«

»

Feb 15

Print this Post

Implications of the Megaupload Megashutdown.

On January 20th, the FBI seized and shut down the cloud-storage site megaupload.com and in a coordinated raid in New Zealand arrested the company founder and other key personnel.

A Scene Out of a James Bond Film

If defendants have no other means to pay their legal bills, they can probably get quite a Hollywood payday for the rights to this story.  Of course, the irony of a movie studio buying the rights to a story where someone is accused of costing them millions of dollars by infringing on their rights is enough to make one’s head spin.  But that is just the start.

Megaupload’s founder is named Kim Dotcom.  Yes, that’s his genuine legal name, changed from Kim Schmitz.  He’s been previously convicted of fraud and embezzlement.  During the dotcom bust, Kim Dotcom bought up the near worthless shares of a failing company, announced that he was going to spend hundreds of millions of dollars rescuing it, and then dumped the shares on the bounce.  Kim Dotcom lived in what was described as the most expensive home in New Zealand, which he rented because he could not pass the ‘Good Character’ requirement to own real estate in New Zealand.  The massive estate includes palatial grounds, swimming pools, a garden maze, tennis courts, fountains and lakes.

The Dotcom Mansion

...Sure looks like an action film evil genius hideout!

New Zealand law enforcement had to work their way through multiple layers of electronic defenses and then cut their way into a safe room in order to arrest the hiding Mr. Dotcom.  Cars siezed as part of the raid included a Pink Caddilac and a Rolls Royce Phantom Drophead Coupe.   According to the FBI indictment Kim Dotcom personally made over 42 million dollars from Megaupload last year.

What Was Megaupload.com

Megaupload.com was one of a number of cyber-vault services.  Members paid a monthly fee to be able to upload and store whatever they wished on Megaupload’s servers.  They would then get a URL that they could publish or distribute to others.  Anybody could use the link to download the file for free, although they could pay a premium for faster downloading.

What Made Megaupload a Target

The DMCA has a protection for site operators that shields them from prosecution as long as they they act promptly to remove infringing material when requested by the rights holder.  Megaupload had such a process, but it was flawed.

Megaupload did de-duplication of files on their servers.  An example of this occurs when one user uploads a movie file and is given a URL to allow others to download it and then another user uploads the same movie file.  By using a hash value table, Megaupload’s server software could easily tell that they were identical.  The software would then not store the second file but simply give the second user their own slightly different URL that pointed to the one copy on the servers.  A particular pirated movie might have dozens, even hundreds, of different URLs pointing to it.  When a copyright holder complained to Megaupload about a particular file Megaupload would disable that URL…but not the file or any of the possibly hundreds of other URLs that pointed to the same file.  They also would not prevent other users from uploading the same identical file again.  Not only was it technically feasible for Megupload to accomplish these additional protections of the known copyrighted material,  but the criminal indictment states that Megaupload knew that it was possible because they were working to take such actions on child pornography.

In addition the criminal indictment cites company e-mails, presumably obtained from an inside informant, showing that Megaupload employees knew about and regularly used pirated content from their servers.


Casting a Cloud on the Cloud

The action by the FBI did not just shut down the serving of pirated content on Megaupload, or even the sharing of music and video.  It shut down the entire site and everything stored there.  Nobody knows exactly what percentage of Megaupload’s storage was used for pirated content and what percentage was used for legitimate personal and business files.  However even if the percentage of Megauploads content that was legitimate was small, it no doubt included millions of users and terrabytes of data.  Cloud storage is one of the big hot trends in computing  and anybody who relied on the safety of Megaupload’s data centers to store important information is left with nothing but a FBI logo.  It is completely unclear when, if ever, Megaupload customers will be able to get their data.  If a cloud storage site, even one that at one time was the 12th busiest site on the internet, can disappear without warning, then it makes sense to have a backup on a hard disk in your personal possession.

FBI Shutdown Notice

That screenplay you had been working on for years and was shopping to the studios...I hope you had a backup plan!

As to the subject of de-duplication, many cloud storage sites, including web-based e-mail, do it.  It is what allows them to offer so much storage for such a reasonable price.  Those sites are undoubtedly going to need to review their DMCA response procedures to be sure that all copies are removed.  So if you store a bunch of files on a cloud storage server, it is possible that individual files might suddenly disappear from it.

Perhaps the most high-profile example of de-duplication is Apple’s recently created iTunes Music Match, which touted being able to upload one’s music library in “minutes, not weeks” because it only uploaded songs which nobody had ever uploaded before.  I had previously discussed the piracy enforcement implications of this in The iTunes Honeypot.  Given the example of Megaupload, one would presume that Apple would delete everybody’s copy of a song in response to a DMCA complaint.  Would they go the extra step of reaching into your computer and deleting the copy in your local iTunes library?  I don’t know, but I’m sure Apple CEO Tim Cook would not relish the thought of FBI agents banging down his door to arrest him or having apple.com replaced with a FBI notice. 

Implications Regarding SOPA and PIPA

This was a law enforcement action long in the making, so it is almost certainly a coincidence that it came the day after widespread protests from web sites and web users caused Congress to postpone action on SOPA and PIPA.  But it is an informative coincidence.

  1. It shows that while much of what is included under the umbrella of ‘piracy’ (such as links in blog postings) is unlikely to be causing actual lost revenue, there are also major actors who are making huge quantities of money directly or indirectly from piracy.
  2. Law enforcement already has the tools to pursue these major players.  It may have taken a lot of investigative work and international cooperation to get Mr. Dotcom.  But it did happen.
  3. There is always splash damage from these actions on innocent persons.  The users of Megaupload.com who archived their personal files or the businesses using it to send information to customers and branch offices certainly had no way of knowing that Megaupload.com was more dangerous than the dozens of other cloud storage sites.  Yet they now suffer the consequences of the activity of others.
  4. The purpose of SOPA and PIPA is to make it easy to shut down sites such as Megaupload with relatively little law enforcement effort.  Given the consequences of such shutdowns, I am not convinced that making them simple and routine is wise.

About the author

Daniel Nolte

Architect, Network Administrator, Computer Forensics Administrator, Voiceovers. website,

Permanent link to this article: http://betweenthenumbers.net/2012/02/implications-of-the-megaupload-megashutdown/

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>