox for bypassing their (weak) security and accessing their servers and streaming content to a VCR-like piece of software, that would record video for later playback. RealNetworks won the lawsuit, brought under DMCA.
quote:
Court rejected defendant's argument that its product did not constitute a violation of the DMCA because Plaintiff's effort to stop copying did not "effectively protect" against unauthorized infringement. The only question the court considered was whether there was a technological protection, not whether it was effective.
|
|
MyDogHsFleas
Premium
join:2007-08-15
Austin, TX
·AT&T U-Verse
·AT&T Southwest
| reply to Noah Vail
Re: Who Lives in a Web Site?
said by Noah Vail :If MobiTV would rather people not availed themselves of a free link to their content, they should stop publishing a free link to their content. On another news story (the one about WikiLeaks) I started a thread titled "Web sites are not magic" or something like that.
The point is, just because it's a Web site, doesn't grant it magical invulnerability from the real world of business and law.
What you say is true from a practical point of view. They've depended on security through obscurity (deep link URL to a text file with more deep links to the content) and now they've been burned. They should not have done that.
My whole point here is, don't leap to the conclusion that therefore it's perfectly OK to use those deep links, that bypass their authentication and authorization system, just because they are now revealed. Or, worse, that they are only getting what they deserve.
mobiTV, whether you like it or not, has a valid case. Howard Forums will lose the DMCA appeal if they make one. |
|
Noah Vail
Premium
join:2004-12-10
Lorton, VA | Didn't I read above that HF is officed in Canada?
Does Canada subscribe and submit to the DCMA?
NV
--
Abortion: A Republican Plot to Thin the Liberal Herd. |
|
rosco
Premium
join:2003-11-10
USA | I think the web host is in america. |
|
Noah Vail
Premium
join:2004-12-10
Lorton, VA | Then you'd have to sue the hosting company.
NV |
|
rosco
Premium
join:2003-11-10
USA
1 edit | MobiTv will start by trying to get Gnax to take the site offline.
»www.howardforums.com/announcement.php?f=57 |
|
C DM
join:2002-12-31
2 edits | reply to MyDogHsFleas
Re: If it's easy to break into your house, it's OK then?
said by MyDogHsFleas :said by RayW :Actually, your logic is more faulty. It is more like you left your full size, floor to ceiling, wall to wall picture window drapes open and then got upset because everyone standing on the street or side walk (and not on your lawn) saw you undressed doing actions of dubious morality with another guy for a blue film and they are not buying your film. I'd say your analogy could stand a little tweaking. What it's really like is if I had the big drapes closed, but around the side of the house, there was an unmarked button. If you tried pushing the button, you'd find it opened the drapes and you could see what was going on. Then I came out and yelled at you for opening the drapes. Your defense is, "But the button is right over there! All I have to do is push it! If you didn't want your drapes open, you should have protected your button!" And then you wrote a story for the local paper telling people where the button is and how to press it. In your example you have nothing left, in the other you still have what you started with and the option to close the drapes and continue on with your business.
But I really don't, because you've copied my blue film and posted it on the Internet. Where is my business now? If you chose not to shut the drapes but instead to sue all the onlookers for staring at you from the public access areas, then I wonder how far you would get?
The thing you and others are missing is that the video streams are not really on public display. If someone goes through the front door of the mobitv site, there is no link that says "Hey! Click here and get it for free!" Instead, there's a signup process by which you are given access. To bypass it, you have to know (a) the URL of a file and (b) how to download that file, save it, examine its contents, and copy/paste the imbedded URLs into a Web browser. We, as techno-elite people, know how to do those steps easily. I guarantee you that at least half of the people on the Internet would, given the URL, fail to download the file, examine it, and then view the videos. Additionally, the URL to the file is not obvious by any means. Someone figured it out and posted it. Actually, there is no button or anything of the sort, the drapes are really already open, it's just that the house might be in a part of town that not a lot of people would go to, but if and when someone did and noticed the open drapes and stood there (from the public street, even if it's an out of the way street) and looked into the house through the already open drapes, and told others about it, there's absolutely nothing illegal that is happening on the part of that person or anyone else who comes to look into the house and/or tells others about it. There's no copying of anything that's taking place, it's just people coming and looking. Let's not try to twist it into something more than what it really is. |
|
wierdo
join:2001-02-16
Tulsa, OK
·Future Nine Corpor..
