back to article Sony Pictures hit by 'fightback on filesharers' DDoS claims – report

Sony Pictures is alleged to have conducted a retaliatory DDoS attack against websites currently holding its leaked information for public download, according to a media report. The unconfirmed strike-back follows the two weeks of relentless attacks on Sony networks, punctuated by extortion demands, as well as the theft and …

  1. Frankee Llonnygog

    DDoS?

    Yeah, that'll work against BitTorrent

    1. Anonymous Coward
      Anonymous Coward

      Re: DDoS?

      You absolutely can DDoS a torrent if you have the resources. You either attack the tracker if it's not decentralised, or you just jam the hell out of the peers that try to connect and send loads of junk data.

  2. jaycee331

    Can't quite figure this one

    Some other news sources suggest this isn't really a DDOS. A possible case of Sony just standing up a bunch of aws instances to join the torrent swarms leaching the leaked archives and seeding them with junk content. Making the files ultimately impossible to retrieve in original form. Possibly using a modified client to fake the hash value. Or something like that ;)

    1. Salts

      Re: Can't quite figure this one

      Or they are just doing a restore of their lost data :-)

  3. Marvin O'Gravel Balloon Face

    They've got form, remember the "rootkit on the CD" debacle.

  4. Roo
    Windows

    Surprised Sony refused to comment...

    Usually PR hacks are only too happy to assure the general population that they're doing nothing illegal - why the reluctance to whitewash their name today ?

  5. Anonymous Coward
    Anonymous Coward

    done and dusted?

    I can't seem to buy stock options puts on sony now which are no risk bets that the price will tank. Have the market makers given up on them?

    1. Anonymous Coward
      Anonymous Coward

      Re: done and dusted?

      You'd need a pretty stupid market maker to sell you the put. Tried RBS?

  6. Anonymous Coward
    Anonymous Coward

    surely not

    Sony would never do anything illegal ?

    rootdisk, that introduced security vulnerabilities on 22 million music CD's.

    Betamax VCR, which used cassettes to store potentially copyrighted information.

    No they have no history of every breaking the law.

    I would love to include downgrading the PS3, but technically they did not break the law, because there was no law in place to protect from this particular bait and switch technique using a firmware.

  7. T. F. M. Reader

    No fan of Sony, but...

    I read the re/code article yesterday and noticed that it said DoS, but by the time I read through to the end it didn't seem like denial of service at all. It looks like Sony - if the reporting is right at all - let the curious public download fake torrent chunks. This does not sound to me as DDoS'ing anyone. I am not even sure that one can accuse Sony of faking anything - nothing that does not belong to them, at least. Not sure, either, that they are doing anything illegal given that they interfere with dissemination of stolen[*] digital property in the first place.

    It seems to me that calling it a DDoS is misleading.

    [*] For the pedantic among us: OK, illegally copied and published.

    1. Roo
      Windows

      Re: No fan of Sony, but...

      " I am not even sure that one can accuse Sony of faking anything - nothing that does not belong to them, at least. "

      By that logic it's open season on Sony's publishing operations (incl. websites) seeing as they occasionally infringe copyright. The fact is Sony don't own the servers, the storage or the pipes that stuff is traveling along, they would just be another bunch of self-righteous wanker script kiddies if they decided to do a bit damage.

      Oh they've root-kitted millions of PCs already you say ?

      Case closed.

    2. Trevor_Pott Gold badge

      Re: No fan of Sony, but...

      Interfering with dissemination of stolen digital property is the job of the police, not of Sony. What you are describing is an act of digital vigilantism, no different from any of the things Anonymous gets up to when trying to be the good guys.

      So pick a side: is digital vigilantism illegal, or not? If it is, then it is as illegal for a corporation as it is for an individual, full stop.

      1. Anonymous Coward
        Anonymous Coward

        Re: No fan of Sony, but...

        While it may be so, Sony is not alone in this. The big media operations (either singly or in unison) have been relentlessly trying to disrupt the piracy of their products via spoofing torrents and seeding broken files.

