Club CDFreaks - Knowledge is Power - View Single Post

julioman · 18-02-2004

** May i burst your bubble a little ? If they (mpaa , riaa , **fbi) suspect your ip or isp of something illegal.. your **privacy means nothing.

True enough to a point. The issue is with P2P your IP is visible to the computer you are getting your file from, you connect directly. Your IP is known without any effort, i.e. they can put a file if you get it they have you IP, time you got it etc.

With Usenet, since premium servers (PS) are not required to log downloaders (and in fact not required to log posts either, they do so mainly to deal with spammers), if the mpaa or riaa wanted to see who d/led a file, the PS would not be able to tell them that. They simply do not have that information. Also keep in mind that Usenet is composed of 1000s of Usenet servers large and small. Even if PS service X logged, others do not, so at most they would have who downloaded from X but no idea of anywhere else.

Granted if the matter is very serious, say involving national security, they can get an order and sniff everything coming in and out of a PS, but again that would be only one not all the rest of them.

**Better get an ISP who doesn't keep his logs any second longer than is mandatory by the law. I'm sure newscene.com is obliged by law to at least log something to **trace you.

They have your credit card transaction, however they also accept money orders. They know you accessed them using a specific username/password and the IP address and that you d/led x amount of data and y number of group requests, but that is it.

Also look at the spam on Usenet. The reason for it is that there are 10000s of pcs all over the world that have insecure setups that have Usenet posting access. Their nntp ports are open to anybody. Spammers will route their posts thru several of them so that all the ISP sees when they log a post is that it came from IP address xxx.xxx.xxx. but the trail stops there.

****SLL only protects the transaction , not the content on the server or clients.

That is the idea, someone sniffing your traffic, such as your ISP, sees you made a connection to the PS and that data was transferred, the amount of it and that it was via SLL but that is it, they have no idea what is was.

****It all depends on how much they want to get you of course. One simple visa transaction to newsscene.com's premium membership is enough info for the feds to ****knock on your door.

Having an account with newscene or easynews is completely totally legal. I use them to go to Oracle, JAVA, and DVD authoring, etc groups everyday and regularly post there. Google groups is just a view of the text side of what Easynews and newscene carry.

If the feds are already looking at you odds are they have install keylogging software on your pc etc,. d/ling from Usenet is the least of your worries.

Will the day come when PS will be required to log downloaders and make those available? Maybe, but I doubt it will be a secret thing. Word would get out pretty quick that PS are now required to log stuff. An again keep in mind that there are 1000s of Usenet servers out there all over the world.

18-02-2004	#7 (permalink)
julioman New on Forum Join Date: Feb 2004 Posts: 3	May i burst your bubble a little ? If they (mpaa , riaa , fbi) suspect your ip or isp of something illegal.. your privacy means nothing. True enough to a point. The issue is with P2P your IP is visible to the computer you are getting your file from, you connect directly. Your IP is known without any effort, i.e. they can put a file if you get it they have you IP, time you got it etc. With Usenet, since premium servers (PS) are not required to log downloaders (and in fact not required to log posts either, they do so mainly to deal with spammers), if the mpaa or riaa wanted to see who d/led a file, the PS would not be able to tell them that. They simply do not have that information. Also keep in mind that Usenet is composed of 1000s of Usenet servers large and small. Even if PS service X logged, others do not, so at most they would have who downloaded from X but no idea of anywhere else. Granted if the matter is very serious, say involving national security, they can get an order and sniff everything coming in and out of a PS, but again that would be only one not all the rest of them. Better get an ISP who doesn't keep his logs any second longer than is mandatory by the law. I'm sure newscene.com is obliged by law to at least log something to trace you. They have your credit card transaction, however they also accept money orders. They know you accessed them using a specific username/password and the IP address and that you d/led x amount of data and y number of group requests, but that is it. Also look at the spam on Usenet. The reason for it is that there are 10000s of pcs all over the world that have insecure setups that have Usenet posting access. Their nntp ports are open to anybody. Spammers will route their posts thru several of them so that all the ISP sees when they log a post is that it came from IP address xxx.xxx.xxx. but the trail stops there. SLL only protects the transaction , not the content on the server or clients. That is the idea, someone sniffing your traffic, such as your ISP, sees you made a connection to the PS and that data was transferred, the amount of it and that it was via SLL but that is it, they have no idea what is was. It all depends on how much they want to get you of course. One simple visa transaction to newsscene.com's premium membership is enough info for the feds to **knock on your door. Having an account with newscene or easynews is completely totally legal. I use them to go to Oracle, JAVA, and DVD authoring, etc groups everyday and regularly post there. Google groups is just a view of the text side of what Easynews and newscene carry. If the feds are already looking at you odds are they have install keylogging software on your pc etc,. d/ling from Usenet is the least of your worries. Will the day come when PS will be required to log downloaders and make those available? Maybe, but I doubt it will be a secret thing. Word would get out pretty quick that PS are now required to log stuff. An again keep in mind that there are 1000s of Usenet servers out there all over the world.