Firefox Pirates Lay Siege to Amazon

 Pages 1 2 NEXT
 

Firefox Pirates Lay Siege to Amazon

image

According to TorrentFreak, Amazon is getting hammered by pirates using an exploit in Firefox to get away with booty without paying for it.

The add on links away from the legal product and onto a pirated download for the same product. So, when you want to buy something, as long as it's available in digital media, you'll get the illegal copy instead.

To Amazon, this is the equivalent of a junkie sitting outside your shop doors and promising to nick anything you want without the shop owner even being aware of it.

Given the time of year as well, this will cause havoc to the online retail store; and is sure to result in countermeasures that can only start at DRM's.

The pirates themselves, though devoid of eye-patches, are using the blend of retailing and torrent tracking to 'redistribute the wealth', whilst getting a healthy link to themselves.

Whilst the add-on uses the infamous Greasemonkey script, it's not the first. Rotten Tomatoes, IMDB, Last.fm and number of subscription-based browser games are also targeted.

Given the amount of money at stake in this game, one can almost imagine the Amazonian Armada sailing up behind the HMS Firefox as we speak.

Permalink

And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

Lately it seems the jackass to non-jackass related news has tripled. Despicable.

Why not just make an add-on that searches torrent sites without the need to go to Amazon?

What's the point of including Amazon in that at all?

Do pirates really want to see what the product would have looked like, had they decided to pay for it? Or is this for those sometimes-pirates, who have a set limit they'll pay before turning to piracy?

It's not really an 'exploit' in Firefox. It sounds like it's just Greasemonkey adding an extra search link next to the buy link on a product that searches the Pirate bay for the name of whatever you're looking at on Amazon.

Kross:
It's not really an 'exploit' in Firefox. It sounds like it's just Greasemonkey adding an extra search link next to the buy link on a product that searches the Pirate bay for the name of whatever you're looking at on Amazon.

Possibly, from what I've heard of Greasemonkey, it's almost considered an exploit in itself.

The_root_of_all_evil:

Kross:
It's not really an 'exploit' in Firefox. It sounds like it's just Greasemonkey adding an extra search link next to the buy link on a product that searches the Pirate bay for the name of whatever you're looking at on Amazon.

Possibly, from what I've heard of Greasemonkey, it's almost considered an exploit in itself.

Yeah, it lets you rewrite html on a given web page, useful for messing with the layout of sites you go to a lot, or for more malicious things like stripping out the ad code. So, like any powerful tool, it can be used for good, or if you're clever, evil.

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

This is not "pirating," this is actual theft. Real pirates steal like this. Software "pirates" are not stealing, just committing copyright infringement (debate whether that hurts elsewhere). Both are wrong, but please get your definitions straight.

I can see a lot of people getting van'd over this depending on the countries they are based in; so to clarify are they just changing the link to add to basket type thing amazon uses to an immediate torrent or just a search page for a torrent?

Edit- and isn't this just going to work for the user that is actualy running the scripts? Sounds a lot less controversial that when I first read the post and assumed they had affected the actual amazon website accessed by everybody.

The_root_of_all_evil:

Kross:
It's not really an 'exploit' in Firefox, it sounds like it's just Greasemonkey rewriting buy links to torrent searches for a given piece of software.

Possibly, from what I've heard of Greasemonkey, it's almost considered an exploit in itself.

Wrong, sir. Greasemonkey simply lets you script a loaded DOM without having to alter the original page's code to include it. You can do similar stuff with FireBug, but Greasemonkey lets you bind your local scripts to bookmarks and even entire domains. From a tech standpoint, this is a neutral thing. Many benevolent mash-ups would not be possible without this sort of technology.

I'd like to point out that this script is not "exploiting" Amazon other than to use the listings to drive a subsequent look-up. It's not going to be noticeable as spiked traffic to Amazon, any ads they are running still get viewed, and the type of person running this add-on most likely wouldn't be completing a purchase from them any time soon, anyhow. The title is inaccurate and hyperbolic. No one has pirated Firefox (something you cannot do to free stuff, by definition), and they aren't laying any kind of "siege" that Amazon would notice. A more accurate title would perhaps be, "Pirates Use Firefox Add-On to Mash-up Amazon, Pirate Bay". As it stands, the current title is misleading at best, purposefully bombastic at worst.

santaandy:

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

This is not "pirating," this is actual theft. Real pirates steal like this. Software "pirates" are not stealing, just committing copyright infringement (debate whether that hurts elsewhere). Both are wrong, but please get your definitions straight.