      2. Mark 85

        Re: No fan of Sony, but...

        So pick a side: is digital vigilantism illegal, or not? If it is, then it is as illegal for a corporation as it is for an individual, full stop.

        Trevor is right. Pick one and then live with it. If you say it's ok because Sony is an asshat, then what will you say when someone tries to pull the same crap on you or your company? The laws and rules in most places is blind in that it applies to everyone and every company whether they're asshats or not.

        Maybe they're doing the right thing in poisoning the torrents in their collective mind. But the table is turned and they get the same medicine, they'll howl up a storm and cry and sue. They can't have it both ways.

  8. Ralph B

    Sony's DDoS Resources

    If Sony were to add DDoS launching code to all the PlayStations in the world, in the next software upgrade, that'd make a sizeable botnet resource, don't you think?

    I'm sure they haven't done such a thing, but it's gotta be a temptation, eh?

  9. Anonymous Coward
    Anonymous Coward

    What about OFCOM or The Information Commissioners Office?

    Not for this but for the original Blag? If any of the compromised data has a UK component to it would this mean a massive fine?

    1. Alan Brown Silver badge

      Re: What about OFCOM or The Information Commissioners Office?

      " If any of the compromised data has a UK component to it would this mean a massive fine?"

      For Sony, yes.

  10. Anonymous Coward
    Anonymous Coward

    What's curious

    Did anyone else notice that The Pirate Bay servers were seized not long after they were hosting the corporate files? All these years, little done then slam, bam, thank you Man.

  11. Anonymous Coward
    Anonymous Coward

    I find the thought that Sony would launch a DDoS fairly hard to believe. Poisoning the well by adding a bunch of fake torrents, sure, but DDoS? Nah.

    Quite apart from the legal aspects (and Sony have plenty of money to be sued for, so you would expect at least a little caution there); a DDoS is 1) lame and 2) would be officially laying down the gauntlet for every hacker in the world. It would be announcing their intention to play the game from the black hat side and that would be tantamount to suicide.

    False flag?

    1. Trevor_Pott Gold badge

      "I find the thought that Sony would launch a DDoS fairly hard to believe."

      Why? Sony have repeatedly demonstrated that they have no morals or ethics whatsoever.

      "Poisoning the well by adding a bunch of fake torrents"

      This is digital vigilantism no different from a DDoS. Interfering in the distribution of stolen property is the job of the police, not an individual or corporation. In Canada, you'd go to jail for this. You aren't allowed to run down robbers, shoot people because they're on your property and you don't want them to be, etc. Be mindful that almost every country on the planet has laws against being a cowboy vigilante.

      1. Anonymous Coward
        Anonymous Coward

        Poisoning the well might play out differently in court to a standard DDoS for a couple of reasons:

        ☺ If Sony's using AWS instances then they are paying for much of the bandwidth involved, as opposed to the traditional method of using a pwned botnet where the bandwidth could be said to be stolen

        ☺ If it's proceeding as Rabbit80 says further down; then all the 'victims' of the attack are engaged in sketchy behaviour at the time of the attack (to whit: attempting to download data that they know was 'stolen'). Compare this to a 'traditional' DDoS when their victim is usually going about their lawful business.

        ☺ The basic method: A 'traditional' DDos aims to break things by flooding the machinery involved with more than it can handle. This attack aims to replace these packets with those packets. Entirely different thing.

        ☺ Collateral damage. Like I say, the point of a DDoS is to break stuff. This affects not only the target, but anyone else who was using the destination machine; and often spreads as other machines attempt to compensate and fall over themselves. Add in shared servers and the effects spreading to upstream and downstream providers and you can potentially ruin a lot of people's days. Poisoning the well would add a bit of stress to the host machine (who could themselves be said to be facilitating naughtiness), but probably won't break anything and should, in theory, not affect anyone who isn't actively involved in shenanigans.

        ☺ Precedent. There's lots of precedent for straight DDoS attacks; but little or none -AFAIK- for this sort of attack.

