QuoteUnless a school using the tool has firewalls on the borders of its network designed to block unsolicited Internet traffic -- and a great many universities do not -- that Web server is going to be visible and accessible by anyone with a Web browser. But wait, you say: Wouldn't someone need to know the domain name or Internet address of the Web server that's running the toolkit? Yes. However, anyone familiar enough with the file-naming convention used by the toolkit could use Google to search for the server. But surely there are ways a network administrator might keep this information from being available to the entire Web, right? Yes. The toolkit allows an administrator to require a username and password for access to the Web server. The problem is that the person responsible for running the toolkit is never prompted to create a username and password. What's more, while Apache includes a feature that can record when an outsider views the site, that logging is turned off by default in the MPAA's University Toolkit.
QuoteOn June 8, 2005, within weeks of sending his unsolicited e-mail, Anderson says he was put in touch with the MPAA's Dean Garfield, then the organization's legal director. Anderson says he told Garfield that he had "an informant that can intercept any e-mail communication." Anderson didn't tell Garfield he was the "informant," and that he'd already hacked into TorrentSpy's systems. The hacker, then 23 and living in Vancouver, British Columbia, claims he had cracked TorrentSpy's servers by simply guessing an administrative password. He knew the password was weak -- a combination of a name and some numbers.
QuoteThe MPAA does recognize that progress on DRM needs to be made soon, or impatient consumers will increasingly turn to unauthorized sources for content. "We're working on this right now, trying to find ways to make it interoperable," he said, but added that pricing and business models for such a system are "way beyond my pay grade." Dean Garfield, VP of Legal Affairs for the MPAA, told me that he has confidence in the market to sort all of these issues out. "You have to give some thought to how young the digital distribution market is," he said. "I suspect that the issues confounding people today won't be the issues challenging the industry six months from now."
QuoteLet's take the studios' argument to its extreme. A buyer could be subject to legal liability for ripping purchased DVDs at home onto a purchased portable video player without either first seeking permission or purchasing the content again for specific use on the portable video player. One wonders whether a court would embrace such an argument. Load 'N Go Video likely will assert that it has engaged in "fair use" for copyright purposes, and that such fair use trumps the claims of the motion picture studios under the Copyright Act and the Digital Millennium Copyright Act. While Load 'N Go Video under these facts does have a defense to assert, one must keep in mind that the motion picture studios, like the music industry, have been very successful to date in seeking to protect their copyright works. Stay tuned to see how this case plays out.