Worst Idea Ever: Fighting Copyright Infringement with Malware and Rootkits

If rights holders had their way they would have the ability to install rootkits and deploy malware that would include Ransomeware (restricted access to your computer until you pay them a fee) on to the computer systems of hackers and illegal file downloaders in order to fight piracy and cyber attacks. This may sound a little too over-the-top, but these are just some of the crazy ideas presented in a new report by the Commission on the Theft of American Intellectual Property.

Given the ability of rights holders to actually identify when a person downloads a file illegally in court, the idea of installing malware on PCs "suspected" of ill behavior seems like the worst idea ever, but that's what they are proposing. From the report:

Additionally, software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account. Such measures do not violate existing laws on the use of the Internet, yet they serve to blunt attacks and stabilize a cyber incident to provide both time and evidence for law enforcement to become involved.

To deal with cybersecurity threats, the group proposes allowing those attacked by hackers to attack back:

While not currently permitted under U.S. law, there are increasing calls for creating a more permissive environment for active network defense that allows companies not only to stabilize a situation but to take further steps, including actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network. Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network.

The report highlights just how backwards rights holders are when it comes to protecting their intellectual property. Installing malware and rootkits people can't get rid of (and on PCs that they cannot 100 percent confirm actually engaged in illegal activity) is the worst idea in the history of ideas. It's almost as bad as letting lobbyist write laws in Washington.. Oh wait.

You can read the rest of this report here.

Source: Boing Boing


Tweet about this on TwitterShare on FacebookShare on Google+Share on RedditEmail this to someone


  1. 0
    Hevach says:

    None of which would apply in professional terminology due to their remote nature.

    It could be passed off as colloquial use instead of professional use, if not for the fact that the rest of the paper makes a point of qualifying that distinction when it's talking about attacks and currently-legal recourse options.

    So they're either flipping uses of several words, not just physical and remote, mid-paragraph, or they're advocating something else copyright enforcers have attempted to do in the past and had backfire. The old stupid or evil conundrum only coming from a group who are safe from consequences of the evil, since they wouldn't be the ones actually doing any of the things they say should be done.

  2. 0
    DorthLous says:

    Pretty much. And what I mention are old attack vectors that I know off. Who knows just how bad it can get if you get a lot of people working 40h/weeks on the subject with laws backing…

  3. 0
    DorthLous says:

    No, you can do physical damage by, let's say, changing the drivers on the disks and have the arms perforate it or alter the firmware on the motherboard, shut down as many fans as you can and power up the cpu and any attached gpu until you melt things up.

  4. 0
    Hevach says:

    Oh, yeah, this is a brilliant idea: Make yourself indistinguishable from the scams using your name to extort money from innocent people.

    That won't backfire at all.

    I'm more concerned about this one: "physically disabling or destroying the hacker’s own computer or network."

    This is either very terrible wording or the suggestion here is to gain physical entry to a private residence with intent to cause damage. Because in IT, the term "physical" in regards to access or damage to a system means in person, with hands on the keyboard. Something that can not, by definition, be done over the internet.

  5. 0
    MechaCrash says:

    They are basically asking for the right to be judge, jury, and executioner. And they don't even need to be sure you're doing it, they just have to suspect that you might be doing this.

    They're a pack of thugs and extortionists. Why aren't we treating them like it?

Leave a Reply