        ☺ Balance of power. Sony, I expect, can find a couple of quid and a lawyer or two to throw at the problem. I suspect that the 'victims' (people running the host servers and those attempting to download) would be 1) outgunned and 2) a little bit reluctant to engage as their own positions won't look that good in the harsh light of day.

        So. While I agree that the attack is indeed a denial of service, the 'distibuted' bit can be argued and it is radically different -in aims, methods, collateral damage and results- to what is usually referred to as a DDoS attack. That difference can and will be exploited if it comes to court; and there's enough mitigation in there (not to mention that the 'payload' is details of a large number of fairly influential people who will approve of the actions and might well be prepared to publicly support them) to keep a court busy for quite some time.

        I'm playing devil's advocate here a bit. I have in no way forgiven the fuckbags for their rootkit. Calling it a DDoS and expecting it to be tidily rubber-stamped as such with the perpetrators being automatically jailed might be a little optimistic though.

        1. Peter2 Silver badge

          "In Canada, you'd go to jail for this. You aren't allowed to run down robbers, shoot people because they're on your property and you don't want them to be, etc. Be mindful that almost every country on the planet has laws against being a cowboy vigilante."

          On the contrary, like other countries descending from the common law system Canada does allow you to make a citizens arrest. Your just not allowed to arbitrarily hang the person you've caught or give them a good kicking before the police arrive.

          1. Trevor_Pott Gold badge

            A citizen's arrest in Canada doesn't include the right to do violence to the other individual. It also has some very strict rules on things like "forcibly confining the person", etc. By the same token, you don't get to go seize your stolen property from someone else; you are to get the police involved, etc. Unlike the USA, the concept of a citizen's arrest is tightly regulated, as are your "rights" regard defense of your property/home/etc.

            I am almost 100% sure that Sony DDoSing someone (or a group of someone's via poisoning a torrent) would be illegal here in Canada if it wasn't done with the consent and cooperation of the police as part of an ongoing investigation.

            This has a great "layman's version" of Canada's citizens arrest rules: http://www.justice.gc.ca/eng/rp-pr/other-autre/wyntk.html

            Edit: I'd also like to state that case law basically says that you can't run down thieves. As a security guard or store owner you can detain them, if they are pretty much cooperative, but you cannot hop in your car and chase them around the block, jump out when they're tired, clock 'em, stick 'em in the truck and haul 'em back to the store to wait for the cops. That's very hollywood, but the basic rule of thumb is: once they're effective out of your control it's a matter for the police, not for citizens.

            IIRC, there may be some exceptions for trained PIs searching for high value items, but these folks typically have to declare themselves with the local police department and keep them informed of the progress of their investigation. (I am fuzzy on the details of this group's responsibilities.)

            The law on the books for citizen's arrests here has been very much restricted by case law.

            1. Peter2 Silver badge

              But you can't just kick the crap out of somebody if committing a citizens arrest ANYWHERE other than America. Look at Britain, Canada, Australia and New Zealand.

              The law in all of them is effectively identical- if you catch a thief then you can detain them, even using force. That is generally held to mean "catching them in the act and putting them in a restraint position", rather than "I tracked down the thief a week later and then beat them with a cricket bat until it snapped".

              This has always been the law. It's been the law since before the existence of a police force, hell- there's an example immortalised in Oliver Twist from 1838! The law has *always* demanded that the minimum possible force be used to prevent the person from escaping and that punishment should be the preserve of the court, not the capturer.

              Arguing otherwise is absurd. Even the link you provided backs me up. Did you read it? It's the same rules as everywhere else in the world implementing common law and the practicalities haven't changed much more than a few iotas for a quarter of a millennia.

              The only reason America is different is because they started off with the same system but were almost entirely rural for a very long time, instead of urban. On the frontier if your several days ride away from a sheriff and armed then shooting a criminal in the course of committing a crime is perfectly reasonable, and disabling somebody without killing them is actually showing a lot of restraint as is actually taking them to the authorities instead of just digging a shallow grave which is probably why their system is a lot more lenient in that respect.

