Someone has hijacked the http://mirror.imbrandon.com/ubuntustudio/7.04 mirror. IT IS BOGUS!! Dont pay for downloads. This should be sorted soon. Its just some @ss trying to make money.

We will let you guys know when its clear.

Crap, too late for me.

I hate when people do stupid stuff like that:mad:

Crap, too late for me.

You didn't pay did you!!??

Man.... that feels so low, hijacking an Ubuntu download mirror :(

All your download sites here (http://ubuntustudio.org/downloads) are still good, right? so I guess people should be sure to go through your site... Support the torrent, I am :)

DO NOT BELIEVE THIS GUY!!

If its a mixup it will be sorted later but for now he has given no proof. Ill be glad to eat my words if Im wrong.

josecc: If its a legit claim take your Paypal links down and link to nothing. Contact me through the forum and we will sort this.

;2655655']. . . . . . and guess who the money goes to . . . . .josecc@gmail.com

Go to http://ubuntustudio.org/downloads and keep ubuntu the way it was meant to be . . . . FREE!

Yup, same email for the redirected domain, just checked. >.>


To Jossec:
Ok.... so first your trying to get money out of people for a direct download of a free project? and now... your pointing people to other links (most of em bandwidth exceeded), I notice you included yourself there again. Ummm, I don't get ya. If your trying to make money why are you pointing people to the torrent? Is it you overran your bandwidth and now have to charge for extra? If thats it just put the torrent right on the top of your page, and if ya are trying to make a buck off the project, please go away... that certainly isn't the meaning of Ubuntu.

Just so no one else it seems get taken, go here (http://ubuntustudio.org/files/UbuntuStudio_7.04.torrent) for the torrent off the main site. Guess thats it for this topic...

The mirror was set up for us by a Ubuntu MOTU that works at a data center. He is legit. COMPLETELY FREE.

Until he tells me the deal DO NOT USE THAT MIRROR! Should be a couple of hours as he works a night shift.

Use the torrent. It should be real fast still. Just make sure you ports are set right.

Crap, too late for me.


If you did pay, I would fight the charge, and get your credit card cancelled and have a new one sent to you. Otherwise there may be new charges to your account.

This sounds to me like a private issue that should be discussed in private. I understand the warning, though. But you should NEVER pay for anything on the Internet without first looking for a free alternative.


If you did pay, I would fight the charge, and get your credit card cancelled and have a new one sent to you. Otherwise there may be new charges to your account.

Fight this for a few bucks?

And perhaps it's time to ban this josecc guy until he can explain what's going on here!

so how did that offical mirror get redirected to your site? did you hack his server?

Sure, but you have hijacked a known FREE mirror and replaced it all with pay links.

Fight this for a few bucks?

Yes. That site is violating the GPL.


This sounds to me like a private issue that should be discussed in private.

I did send him a pm, but I posted it too in case any else made the same mistake.

we should all learn from this incident, its quite interesting.

Yes. That site is violating the GPL.



I did send him a pm, but I posted it too in case any else made the same mistake.

I also sent off a PM. Ill wait for his response. The imbrandon mirror was set up by a trusted guy.

If something was done wrong just kill the link. Dont redirect and try to make money.

Ok. His posts are removed till we sort this all out.

its perfectly legal to make money off of Linux and anything else GPL. Does he supply the source code for his product? If he doesn't then its illegal.

This is really, but really LAME.... Getting money from people who work hard and for free for providing an high quality distro.

I advise the forum staff to delete josecc links, in this thread, editing its posts (and other who quoted its servers). Even if the users are warned in this thread, we shouldn't make advertisement to the servers of that idiot, who violates all the major principles of the GPL license.

He doesn't deserve that, what he did was immoral.

EDIT:

you guys forgot the quotes, from other users who list the servers

you guys forgot the quotes, from other users who list the servers

I think ya meant my post, took care of it myself, I should stop quoting folks, its a bad habit to do all the time >.>

It really sux because this redirect will be up 'till Brandon goes to work. I will post when theres a all clear and explain what happened.

It really sux because this redirect will be up 'till Brandon goes to work. I will post when theres a all clear and explain what happened.

Can we track this guy and somehow, bring him to justice? find traces of its hacking? Hijacking a server, its a crime, (not to say earn money from something thats free)

Considering the amount of people who seem to use studio, perhaps this should be stickied for the moment, or have one of those things at the top of the forums in green.

i'm not implying anything,

but it just makes me wonder, the guy finds this thread in just few moments its posted?

