copyright infringement, bit torrent, and wireless security.

spacerobot

So I really thought this would never happen to me... I was just checking my comcast e-mail and had received a notice from the comcast legal response center of network abuse regarding the Digital Millennium Copyright Act.

The email states that they had received notice that "The copyright owner has identified the Internet Protocol ('IP') address associated with your Service account at the time as the source of the infringing works." They go on to say that this is against comcast terms of service and can result in termination or suspension of service. At first I thought it was kind of strange because I have only used bit torrent once, and that was to download open office and it was over six months ago.

I scroll down in the email to read the Copyright work identified in the notification of claimed infringement, and it gives this:

Title: The Witcher

Infringement Source: BitTorrent
Infringement Timestamp: 21 Mar 2008 22:53:14 GMT
Infringement Last Documented: 21 Mar 2008 22:53:14 GMT
Infringer Username:
Infringing Filename: The.Witcher.crack.zip
Infringing Filesize: 16579367
Infringer IP Address: --.--.---.--
Infringer DNS Name:

---

.hsd1.il.comcast.net
Infringing URL: http://---.---.---.---:8080/announce

They did include my ip address in this, which is where those dashes are.

I then checked with my roommate to see if he ever uses bit torrent, and he says no, I believe him. I then check with my other roommate, and he says yes, but he has never heard of the witcher. (he then said he would stop download the rest of the star trek episode he was downloading). Because neither of them had downloaded it, it only leaves one other roommate that is not here right now, and is currently in the process of moving out today.

The interesting thing is, is that the roommate that is moving out was the only person that was in our apartment on March 21st, the date of teh infringement. everyone else was home on spring break. Another interesting thing is that I have never seem him play a video game on his computer, which leads me to believe that it might not be him. Of course I am going to approach him about it next time I see him.

So I guess I have a few questions:

1) Am I in trouble since the internet bill is under my name?
2) Is this just a warning from comcast or am I actually going to be sued?
3) If it is the one guy from my apartment, and I am being sued, is it possible to legally put it on him?
4) We have secured wireless network, so is it possible that someone somehow got onto our network and downloaded it?
5) Are there any additional security measures that I can add to our network? In order to use our network you have to enter a long WEP code... is there anything else I can do?

Thanks for your help! I'm freaking out only a little bit since I'm poor and can't afford to give any company money.

kdrudy

I have gotten similar ones in the past from Comcast, they seem to have mostly been warnings and nothing more, I never heard anything more about them. That said I don't know how they will react if you get more of them.

Daenris

Well, what exactly does the email say? Based on the little that you've provided of it, it doesn't actually sound like any kind of notice of legal action. I think right now from Comcast it's probably just a warning. Does the email request you do anything or contact them or anything?

WEP is the least secure wireless security. It's fairly trivial to break it. You should use WPA or WPA2 security. You can enhance this with MAC address filtering.

If you were being sued, you would be hearing about it from the company suing you, not from Comcast. It's possible that Comcast has turned over your information to them and you'll be hearing from them in the future, but I suspect that right now -- from what you've said -- this is just a warning from Comcast to stop all illegal activities on your account or they will suspend your service.

spacerobot

Daenris wrote: »

Well, what exactly does the email say? Based on the little that you've provided of it, it doesn't actually sound like any kind of notice of legal action. I think right now from Comcast it's probably just a warning. Does the email request you do anything or contact them or anything?

WEP is the least secure wireless security. It's fairly trivial to break it. You should use WPA or WPA2 security. You can enhance this with MAC address filtering.

If you were being sued, you would be hearing about it from the company suing you, not from Comcast. It's possible that Comcast has turned over your information to them and you'll be hearing from them in the future, but I suspect that right now -- from what you've said -- this is just a warning from Comcast to stop all illegal activities on your account or they will suspend your service.

Here is the first part of the email:

Dear Comcast High-Speed Internet Subscriber:

Comcast has received a notification by a copyright owner, or its authorized
agent, reporting an alleged infringement of one or more copyrighted works made
on or over Comcast's High-Speed Internet service (the 'Service'). The copyright
owner has identified the Internet Protocol ('IP') address associated with your
Service account at the time as the source of the infringing works. The works
identified by the copyright owner in its notification are listed below. Comcast
reminds you that use of the Service (or any part of the Service) in any manner
that constitutes an infringement of any copyrighted work is a violation of
Comcast's Acceptable Use Policy and may result in the suspension or termination
of your Service account.