              1. Trevor_Pott Gold badge

                I am not sure where you get from that the idea that a DDoS would be legal.

  12. Peter Simpson 1
    Thumb Up

    Nice artwork

    Surprised nobody has commented on it.

    1. Keven E.

      Re: Nice artwork

      Kinda reminds me of Al Jaffee.

  13. Anonymous Coward
    Anonymous Coward

    As Bugs Bunny said, "this is war".

  14. Rabbit80

    Not what I have read..

    From my own understanding, Sony is not using a DDoS attack, but instead they are attempting to poison the torrents that have been leaked.

    The way this appears to work is that the (AWS) servers join the torrent swarm and advertise themselves as seeds. They then pass garbage to the peers instead of legitimate chunks. Of course the peers then also start spreading the garbage as well.

    In order for the peer to recognise that the chunk is a fake, they must download the entire chunk and verify it's hash - by which time it is too late and the partial garbage chunk is already being spread farther. I haven't verified this, but some BT clients apparently do not verify the hash of each chunk compounding the problem even more.

    Whilst not actually a DDoS, the principal is similar to the layman - the effect is to flood the swarm with irrelevant data thus making legitimate transfers a lucky dip slowing or stopping the torrent in its tracks.

    To be honest, I can't see why anyone would be aggrieved with Sony for these tactics - it does not affect torrent sites and is specifically targeted at stopping the transfer of data which was stolen from Sony (I use the word stolen in this case as the malware used attempted to erase the data from Sony's network)

    1. Anonymous Coward
      Anonymous Coward

      Re: Not what I have read..

      Possibly, if they only target the leaked data and not a torrent with a similar property (such as a name or an analysis of some of the leaked material)... kind of like Metallica threatening someone with legal action when the person had only used one of their song titles as a parody (protected in the U.S.) or the creators of Barney lobbing sue balls for people making fun of the purple dinosaur because they referenced their creation (also protected under free speech in the U.S.).

      I'd think the law would require them to contact the authorities instead of going vigilante. Otherwise, I would be allowed to walk into a Sony office and knee-cap people for the whole cd price fixing thing.

    2. Trevor_Pott Gold badge

      Re: Not what I have read..

      Because it is not the place of Sony to be policing the distribution of stolen goods. They have to rely on the police like everyone else. Anything else is vigilantism and that is flat out illegal pretty much everywhere but the USA. Even there, most jurisdictions would call it interference with the law.

      Sony doesn't get to play by a different set of rules than regular citizens. Either digital vigilantism is legal, or it's not. If it's not illegal, you can't go after Anonymous any more than you can go after Sony.

      Pick a side, and live by the law. Even when you find that law inconvenient.

      1. Anonymous Coward
        Anonymous Coward

        Re: Not what I have read..

        Sorry Trevor:

        "Sony doesn't get to play by a different set of rules than regular citizens."

        If I had attempted to rootkit the entire planet, pretty sure that I'd still have a stripy suntan today. AFAIK nobody from Sony was jailed.

        1. Roo
          Windows

          Re: Not what I have read..

          "If I had attempted to rootkit the entire planet, pretty sure that I'd still have a stripy suntan today. AFAIK nobody from Sony was jailed."

          It goes a bit further than that. Sony's actions and lack of response from the authorities is making the law look stupid. It shows that there is no point in abiding by the law because it is not being enforced where there is a large amount of harm done to a large number of people, and even worse it makes the police & judiciary look like a bunch of corrupt feckless numpties*.

          *= I know that they aren't all corrupt feckless numpties - but it only takes a few to screw everyone.

      2. 404

        Re: Not what I have read..

        Trevor,

        I find your lack of faith disturbing... if you haven't noticed, we're doing Rule of Man, not Rule of Law right now.

        The Federal rollercoaster the US citizen is dealing with... should worry everybody. We ain't exactly stable right now.

  15. Crisp

    How many illegal things does Sony have to do before they are taken to court?

    I'm still surprised that they got away with the rootkit thing without a single jail term being handed out.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like