·Teliax VOIP
| reply to MyDogHsFleas
said by MyDogHsFleas :said by elios :yes but its your own fault you left it there if you leave some thing out in the open like long enough some one is going to take it What you say is completely true. It would be stupid for me to leave something out in my front yard that I didn't want to be taken. However, that does NOT make it legal for someone to take it. If I catch the guy who took it and press charges, his defense of "it's your fault because you left it in your front yard" is not going to work. You misunderstand. It's like you leaving all your stuff out on your front lawn with a sign that says "take what you please." It's a fair assumption that anything that's on an HTTP server is intended for public consumption, barring a password or some other access control being in place.
I don't need explicit permission from my bank to type in the URL to their online banking application.
--
It's wierdo, not weirdo. Yes, I know that's not the 'proper' spelling of the similar english language word.  |
|
dot_null
Premium
join:2004-06-28
Kennesaw, GA
·Callcentric
·Comcast
·VoiceStick
·AT&T Southeast
| reply to MyDogHsFleas
MobiTV themselves facilitated such infringement, because their server still, as I'm typing this, serves up that list of video links. I think it's a wee bit draconian to serve HoFo a takedown notice because they posted a URL that, in point of fact, is located on MobiTV's servers. Thus, the onus is on MobiTV to correct their glaring security hole. |
|
wierdo
join:2001-02-16
Tulsa, OK
·Future Nine Corpor..
·Teliax VOIP
| reply to MyDogHsFleas
said by MyDogHsFleas :said by dot_null :How could it be a security bypass if MobiTV has no security? Their webserver will serve up that text file to anyone who asks for it, even if the referrer is listed as HowardForums. No one had to crack, hack or do anything else to receive these streams. If you look at how web servers work, this is akin to asking a building with a doorman permission to enter the premises and he blindly grants it, without stopping to ask whether you had legitimate business in the building. Again, you are confusing the technical means of securing a website with the legalities involved. In DMCA terms, there was a circumvention of protection. Here's a summary of RealNetworks vs. Streambox that I found. In this case, RealNetworks sued Streambox for bypassing their (weak) security and accessing their servers and streaming content to a VCR-like piece of software, that would record video for later playback. RealNetworks won the lawsuit, brought under DMCA. quote:
Court rejected defendant's argument that its product did not constitute a violation of the DMCA because Plaintiff's effort to stop copying did not "effectively protect" against unauthorized infringement. The only question the court considered was whether there was a technological protection, not whether it was effective.
In this case there is no technological protection whatsoever.
--
It's wierdo, not weirdo. Yes, I know that's not the 'proper' spelling of the similar english language word. |
|
jgilm
@sysdyn.com
| reply to MyDogHsFleas
I think all of the analogies have gotten way out of hand. The concept is rather simple.
Try to prosecuting HoFo for free speech is the issue. HoFo did not steal or infringe copyright on anything. The unprotected URL is a fact, which cannot be copyrighted.
I cannot copyright the fact that I place a spare key to my house under the big rock by the door. Neither can I expect to win at law against a person if they place signs around my neighborhood that tells where I put a spare key.
Regardless of the type of protection, it is not illegal to tell people a fact about the protection
It is illegal to do with someone elses "property" that which they do not want to have happen. HoFo did not do anything with anyone's property, just as the person that tells others where I put my spare key. If a person uses my spare key to enter my house, then they would be violating the law, just as if someone used the link to view TV streams that were not free.
Going after HoFo is stupid just for this reason alone. They cannot possibly win at law. |
|
La Luna
Surviving Ashraful
Premium
join:2001-07-12
Warwick, NY
clubs:
·Optimum Online
·Vonage
1 edit | reply to TKJunkMail
said by TKJunkMail :said by La Luna :Nor did they bother to secure anything. Whose fault is that? Howard Forums? I don't think so. They got nailed, now they are trying to cover their butts for a really bad mistake on their part.
Have they bothered to secure anything even now, which would solve the problem? Doesn't appear so. They are wasting time bugging Howard Forums. Securing their system will take some time and negotiations with the carriers. All the users from Sprint, AT&T, Palm, etc(see their web page to see how many »www.mobitv.com/channels/ ) have paid about $10/mo for access. To add in security now means downloading code in to hundreds of thousands of devices from many different carriers. That isn't something they will just dash off. It could be quite a while before they fix any security holes. Ok. Are they working on it at all? If they are so bent out of shape over the gross negligence on their part this, why not just take down the site and all access until they have it "fixed"?
The bottom line is that they screwed up, royally, and now they are trying to blame the fact that the links were out there naked on others. They should be going after whoever they have minding the store, so to speak. If it's anyone like their clueless "lawyer", I can see why they had a problem.
edit: just saw your post below. Looks like they finally figured it out. 
--
10,690 DEADLY TERROR ATTACKS SINCE 9/11~~TEAM DISCOVERY
Can't feel you anymore, don't need you anymore, don't believe you anymore, I don't need you anymore
|
|