That sucks for those guys and all the hard work they put into ubuntu studio.

i'm not implying anything,

but it just makes me wonder, the guy finds this thread in just few moments its posted?
If he's in control of the redirected site he would see traffic coming from here.

what... thats lame as hell. stupid morons did that.

If he's in control of the redirected site he would see traffic coming from here.

i see , so he could see ubuntuforums.org?
but still the odds are quite a bit great, of finding the specific thread ID

unless he is able to adapt quickly and hit New post. or do a search.

or is it possible to see the whole thread id from his side?

well, moderators can see the last IP login of pretty much everyone.


I'd find out who did it, get his IP, traceroute it, call his ISP and make a complaint.

or is it possible to see the whole thread id from his side?
Yes.

i see , so he could see ubuntuforums.org?
but still the odds are quite a bit great, of finding the specific thread ID

unless he is able to adapt quickly and hit New post. or do a search.

or is it possible to see the whole thread id from his side?

It is possible to find a specific thread ID.
http://projectip.com/shows everything that a server sees. Even the last page that you viewed in detail even to a specific thread. Check the Referrer Item
Rather scary:shock:

Look guys, he is *NOT* in violation of the GPL -- he is perfectly entitled to charge as much as he likes for download from his own server if he so wishes... gah how come even long-time Linux users still down't udnertand the GPL :confused: ?


However, I agree that it's not really in-keeping with the Ubuntu culture, and if he did hijack a server, then that is certainly bad and should be referred to law enforcement. But I get the feelign this is his own server.

The key here, rather than bringing him down, is to provide a free alternative download. That's what the GPL is about -- freedom to distribute the software as you want... and NOT restricting others in how they wish to dostrobute it.

Yes. That site is violating the GPL.

you might want to give the gpl (http://www.gnu.org/copyleft/gpl.html) another (or maybe a first?) read. charging for software downloads is /not/ in any way a gpl violation.

just wanted to clarify this point. ;)

edit: gah, looks like i was beaten to the punch... ;)

you might want to give the gpl another (or maybe a first?) read. charging for software downloads is /not/ in any way a gpl violation.

you are right that charging is allowed, but what isn't allowed is not having unrestricted access to the source code; this guy is not a part of the group that put the software together either, the whole point was that you make the money from the CD (media), books (media) or support (services) not from downloads. not only that but he has the bare faced cheek to call it a donation which implies that the money would go to the original creators of the software.

the thing is that if he fails to provide the software for free upon request (because money is a limitation according to the gpl) it is in violation of the GPL (not to mention moral principles)

If you did pay, I would fight the charge, and get your credit card cancelled and have a new one sent to you. Otherwise there may be new charges to your account.

He has put up PayPal links.. he would never see a credit card number.

I understand that people are upset about this, but there is more misinformation in this thread than genuine information IMO.

you are right that charging is allowed, but what isn't allowed is not having unrestricted access to the source code; this guy is not a part of the group that put the software together either, the whole point was that you make the money from the CD (media), books (media) or support (services) not from downloads. not only that but he has the bare faced cheek to call it a donation which implies that the money would go to the original creators of the software.


Again, I agree that this is against the spirit of Ubuntu.

But I don't follow your argument above. Under the GPL, he can charge as he sees fit, for any distribution method. He can even make a handsome profit if he likes. The GPL does not stipulate any of the above requirements you have imposed. The GPL does not state that only developers can charge. The GPL is very strict in ensuring freedom for anyone to ditribute as they see fit. As long as they pass along the same rights with the product. Even the devs have no right to stop him from doing this if they want to distribute under the GPL.

On the contrary -- barring him from distributing in this way -- restricting him from the ability to make money -- is a direct violation of the GPL. Sure, you can 'disown' the server, remove the link, warn people that there are free alternatives. But don't brand him as a law-breaker or find ways to stop what he is doing unless he is actually breaking laws.

Secondly, 'donation' does not imply anything. It's $2 for a download. It does not state it goes to the authors.



the thing is that if he fails to provide the software for free upon request (because money is a limitation according to the gpl) it is in violation of the GPL (not to mention moral principles)


This is true that he must provide access to the source code -- but not the binaries (the distro itself -- or "the software" as you call it). Haas anyone tried asking him for the source? It's a bit premature to brand him as a GPL violator if no-one has actually requested him to provide the source.

Look people -- many of us are fighting in our own ways for software freedom. But you have to understand the letter and the spirit of the GPL. Provided this guy hasn't hacked someone elses server, this is legit.

