Click Official ELI Links
Get Help With Your Extortion Letter | ELI Phone Support | ELI Legal Representation Program
Show your support of the ELI website & ELI Forums through a PayPal Contribution. Thank you for supporting the ongoing fight and reporting of Extortion Settlement Demand Letters.

Author Topic: We are the latest victim of the Getty Image extortion scam  (Read 36713 times)

jot

  • Jr. Member
  • **
  • Posts: 25
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #15 on: November 30, 2012, 05:09:13 PM »
"Even though the web server is public facing, it still has measures of protection enabled on it to protect it from unauthorized access.  PicScout.com bypassed those settings plain and simple to get to folders that were not available to them otherwise.  The only way to access the supposedly copyrighted image was to view it on the web page. "

In laymans words: Since picscout is a crawler and not a human beeing it can not see the pictures so they have to "intrude" to see the pictures by going into your files and taking a copy of your files.

Is my understanding correct ?

Khan

Correct....if they were only looking at the code of the page like most bots do, then all they would see would be a file name with a path to a folder. If the bot tried to access the folder, then would be blocked, so the bot or spider cannot access the files directly.  They use software that "tricks" the security measures that I had in place to think it is actually a user using a web browser, then they further trick the server to giving access to those hidden folders for access, then they download the image so they can compare the meta information.  This is the only way they can match up images as people usually rename files so matching the filename would do no good.  The problem with this is this bypassing bots and spiders cause excessive bandwidth usage on a server and can affect network performance. 

About a year and half ago, I starting noticing our bandwidth usage for our server going up, It nearly doubled to almost 2 GB downloaded every month (it used to be around 600 MB).  The number of visitors also jumped up by 20,000 to 30,000 more hits and I thought it was because of our social media tie ins, but I now know it was and still are trollers scanning my server and bypassing security settings to download files they have no business looking at.  If they want to actually use a human to view every page on my site looking for copyrighted images and then get screenshot captures of supposedly violations, then that would be completely ok.

I have already tracked down more IP addresses PicScout uses that are in the US including ones set aside to roll over to when their primary one gets found out.  It is truly amazing what searches on the Internet will uncover.

I am hoping to have a spreadsheet compiled of all of the more devious bots and spider domain info and IP addressing.  I need to have this so I can run my filters on our firewall logs so I can see when and how they were coming into my network and into my web server.

stinger

  • Hero Member
  • *****
  • Posts: 766
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #16 on: December 03, 2012, 09:03:01 AM »
Jot,

Welcome to the forum.

I expect that Getty is going to drop their alleged case against you and "run and hide" when they find what you discovered.  If they do so, I hope you will make your research completely available to everyone here.  And I hope you will stick around in this battle of right v. wrong.

Everything I have read indicates that Getty shies away from confrontation with firms large enough to employ a real law firm or their own internal lawyers.  Given the potential legal exposure in your case, I am certain they would rather cease and desist than stir up these waters.

But if we can develop your theory into a defense that works for most, we can put a large hurt on their troll business model.

lucia

  • Hero Member
  • *****
  • Posts: 767
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #17 on: December 04, 2012, 06:25:11 PM »

Correct....if they were only looking at the code of the page like most bots do, then all they would see would be a file name with a path to a folder. If the bot tried to access the folder, then would be blocked, so the bot or spider cannot access the files directly.  They use software that "tricks" the security measures that I had in place to think it is actually a user using a web browser, then they further trick the server to giving access to those hidden folders for access, then they download the image so they can compare the meta information. 

I'm trying to guess the specifics. Do you mean:
1) You limit viewing of the images to certain referrers and user agents and
2) You believe picscout spoofed the referrer and user agent?

I already know their browser add on presents a blank referrer and user agent.  Of course this can blocked by ordinary hot-link blocks in .htaccess.