This is basically a less conveinient way of searching for torrents. How the hell is that stealing (In comparison to going to a regular tracker? Let's not get into the piracy issue in this thread.)

It's not theft I'm afraid.
Theft Act 1968
"1. Basic definition of theft
(1) A person is guilty of theft if he dishonestly appropriates property belonging to
another with the intention of permanently depriving the other of it; and 'theft' and 'steal'
shall be construed accordingly."
Permanently deprive the other of it. No-one is being permanently deprived of property here I'm afraid.

SaintWaldo:
As it stands, the current title is misleading at best, purposefully bombastic at worst.

You are, of course, entitled to your opinion, but I see nothing misleading in the title. Pirates who use Firefox are attacking Amazon; the lede is provided by TorrentFreak, as is stated.

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

I think that "hurt" is a bad way to put it. While I agree that pirating isn't nearly as bad as some people make it out to be, you can't just say "Why should I pay for something? Outrageous!"

It's a stupid outlook, when you look at pro-pirating arguments. Just tell them, "Are you taking something for free, when you should be paying for it?"

"Well, yeah"

"Then it's theft. It's not that hard to comprehend."

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

Well, economically speaking, since electronic information can be infinitely duplicated without an marginal cost, the only economically efficient solution is for it to be universally available: piracy thus (rather inadvertedly) leads to the optimal distribution of electronic "goods".

Still sucks if you're they whose stuff gets nicked, but hey! You can't argue with economics...

I don't see the point of calling piracy "theft." It's copyright violation. Calling it theft doesn't make it more or less of a crime, and it's arguably inaccurate. Besides, taking something for free when you "should" be paying for it is a terrible definition of theft. By that definition, if I borrow something from a friend instead of buying it at a local store, regardless of what it was, I'd be a thief.

Like others have said, it's copyright infringement and illegal copying. Nobody is actually losing anything, it's just being copied without permission. Kind of like photocopying an entire Library book so that you don't have to buy it, or borrowing something from a buddy, making a copy of it, and then giving back the original to him.

Oh, I thought it stopped people from purchasing legal digital files from amazon. Redirecting someone's payment stream (either away from them or to you) is definitely crossing the line.

fish food carl:

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

I think that "hurt" is a bad way to put it. While I agree that pirating isn't nearly as bad as some people make it out to be, you can't just say "Why should I pay for something? Outrageous!"

It's a stupid outlook, when you look at pro-pirating arguments. Just tell them, "Are you taking something for free, when you should be paying for it?"

"Well, yeah"

"Then it's theft. It's not that hard to comprehend."

One could simply say that they shouldn't be paying for it, since information should be free. I'm against that viewpoint, but then you would get into a philosophical argument with the person, so the best you can hope for is a stalemate.

Whilst legal reasons are tying my hands on this; the add on, that uses Grease Monkey which 'some' might call an exploit, works alongside Amazon and searches the torrents for the same name article. What you then download is 'allegedly' the digital media associated with that copyright; therefore breaking copyright laws while still accessing Amazon's (and the rests) widgets.

So, not only is it allowing, some might say promoting, copyright infringement; it's doing so under the guise of legality (which could have implications on Amazon) and giving hits to the torrent site available.

Suffice to say the site is down at the moment; and even if you do agree with what's being done, the counterstrike by Amazon is likely to have knock on effects to your average Joe consumer.

From what I can ascertain, no money is trading hands at the moment, but given that the script COULD easily perform illegal activities, I think that it's going to escalate.

anti_strunt:

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

Well, economically speaking, since electronic information can be infinitely duplicated without an marginal cost, the only economically efficient solution is for it to be universally available: piracy thus (rather inadvertedly) leads to the optimal distribution of electronic "goods".

Still sucks if you're they whose stuff gets nicked, but hey! You can't argue with economics...

Your argument sort of holds together, until you factor in that if software is made universally available (without cost to the user) then companies will stop making any software because they can't get any money out of it.

Fragamoo:

anti_strunt:

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

Well, economically speaking, since electronic information can be infinitely duplicated without an marginal cost, the only economically efficient solution is for it to be universally available: piracy thus (rather inadvertedly) leads to the optimal distribution of electronic "goods".

