Topsite (warez)

Topsite is a term used by the warez scene to refer to underground, highly secretive, high-speed FTP servers used by release groups and couriers for distribution, storage and archiving of warez releases.[1] Topsites have very high-bandwidth Internet connections, commonly supporting transfer speeds of hundreds to thousands of megabits per second; enough to transfer a full Blu-ray in seconds.[2] Topsites also have very high storage capacity; a total of many terabytes is typical.[3][4][5]

Overview

Security

Unlike their predecessors in the Bulletin board system (BBS) scene, topsites aren't advertised broadly. With the increased threat of police raids, topsites have been forced to employ elaborate security precautions in order to stay hidden from authorities.[6]

A typical topsite configuration will only allow users to log in from a certain ident and host (or IP range for users with dynamic IPs), with SSL encapsulation on all FTP sessions.[7] FTP bouncers are commonly used to hide the topsite's real IP address, and to share network load.

Along with an "official name", most topsites are also known in the warez scene by an abbreviation that is two or three letters long. Knowledge of the abbreviation as well as the official name is not shared, even between different scene members. For example, a topsite with the hypothetical name "Blackbox" could be abbreviated as "BBX" and subsequently referred to as "B**" during an IRC conversation between those with knowledge of the site.

Site channels

Activity on the FTP server is announced by a Sitebot in a private IRC channel which is usually invite-only. To receive an invite, users need to issue a command to the FTP server after logging in the site. This ensures that only those with accounts on the FTP have access to the channel. Sitebots typically run Eggdrop IRC bot software.

Dupe (duplicate) check

Release databases record release names and their release date & time, although fields vary from database to database. Examples of other common fields include ID3 musical genre names (for MP3 releases), sections, and nuke (release rejection) details.

Release databases are maintained to provide release groups with a service for checking existing release titles (i.e., to avoid duping another group). Some databases contain historical release records dating back to the BBS era.[8] Note that such databases are uncommon, due to a completely different release naming method (based on the ZIP file descriptor FILE_ID.DIZ, as opposed to a directory name), and lack of information from this period.

Release databases are usually updated by automatic processes that either recurse selected topsites searching for new releases (spidering), or catch pre-release announcements from site channels.

Release databases used by topsites are private, but a number of public websites exist with similar information.

Credit system

Credit system controls the amount of data that users can download. Most sites operate by using an automated credit system. When a user uploads a file, their account is credited for an amount based on the uploaded file size, commonly multiplied three times. For example, when a user uploads a 15MB file, they may receive 45MB credits in return. Credits can be later used to download files from the site. Credits can be lost by uploading a bad release that gets nuked. Nuke multiplier affects the amount of lost credits. Nukes can be either site nukes (local) or scene nukes (global). Site nukes are issued when a release that is uploaded to the topsite violates site rules, such as 'No VLS' for the MP3 section. Another common site nuke is for backfilling, which is uploading something after a specific amount of time has elapsed from the time of release, usually 5 to 15 minutes. Typically the nuke multiplier for a site nuke is at least 3x, where all couriers responsible for racing the bad release will lose 3x the credits they gained uploading. These nukes will not be echoed out to pre channels, as they only affect the local site. Scene nukes are nukes which are echoed out to pre channels. Scene nukes usually occur when a release violates scene rules, such as wrong encoder, or when the release is outright bad, such as out of sync. The nuke multiplier for scene nuke on topsites is usually 1x; all the couriers lose all credits gained uploading the release and break even.[9][10]

Affiliates

A warez group may gain access to a topsite as an affiliate (or "affil"), thus making the site among the group's primary distribution points. Affiliation benefits the warez group as the site will grant a certain number of leech accounts to the group (the number usually depending on the reputation of the group), and the site benefits by becoming one of a collection of sites that has first access to the releases of the group, thus improving its own reputation. Typically, groups will affiliate with several topsites, in order to maximize efficient distribution by couriers to other (non-affiliated) topsites. A group will choose topsites based on geographical location, mostly by country but sometimes by region, such as Northern Europe or Western US. Barring extraordinary circumstances, a group selects just one site for each location.

Topsites may have any number of affiliates, and commonly advertise them in the welcome message to indicate to its users the quality of the site. The most exclusive topsites will avoid affiliating with an excessive number of groups for security purposes and also to maintain adequate network resources. Topsites may also remove (or "drop") affiliates for a variety of reasons, including the lack of productivity of the release group, conflict between the site operator and the group, and the group's decision to affiliate with another topsite in the same geographical region.