I also know I've seen *tons* of scraping (and attempted scraping) by agents that present the top of the domain as referrer-- so they are spoofing: that is lying.   I've also see tons of scraping and attempted scraping by agents that try to present "http://the_top_of_the_domain.com/feed".   Presumably both are used to get around the hotlink block in .htaccess. (One can write a rule to deal with this too-- provided they either have no images in the feed and none at the top of the domain. Failing that, provided they know the names of the few images that can have referrers matching "http://the_top_of_the_domain.com/feed" or "http://the_top_of_the_domain.com/".

But... what I want to know-- is referrer and user agent spoofing what you are talking about? Or something else?

Oscar Michelen

  • ELI Legal Warrior
  • Hero Member
  • *****
  • Posts: 1301
    • View Profile
    • Courtroom Strategy
Re: We are the latest victim of the Getty Image extortion scam
« Reply #18 on: December 05, 2012, 06:46:17 PM »
My technical knowledge is severely limited so please excuse me if the answer to this question is obvious:  Jot, you state that it would be OK if they wanted to us a human to look at every page on your site to view images but it is different if they use a bot to look at the files on the servers. Why is that different? What is the different "damage" caused to you if they use the PicScout method as opposed to the "human" method?  is it the use of bandwidth?

Khan

  • Jr. Member
  • **
  • Posts: 70
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #19 on: December 08, 2012, 11:34:54 AM »
As I understand Jot, the breach of security is that you are not allowed to look at the files (like you are not allowed to hack the FBI and look at their files and download them) you are only allowed to look at the product of the file which would be the website. But not all files are “activeâ€. Pic. Scout only chance to view a picture is to download your files and compare the data, because Pic Scout can not see the product (website) Since Jot had a security installed they had to go through it to get the files like somebody who has to hack the FBI server to get some files.

Like: You watch a movie on a public server but you are not allowed to download it to your computer. Therefore they blocked it for downloading. But Pic Scout has to download it to watch it and they "hack" it to get it.

(I am not an expert too)  :(

lucia

  • Hero Member
  • *****
  • Posts: 767
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #20 on: December 09, 2012, 09:52:44 AM »
Khan--
Whether or not someone has to "hack" to look at something on the web depends on the details of *how* the web admin limited viewing.  I understand it was jots *intention* to "forbid" someone from viewing, but he has not said *how* or *what* he did.  If all he did was put a 'suggestion' in robots.txt, and picscout didn't follow that suggestion, then picscout did not "hack".   If he used .htaccess to use hotlink protection, he might be able to characterize very simple referrer spoofing as hacking-- but honestly, I doubt anyone technically competent would consider referrer spoofing a "hack".   I do rather complicated things involving using .htaccess to redirect certain requests for images through a file called 'imageDiversion.php". I'm not sure someone would consider circumvention by *referrer spoofing* a hack. However, they would likely consider it a hack if someone broke into my server and altered my "imageDiversion.php" file.

So I am interested in learning some of the nuts and bolts details of *how* jot is "forbidding" access. Because unless he is doing something unusual, I doubt that the method of access would be considered "a hack".

lucia

  • Hero Member
  • *****
  • Posts: 767
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #21 on: December 19, 2012, 12:14:28 PM »
Cool!!! Wow.

Greg Troy (KeepFighting)

  • ELI Defense Team Member
  • Administrator
  • Hero Member
  • *****
  • Posts: 1859
    • View Profile
    • Yeah, We Do That.
Re: We are the latest victim of the Getty Image extortion scam
« Reply #22 on: December 19, 2012, 12:53:13 PM »
That is awesome, I am looking forward to hearing what happens.
Every situation is unique, any advice or opinions I offer are given for your consideration only. You must decide what is best for you and your particular situation. I am not a lawyer and do not offer legal advice.

--Greg Troy

jot

  • Jr. Member
  • **
  • Posts: 25
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #23 on: December 19, 2012, 03:52:38 PM »
Sorry guys, under advisement, I had to remove an earlier post.  Lets just say this is going to be getting good soon.  I will post more when I can.  :)

Moe Hacken

  • Sr. Member
  • ****
  • Posts: 465
  • We have not yet begun to hack
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #24 on: December 30, 2012, 02:51:43 PM »
I missed the key post that jot had to take down, but it sounds like he may have caught PicScout crossing the fine line between data harvesting and illegal hacking. Can't wait to see what unfolds from this, and best of luck to jot.