Still sucks if you're they whose stuff gets nicked, but hey! You can't argue with economics...

Your argument sort of holds together, until you factor in that if software is made universally available (without cost to the user) then companies will stop making any software because they can't get any money out of it.

I was going to add something about protecting intellectual property rights to ensure innovation by guaranteeing return on research investment (or programming, in this case), but that's macroeconomics. Microeconomics is much more fun, as the equations always add up properly.

The real world rarely has the same good taste.

So if I click on "Need for Speed: Undercover" on Amazon it'll find the best possible torrent, considering most of them have names like "Need.For.Speed.Undercover.CLONEDVD-RDDXBOX360NTSC"?
I call bullshit. If the person uses torrent, then that person knows how to go to piratebay and check what tracker has the most seeders/leechers and just click on that. Unless this circumvents the whole process of actually going into a torrent search site and having a program like Vuse installed (AND magically finds the correct tracker AND finds the most seeded one), the people using that add-on will be the same people who already use piratebay.
People buy games so they can play online or because they feel the company deserves the money, otherwise they just download the game (when they know how to). The reason isn't that they aren't aware that a game is available on torrent. I'm not sure if you guys know this, but these sites have search mechanisms.

Lazy pirates, your supose to have to look for a safe, virus-free copy of what you want; thats where your sympathy votes come from.
"Those pirates are hurting the industry"
"But remember the risks they carry, all those dangerous torrents"
"Your right, poor dears"

The_root_of_all_evil:

To Amazon, this is the equivalent of a junkie sitting outside your shop doors and promising to nick anything you want without the shop owner even being aware of it.

That would be a great public service.

It's been stated already but they are getting crappy copies of stuff- that doesn't make it right, at all though. If may not be stealing per se, as digital copies technically belong to no one and are infinite in number, but it's still infringement, regardless of it being a Greasemonkey add-in on Amazon- it's just making it easier to find the illegal copy.

And come on! Amazon's music downloads are cheaper than iTunes and if you're really trying to stretch your buck, I think Rhapsody is even better... Sigh. I like Amazon. They treat me well, but I'm one of those old fogies who still buys the CD of albums because it feels more "right."

*ahem*

Firefox pirates PLUNDER Amazon, not lay seige!

There are some solutions to this problem:

1. Ban Firefox
2. Shutdown Internet
3. Disable Amazon
4. Make people buy overpriced shit
5. Commit ritual suicide
6. Nuke China
over 9000. ?????
8. PROFIT!!!

Key points:

It's not an "exploit" in the conventional computer-security sense of the word. There is no vulnerability in Firefox or Amazon. Amazon's database of products and reviews is being abused, but there is no security risk to them or their customers (other than the risk anyone who chooses to install the pirate-script faces from, well, installing software written by pirates). This is no different from a spider crawling Amazon to get the same info.

Likewise, nothing is being stolen from Amazon. Amazon's results are merely being mushed together with a pirate site's.

"So, when you want to buy something, as long as it's available in digital media, you'll get the illegal copy instead" implies that the user actually goes off to buy the product but semi-unknowingly gets a free-and-very-illegal torrent instead. This is untrue. The script merely adds a giant "CLICK HERE TO BREAK THE LAW" link to the page (well, okay, from the screenshot it looks like the actual text is "Download 4 free").

Other than deliberately obfuscating and polluting it with all kinds of junk in a vain effort to defeat a moving target, there's no way to prevent this kind of thing. You can't control what a user's browser does to a page once you've served it.

-- Alex

"The infamous Greasemonkey".

Others have said it; I'm going to try to be clearer. There's a stack of tools running inside each other. Windows -> Firefox -> Greasemonkey -> Naughty_piracy_assistant.

Greasemonkey is no more "infamous" than Firefox or Windows itself. Only Naughty_piracy_assistant is slightly naughty. And all *that* does is annotate Amazon pages with search results from torrent sites.

Take a look at all the non-naughty Greasemonkey scripts at http://userscripts.org/scripts

ukslim:
"The infamous Greasemonkey".

Others have said it; I'm going to try to be clearer. There's a stack of tools running inside each other. Windows -> Firefox -> Greasemonkey -> Naughty_piracy_assistant.

