Internet Piracy - The Not So Random Walk
In July 2008, the United States Computer Emergency Readiness Team (CERT) announced a serious Internet flaw that had been found by security researcher Dan Kaminsky, founder of the company IOActive. What Kaminsky had discovered in April last year was that there was a fundamental flaw in the DNS protocol that would allow Internet servers to be hacked into to change the direction in which a request for a web site's URL would be directed using a hacking technique called DNS cache poisoning. In summary, Kaminsky found that in a poisoned cache situation, it was possible for a computer user to be re-directed to a bogus copy version of any web site even when they typed in the web site's correct URL address.
Hackers and some scam companies would have been able to duplicate web sites and send the traffic from a legitimate web page to the copied (spoofed) URL page or another site without the computer user knowing it. Using Kaminsky's expertise, CERT was able to coordinate a repair amongst the worldwide server vendors and communications hardware and software companies advocating 'closed dns tables' that primarily shut the door to this potential vulnerability. But web site traffic re-direction is still a huge issue and the spoofing of URL's and companies maintaining illegal copyright cache copies of other web sites is a growing issue. Unfortunately, maintaining cache copies of web sites is becoming the 'bread and butter' for some sites to profit at other's expense, and the liability risk from class action lawsuits against these pirates for copyright infringement is enormous. Interpol is probably the best police organization to coordinate the new criminal prosecutions at the global level along with a special commission to be established by the United Nations for corporate cybercrime.
Since the CERT announcement in 2008, web site owners and security professionals have been on the hunt for other vulnerabilities that could potentially exist on the World Wide Web. The key concern amongst most global webmasters is accounting for what is the 'true' traffic for a given web site versus the traffic that arrives at the legitimate server? Websites that run advertisements also search for means to perform chartered accounting type traffic studies at a global level to ensure all domain traffic and advertising 'clicks' end up at the legitimate server and not a copied or cached version of their site run by somebody else. When you dial a number it needs to ring the correct phone, and whoever said it was different on the Internet?
Much like the 'good bank' and the 'bad bank' separation that is being talked about in the financial markets, recent traffic studies have put into question the absolute honesty of some Internet providers. With the opening of the 'closets' in the financial markets, more attention is moving to those international companies who could potentially be committing Internet advertising and traffic routing fraud and which individuals are behind and profiting from these scams. Anybody who plays a 'good' game of chess will soon realize that the board is missing a few squares when it comes to 'honest' Internet traffic. Some companies have also moved to corrupting user's operating systems using malware to ensure traffic definitely goes their way.
Some would argue that at the international level the Internet will police itself, but for those who work hard to develop and create content, it is totally unacceptable to find your 'book' is on sale at a vendor you never met before and there is no way to become an international 'bestseller' because sombody keeps telling you that "The Great Gatsby" is still number one. We can already see a suffering music and film industry that searches for ways to pay artists and production companies to develop high quality content because all of a sudden it has become socially acceptable to be a big fraudster and copy international copyright material. Should society look up to this cheating behaviour or penalize it. In whose interest is it when the artist has their work stolen by the best technical pirate?
Today in 2009, the largest void exists within the international community to police corporate commercial Internet crime. Its a very serious issue because we are currently supporting a copyright infringement system that stifles creativity. Film producers, the artists, the singers, the actors and actresses no longer have an effective compensation system because their work is stolen before their eyes. Its not the little hacker that is the biggest concern; it is the corporate raiders who sit creating schemes to bolster their balance sheets using illegal methods.
Nobody ever created anything good by stealing it; and it is time for a strong international community 'push' to bring order to the Internet transaction space by clamping down on copyright fraud and dns traffic scams. Let us add the much needed squares to complete the board and appoint referees to manage the game, so that humanity can actually develop the potential of the Internet to its fullest.