Each affiliate has access to a private, hidden directory on the topsite. This directory is used for uploading new releases before they are made available to other users. When a new release has finished uploading on each of the group's sites, a command is executed to simultaneously copy it into a directory accessible by other users, and trigger an announcement in the topsite IRC channel. This event is known as a pre-release (or "pre"), and must occur at the same time on every affiliated site.

The warez scene relies on strict release standards, or rules, which are written and signed by various warez groups.

Couriers

Couriers are a specific class of topsite users who earn their access by uploading new releases and filling requests. When a courier gains access to a topsite, they are often required to pass a trial test such as uploading a certain amount in a short period of time.

Couriers compete (race) against each other for respect, credits, access to other topsites, and fun. Private couriers often operate as independent (iND) couriers. Some couriers band together to form courier groups which provide support and friendship through camaraderie. Couriers/Racers are looked down upon more than ever by affiliates and topsite staff with the increase of scripts that perform the couriers tasks automatically; while some couriers call this efficient, others call it lazy.

Staff roles

Site operator

A site or system operator (siteop/sysop) is in charge of the day-to-day operation of a topsite. They have full (root) access to the server and are able to manage users, groups, and topsite scripts and daemons installed on server. They decide on site rules, and site sections (e.g. TV Rips, XviD movies, MP3 music, etc.). Site operators are also in charge of managing the site channel, and sitebot.

Group administrator

A group administrator ('gadmin') is a member of an affiliated group or courier group with user management rights over the group. Each group has a pre-negotiated number of leech and ratio users, or slots.

Takedowns

While these sites are protected with technologically advanced schemes, law enforcement operations such as Operation Buccaneer (December 2001) and Operation Fastlink (April 2004) have been able to gain access and shut down sites by infiltrating the copyright infringement groups that operate on them. As of June 2005, Operation Site Down was the latest significant law-enforcement attack on the warez scene. There were also busts in June 2006, with one US.biz site being busted, and several co-located servers being seized.

Hong Kong Customs uncovered a case when "copyright industry representatives" tipped them off in June 2009, resulting in the first case in Asia. Apparently, an international syndicate for unauthorized distribution used a topsite to download and then distribute copyright-infringing items such as movies, music, computer programs and videogame software.[11]

In September 2010, after being in the planning for two years, the police executed a file sharing raid in up to 14 countries across Europe.[12] Started by the Belgian authorities, it is suspected that a scene group in Belgium had been infiltrated.[13] Some of the ranked sites affected by the busts are BAR, LOST, DLR and SC.[14]

In December 2010, a site known as Devil was raided by the Swedish police after receiving information from an anti-piracy group. At least a dozen computers and servers were seized, containing more than 200 terabytes of media.[15][16]

In January 2011, the Dutch anti-piracy organization BREIN claimed to have taken down their largest topsite ever: Swan (previously known as ATS).[17] According to BREIN it contained 220 TB of data spread over 12 servers, but the operator of Swan, MrTB in Costa Rica, said it were only 8 servers with 175 TB of data.[18][19][20] The site was taken down by hosting provider WorldStream and without judicial process BREIN seized its servers. The owners of the servers retaliated by seizing them back and may sue BREIN for breach of privacy and property rights as BREIN is a private organization and has no special legal or investigative authority.[21]

Not all takedowns are successful. Operation Bahnhof (March 2005) failed when the officials entered an area that their warrant didn't include. Although they found several dedicated servers with terabytes of illegal material, they ended up being sued for illegal trespassing and harassment, and were accused of planting evidence, since one of the Antipiratbyrån (Swedish anti-piracy group) employees was trying to infiltrate the scene to gather evidence, and in doing so violated Swedish laws against entrapment.

Software

Some software that is used to run topsites.