Greasemonkey is no more "infamous" than Firefox or Windows itself. Only Naughty_piracy_assistant is slightly naughty. And all *that* does is annotate Amazon pages with search results from torrent sites.

Take a look at all the non-naughty Greasemonkey scripts at http://userscripts.org/scripts

When it comes down to it, most Greasemonkey scripts are just illegal ways to perform tasks in convenient ways.

The_root_of_all_evil:
So, not only is it allowing, some might say promoting, copyright infringement; it's doing so under the guise of legality (which could have implications on Amazon) and giving hits to the torrent site available.

Of course anyone with Greasemonkey installed is probably well aware of the consequences of their actions. This is a moot comment, I'm quoting the post for the following:

The_root_of_all_evil:
From what I can ascertain, no money is trading hands at the moment, but given that the script COULD easily perform illegal activities, I think that it's going to escalate.

There's a quote (maybe on bash.org - I'm not sure, it might even be in the original Netcat readme file) that goes something along the lines of "You can use a swiss army knife to disassemble a car just as easily as you can use it to put one together". The script itself is dangerous, but please try not to blame Greasemonkey for it (I got bored and wrote a little TCP proxy to do something very similar to this months ago when I was pentesting a site).

For some examples of good greasemonkeys:

* My workplace's remote OWA (2k7) needs to be refreshed once a minute automatically, for some reason the basic interface (i.e. Firefox OWA interface) doesn't support this - the IE version might - so I have a greasemonkey refreshing it every minute.
* My bank has no support for remembering my account numbers, so a quick greasemonkey so that I can select them from a list rather than having to type them in.
* Auto populating employee information for contracting jobsheets

By the way I happen to agree that the title is misleading, though I don't feel that it was intentional on your behalf.

Gits.

Wow, there is a serious amount of FUD in this article.

The_root_of_all_evil:

SaintWaldo:
As it stands, the current title is misleading at best, purposefully bombastic at worst.

You are, of course, entitled to your opinion, but I see nothing misleading in the title. Pirates who use Firefox are attacking Amazon; the lede is provided by TorrentFreak, as is stated.

I wasn't blaming you, and TorrentFreak doesn't claim to follow a style guide. Escapist does.

Judging by your responses, you also obviously don't understand the technology in question here, so I'll file this story under, "Nice Try". Put your hair-fire out, this isn't actually news.

The_root_of_all_evil:

SaintWaldo:
As it stands, the current title is misleading at best, purposefully bombastic at worst.

You are, of course, entitled to your opinion, but I see nothing misleading in the title. Pirates who use Firefox are attacking Amazon; the lede is provided by TorrentFreak, as is stated.

The title might not be misleading but basically the article is a waste of time and frankly, needs alterations and corrections.

#1 - Firefox has absolutely no liability over this, so Amazon suing them would be fruitless.
#2 - Amazon is getting hammered by pirates using an exploit in Firefox to get away with booty without paying for it. - That is misleading. It sounds like using an exploit, available in Firefox (by default). It sounds like you are finding a way to exploit the Amazon website to download for free. That is defiantly not the case.

However, the whole thing is morally dubious at best. I've been waiting for Amazon to open up their music store to the UK, as frankly it is the way forward.

The Escapist better watch out to be honest, the legal begals at the Mozilla Corporation will probably not take too kindly to being accused of facilitation piracy, when it is actually a script for an extension that is actually doing it.

You could essentially replace 'Firefox' with 'Microsoft' by the same logic. And blame the facilitation of Piracy on IBM for creating the personal computer architecture.

fish food carl:

Lvl 64 Klutz:
And there are still people out there who convince themselves that pirating doesn't hurt anyone >_>

I think that "hurt" is a bad way to put it. While I agree that pirating isn't nearly as bad as some people make it out to be, you can't just say "Why should I pay for something? Outrageous!"

It's a stupid outlook, when you look at pro-pirating arguments. Just tell them, "Are you taking something for free, when you should be paying for it?"

"Well, yeah"

"Then it's theft. It's not that hard to comprehend."

Well done! You've put the anti-piracy argument simply.

 Pages 1 2 NEXT

Reply to Thread

Log in or Register to Comment
Have an account? Login below:
With Facebook:Login With Facebook
or
Username:  
Password:  
  
Not registered? To sign up for an account with The Escapist:
Register With Facebook
Register With Facebook
or
Register for a free account here