The Recording Industry Association of America (RIAA) is working with several outside companies to investigate using technology against online music traders. In effect, it is considering the use of tec

The Recording Industry Association of America (RIAA) is working with several outside companies to investigate using technology against online music traders. In effect, it is considering the use of techniques devised by malicious hackers. An RIAA spokesman declined to confirm or deny the reports except to say, "We do work with third-party efforts that include software, but we do not discuss the particulars."

The plan, as described by sources, begins with programming a computer to find copyrighted songs being offered illegally online. When it locates a song, it requests a download in the same way an individual person would except for two important differences: It downloads the track extremely slowly, and it requests the download over and over again. This clogs up access to the host computer and blocks anyone else from downloading the song.

The Code Red worm was similar, except rather than making the requests itself, it infected thousands of unsuspecting users' computers with instructions to contact the White House's computer on a particular date. Its thwarted goal was apparently to paralyze the government's computers.

This technique is different from the more common SYN -- or TCP synchronization packet -- denial-of-service attack. In a SYN DOS attack, the attacker's computer asks for a connection with another multiple times without waiting for a response as it normally would and thereby overwhelms the victim's computer. The result is the same, however: the victim ceases to function.

Technologically savvy computer users are already discussing the shortcomings of the RIAA's plan. For one, it could be expensive because of the bandwidth required to do the clogging. Second, it is relatively simple for the targeted swappers to require a minimum download speed or transfer rate. Third, because the attacker's Internet address is disclosed when it first makes contact with the target, retaliation against the RIAA's computers is probable.

Questions? Comments? Let us know: @billboard

Print