If you have any questions regarding this notice, you may direct them to Comcast
in writing by sending a letter or e-mail to:

Comcast Legal Response Center
Comcast Cable Communications, LLC
650 Centerton Road
Moorestown, NJ 08057 U.S.A.
Phone: (856) 317-7272
Fax: (856) 317-7319
E-mail: dmca@comcast.net

For more information regarding Comcast's copyright infringement policy,
procedures, and contact information, please read our Acceptable Use Policy by
clicking on the Terms of Service link at http://www.comcast.net.

Sincerely,
Comcast Legal Response Center

Copyright work(s) identified in the notification of claimed infringement:

---

It sounds pretty much like a warning, which is good I guess.
I'm very interested in boosting the security level of our network. I don't want this to happen again. How would I go about doing that?

matt has a problem

It's pretty much Comcast going "Hey, stop that. We're watching." Also, considering that it was apparently just a crack, he hasn't actually downloaded anything protected by any copyright.

Also, Comcast doesn't turn over info to companies unless it's by court order. In which case you'd be receiving a notice from whoever made The Witcher, and not Comcast.

If you're using any P2P program though, use PeerGuardian2. Occasionally checking your DHCP table to see if anyone's piggybacked onto your network doesn't hurt, either.

To boost your security, switch from using WEP to WPA or WPA2 if your router supports it. WEP is pretty easily cracked. Also set your router to stop broadcasting your network's SSID, making it harder for anyone to just browse for a signal.

Daenris

Yeah, that email is just a warning. They don't tell you they're taking any action, they don't tell you to take any action about it (aside from stop using their service for illegal things). Comcast is just letting you know that you've been identified as sharing files and they want you to stop.

DeShadowC

Daenris wrote: »

WEP is the least secure wireless security. It's fairly trivial to break it. You should use WPA or WPA2 security. You can enhance this with MAC address filtering.

While I agree with increasing your wireless security. Part of breaking a wireless system is masking your mac to match one of the active ones though. So mac filtering would be broken without the hacker even know you had it on.

Daenris

DeShadowC wrote: »

Daenris wrote: »

WEP is the least secure wireless security. It's fairly trivial to break it. You should use WPA or WPA2 security. You can enhance this with MAC address filtering.

While I agree with increasing your wireless security. Part of breaking a wireless system is masking your mac to match one of the active ones though. So mac filtering would be broken without the hacker even know you had it on.

I was only suggesting it in addition to increasing to WPA or better security. When someone fakes a MAC address to duplicate one of an existing system on the network, this can cause conflicts that are likely to be noticed by the legitimate owner of that MAC address. In truth though, you're right. If someone cracks the WPA or WPA2 security, then MAC filtering certainly isn't going to give them pause.

But you definitely NEED to upgrade from WEP if you're at all concerned about security.

spacerobot

how would I go about increasing the security?

Daenris

What model of router are you using? If you go into the router's administration look for options about Wireless Security or something like that (basically wherever it is that you or someone else originally set it to WEP). Look if there are other options (WPA, WPA2).

TL DR

Lifehacker just ran an article about this kind of thing. It was more geared towards how to avoid the letter in the first place, but a lot of the comments were people in a situation like yours, as in they received a cease & desist letter without doing any downloading.

Basically, there's a chance they're wrong.

If it turns out someone used your connection, they can't prove it was you. Don't admit to anything, even in the sense that if they ask you to delete the "infringing files" you shouldn't confirm that you knew about them by saying you deleted them, etc etc.

edit: how do you connect to your router if it doesn't broadcast an SSID?

Daenris

Hurt and Burn wrote: »

edit: how do you connect to your router if it doesn't broadcast an SSID?

If you know the SSID you can connect to it, but it doesn't announce itself for other people to see.

spacerobot

I'm not too sure about the SSID. When I go to connect, it shows "SSID : "network name""
It shows that for about all 20 other connections available.
Also, it's a linksys router, not sure about the model at the moment.

matt has a problem

On a Linksys with at least relatively new firmware, disabling SSID broadcast would be under "Wireless>Basic Wireless Settings".

Changing WEP to WPA is under, of course, "Wireless>Wireless Security".

Disabling SSID just means that you'll actually have to tell whatever device you're trying to connect wirelessly the network name, instead of being able to pick it off a list. That list of 20 connections would be all the SSIDs being broadcast of everyone around you. A lot of networks = a lot of people connecting to those networks = a bigger chance someone is trying to sneak onto one of those networks for free access. So yeah, disable the SSID.