Jot, tt really sounds like you've done a lot of homework on the legal and technical aspects of your case. Kudos!
I'd rather die on my feet than live on my knees

jot

  • Jr. Member
  • **
  • Posts: 25
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #25 on: January 10, 2013, 10:34:25 AM »
Thanks.  I haven't recieved any more letters from Getty since the first one and the response our CEO mailed to them.  Once I have more info I can post I will.  :)

SoylentGreen

  • Hero Member
  • *****
  • Posts: 1503
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #26 on: January 10, 2013, 11:29:23 AM »
Good discussion.

We've discussed the Picscout at length issue many, many times in the past.
Search for "trespass to chattels" on the forum to find out more.

This concept may have some merit in a big contentious fight.
But, it's rather moot... Getty's not going to sue you for infringing on one image that they probably don't even own.

I just don't want people to waste their time worrying about Getty/McCormack. lol

S.G.


Jerry Witt (mcfilms)

  • Hero Member
  • *****
  • Posts: 682
    • View Profile
    • Motion City
Re: We are the latest victim of the Getty Image extortion scam
« Reply #27 on: January 10, 2013, 11:56:50 AM »
Hi Jot,

Even though I'm willing to bet that your company is in the clear, I do hope you'll continue to participate on these boards. Perhaps at some point you can share more specifics about what they actually did to access your site.
Although I may be a super-genius, I am not a lawyer. So take my scribblings for what they are worth and get a real lawyer for real legal advice. But if you want media and design advice, please visit Motion City at http://motioncity.com.

Andre

  • Newbie
  • *
  • Posts: 1
  • Webmaster
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #28 on: January 10, 2013, 01:14:35 PM »
For starters, let me inform everyone that you can not access your neighbor's files through an unsecured wireless router. People in Cyber Cafes cannot access either. You have to give permission to do so.
------------------------------
I received a letter from Getty Images saying I was in breach of their copyright for 2 small photos I used on my website and they demanded $2,000 to settle the matter.

The images were not watermarked nor were they tagged with any Getty information so I was shocked to receive the demand and took the images off anyway.

When I looked into this it seems they send out thousands of the letters demanding money on the basis that some poor fools will pay them. Getty has NOT taken anyone to court for breach of copyright in these circumstances which leads me to believe it is a SCAM.

When you google ‘Getty Images Scam’, a lot of other information appears to suggest it is a scam.

What is wrong with people today? How do these parasites sleep at night?

jot

  • Jr. Member
  • **
  • Posts: 25
    • View Profile
Re: We are the latest victim of the Getty Image extortion scam
« Reply #29 on: January 10, 2013, 03:07:02 PM »
Hi Jot,

Even though I'm willing to bet that your company is in the clear, I do hope you'll continue to participate on these boards. Perhaps at some point you can share more specifics about what they actually did to access your site.

Oh, I intend to, I just can't say much at this time on the forum.  Mathew and Robert have a bit more info I have passed onto them, but I have asked them from not posting anything until I'm told I can do so.

On an interesting note though, as I was looking over my server logs for the new year, it seems Getty has decided to review our website again (new IP address from the list I have on them - looks to be a human this time and not a bot) I suppose before the next letter goes out to us.  I was hoping from the letter the CEO sent over a month and half ago that they would have decided to drop this and move on, but maybe not.  I guess I will see in a few weeks if they do send us another letter.  They really picked on the wrong person for their extortion scam.

 

Official ELI Help Options
Get Help With Your Extortion Letter | ELI Phone Support Call | ELI Defense Letter Program
Show your support of the ELI website & ELI Forums through a PayPal Contribution. Thank you for supporting the ongoing fight and reporting of Extortion Settlement Demand Letters.