I think the reason that MMA is really concerned is that he had someone that he trusted set that server up for him. As far as MMA knows, the setup was totally legit.

The proper protocol for this guy to have followed would be to contact ubuntustudio devs or the person who created that mirror and figure out what was happening and how to resolve it. Simply replacing that download page with a pay-per-download one was a little rude and irresponsible, as unsuspecting users may hand over their money when they didn't really need to/want to without being aware of the situation.

If he had gone through the proper channels and actually tried to resolve the situation, there probably wouldn't be this much backlash.

Look guys, he is *NOT* in violation of the GPL -- he is perfectly entitled to charge as much as he likes for download from his own server if he so wishes... gah how come even long-time Linux users still down't udnertand the GPL :confused: ?


However, I agree that it's not really in-keeping with the Ubuntu culture, and if he did hijack a server, then that is certainly bad and should be referred to law enforcement. But I get the feelign this is his own server.

The key here, rather than bringing him down, is to provide a free alternative download. That's what the GPL is about -- freedom to distribute the software as you want... and NOT restricting others in how they wish to dostrobute it.

Jhongy. You have come late to this thread and since posts were removed you lose the context of things.

Its not at all that he was selling .iso's our mirror was hijacked and in place was put a page making people pay for downloading.

Sorry for a second post, but he also seems to be masquerading as a member of the Ubuntu Studio team. He says this on the webpage:


Sorry ... we have a Digg Effect, so if you want to download considere donate.

He also provides a link to the Ubuntu Studio website. he's making it seem like he's a part of the UbuntuStudio team and that the money from buying the download will go back to the UbuntuStudio team! Legal or not, that's simply sleazy.

It is possible to find a specific thread ID.
http://projectip.com/shows everything that a server sees. Even the last page that you viewed in detail even to a specific thread. Check the Referrer Item
Rather scary:shock:
ahhh.. now i understand, thanks.

It is possible to find a specific thread ID.
http://projectip.com/shows everything that a server sees. Even the last page that you viewed in detail even to a specific thread. Check the Referrer Item
Rather scary:shock:

what (if anything) can i do to prevent all that info from being out there?

what (if anything) can i do to prevent all that info from being out there?
nothing whatsoever.

Hey sorry -- I didn't realise that the sever had been compromised.

I'm still adamant that many of the respondents in the thread learn more about the GPL though :-)

heathen: I'm sure that is a firefox extension that fakes your referrer... or you could use a public proxy that hides referrer information. I don't see the point -- all websites track referrer information ... it's useful to see where your visitors have come from (vital for some businesses). It's not usually stored in a way that is personally identifiable, and although you can look up the IP address, you can't really track individuals unless you track their behaviour off-site (which is certainly wrong).

Hey sorry -- I didn't realise that the sever had been compromised.

I'm still adamant that many of the respondents in the thread learn more about the GPL though :-)

heathen: I'm sure that is a firefox extension that fakes your referrer... or you could use a public proxy that hides referrer information. I don't see the point -- all websites track referrer information ... it's useful to see where your visitors have come from (vital for some businesses). It's not usually stored in a way that is personally identifiable, and although you can look up the IP address, you can't really track individuals unless you track their behaviour off-site (which is certainly wrong).
well yes he could get something to block his particular referrer. I thought he meant what could he do to prevent it on a larger scale.

I also don't see the point. It's not a big deal. pretty standard stuff.

was more of a curiosity than anything else... I'm not much worried about it.. the extent of my webbrowsing is this forum and a few motorcycle boards that i frequent...

was more of a curiosity than anything else... I'm not much worried about it.. the extent of my webbrowsing is this forum and a few motorcycle boards that i frequent...\

So. . .you have a 'burning' passion for motocycles? :lolflag:

It is possible to find a specific thread ID.
http://projectip.com/shows everything that a server sees. Even the last page that you viewed in detail even to a specific thread. Check the Referrer Item
Rather scary:shock:

Heh, Firefox's user agent switcher completely snowed that site. About the only thing it got right was the referrer.

http://smilies.zx6r.info/lachen/567.gif

Ok. So heres the final word from Brandon. The redirect was intentional and temporary because this guy wanted to help us with a mirror for a bit. Then at some point decided to try to make money off of it.

Oh well.

So thats the final word. Link is good again. Close the thread. :)

Wait! Not yet!
http://img.photobucket.com/albums/v299/dusthillguy/monsquazlowcolor.png
OK, now the thread can be closed.

Just a note for people trying the link again. Remember to clear your cache.

thread closed per OP request.