FTP daemons

See also

References

  1. Howe, Jeff (January 2005). "The Shadow Internet".
  2. Bounie, David; Waelbroeck, Patrick; Bourreau, Marc (2006). "Piracy and the Demand for Films: Analysis of Piracy Behavior in French Universities" (PDF). Review of Economic Research on Copyright Issues. 3 (2): 15–27. Retrieved 2013-07-28.
  3. "BREIN Takes 'Loop' Top Site Offline". Topsite with 40 terabytes of storage.
  4. 1 2 "Report.of.US.Busts.20060608.READ.NFO-SDE". 2006-06-08.
  5. enigmax (2007-11-19). "Top Pirate Reveals Warez Scene Secrets, Attracts MPAA Lawyer's Attention". TorrentFreak.
  6. enigmax (2012-09-18). "Movie and TV Show Pirates Hid Topsite Server Inside ISP Network". TorrentFreak.
  7. enigmax (2007-11-19). "Top Pirate Reveals Warez Scene Secrets, Attracts MPAA Lawyer's Attention". TorrentFreak.
  8. enigmax (2007-08-11). "27 Years of Warez Scene Release Info Leaked in Giant Database". TorrentFreak.
  9. "The scene / topsite system". AboutTheScene. Archived from the original on 2008-08-01. Retrieved 2009-03-08.
  10. Craig, P.; Honick, R.; Burnett, M. (2005). "Sites". Software Piracy Exposed. p. 109. doi:10.1016/B978-193226698-6/50031-3. ISBN 978-1-93-226698-6.
  11. "Customs and Excise Department Departmental Review 2009 - Customs uncovers first "top-site" case in Asia" (PDF) (Press release). Hong Kong Customs and Excise Department. 2009-06-15. Retrieved 2010-09-29. Effected the first "top-site" case in Asia that an international piracy syndicate using high-speed Internet servers (generally called "top-site") to distribute copyright-infringing items, including movies, music, computer programmes and video game software was uncovered. The syndicate's setup in Hong Kong for distributing pirated items was smashed.
  12. Enigmax (2010-09-07). "Police in File-Sharing Raids Across Europe, WikiLeaks Host Targeted". TorrentFreak.
  13. Enigmax (2010-09-08). "Inside Yesterday's European Warez Piracy Raids". TorrentFreak.
  14. Enigmax (2010-09-17). "The Significance of the Huge European Warez Scene Raids". TorrentFreak.
  15. Enigmax (2010-12-17). "Police Raid 'Devil' Warez Piracy Topsite". TorrentFreak.
  16. "Devil.Busted.250TB.Swedish.Scenesite.And.Others-SCENENOTiCE".
  17. Mennecke, Thomas (2011-01-13). "BREIN Claims to have taken down Swan - the Largest Top Site 'Ever'". Slyck.
  18. de Vries, Wilbert (2011-01-13). "Brein haalt megatopsite Swan offline" [Brain gets mega topsite Swan offline]. Tweakers (in Dutch).
  19. "SWAN_AKA_ATS_BUSTED_SCENEWARNING-FUCKSAKE". SceneNotice.org.
  20. "Response.From.MrTB-2011-PEACEOUT". SceneNotice.org.
  21. Enigmax (2011-02-22). "BREIN Seizes Warez Servers, Owners Seize Them Back, May Sue". TorrentFreak. BREIN took the property of my client without any court order or warrant.
  22. Andrew Smith (b-bstf), A Guide To Internet Piracy, 2600: The Hacker Quarterly, Summer 2004
  23. 1 2 (Czech) Václav Jirovský, Kybernetická kriminalita, Grada Publishing a.s., 2007, ISBN 80-247-1561-9, p. 72
  24. "OMEGA.THERAPY.N-Record.PAYBOX.DETECTED.2009.GERMAN.DVDRip.XviD.READNFO-CLEANER". Archive of the scene notice has a users folder with xml files that contain the "org.drftpd.usermanager.HostMask" string. Pre date: 2009-11-22.
  25. "The.Scene.Today.Dec.2004.WAKE.UP-iND". Pre date: 2004-12-02.
  26. "All.SiteOps.OF.DRFTPD.SITES.READ.THIS.VERY.IMPORTANT.SECURITY.ISSUE.WITH.PATCH-FriendlyScener". Pre date: 2004-11-18.
  27. 1 2 "FUTURE.OF.THE.SCENE.EXTRA-SCENE". Archive of the scene notice contains a .raidenftpd.acl file. ioFTPD mentioned in the notice. Pre date: 2004-04-24. This notice appeared a couple of days after the Operation Fastlink US DoJ press release.
  28. "The.IP.HALL.of.SHAME.v1.06-LaF". Pre date: 2008-06-14.

External links

This article is issued from Wikipedia - version of the 10/31/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.