Technology and Dramatic Skills in Software Copyright Infringement Cases: A Brief Analysis of Telnet Remote Forensics

With the rapid development of computer and internet technologies, software accounts for an increasingly larger proportion of technological innovation. In computer software copyright infringement disputes, the use of technical means to obtain evidence is commonplace. Telnet remote evidence collection is a typical method, and after more than ten years of judicial practice, the evidence recognition of Telnet remote evidence collection has become relatively mature. This article provides a brief analysis of Telnet remote evidence collection, hoping to offer some inspiration for similar evidence collection techniques.

01 Introduction to Telnet Remote Evidence Collection

In computer software copyright infringement cases, plaintiffs often face situations where they cannot provide sufficient evidence. In such cases, some plaintiffs use computer technology to obtain evidence remotely, and Telnet remote evidence collection is a common method.

Just as communication between people requires adherence to certain rules and agreements, communication between computers also requires adherence to certain rules and agreements. These rules and agreements are called computer communication protocols. Computers do not possess human emotions and strictly adhere to protocols. Telnet is a remote login protocol based on TCP/IP, which allows one computer device to connect to another remote computer device via a network and remotely operate the remote computer device.

Technically, Telnet establishes a TCP connection between the client and server, transmitting user keyboard input to the remote server and echoing the server’s output back to the client’s screen. Therefore, technicians can use Telnet to connect to target servers or devices and obtain critical data such as system information, log files, and configuration files. For example, on a server suspected of having infringing software installed, technicians can remotely log in via Telnet to view the system’s login records to determine if the allegedly infringing software is installed, examine its configuration, running processes, and analyze whether the server shows signs of installing and running such software.

However, Telnet also presents security risks. Because the transmitted data is in plaintext, including usernames, passwords, and transmitted commands and data, this information is easily stolen and tampered with insecure network environments. This affects the accuracy and reliability of the evidence. Therefore, in actual Telnet remote forensics operations, it is essential to conduct these operations in a secure and controlled network environment whenever possible, such as establishing a connection through a secure channel like a VPN, to ensure the confidentiality and integrity of the data.

Telnet remote forensics provides a convenient means of remotely obtaining evidence, but its security risks must be carefully considered to ensure the process is legal, scientific, and rigorous. This is crucial to avoid potential legal and technical risks and maintain the security and stability of cyberspace.

02. Certainty and Uniqueness of Evidence Obtained Remotely via Telnet

In computer software copyright infringement cases, Telnet remote forensics does not necessarily yield evidence. Support for the Telnet protocol is gradually decreasing on some modern operating systems and network devices. For example, some new network security devices may disable Telnet by default for security reasons. If the target system does not support Telnet, the protocol cannot be used for connection and evidence collection. In this case, Telnet remote forensics cannot be completed.

Regarding the evidence obtained, from a technical perspective, the owner and controller of the remote server have the authority to modify port information, displayed content, and other related settings. The information obtained through remote forensics may not be entirely consistent with the actual situation of the server. Furthermore, using hacking and other network attack techniques, it is also possible to illegally tamper with the server’s information.

Furthermore, the feedback information obtained through Telnet remote forensics is very limited, typically consisting of only log information about server installation and software usage, reflecting the name and version number of the corresponding software, but unable to display the software’s program code or provide further detailed information.

Therefore, based on the principle of proof beyond a reasonable doubt in criminal proceedings, Telnet remote forensics is almost impossible to be used as the basis for a criminal conviction. However, in civil litigation, especially in intellectual property disputes, Telnet remote forensics has its unique application scenarios.

03 Determining the Probative Value of Telnet Remote Forensics

The determination of the probative value of evidence obtained remotely via Telnet is often fraught with difficulties. For example, in the copyright infringement dispute between Leroy Inc. and Netac Inc. in the United States, the judgments in the first instance, second instance, and retrial were repeatedly reversed. The court of first instance held that the response obtained by remotely accessing the defendant’s website server via Telnet command was not definitive, and that the response alone could not confirm whether the defendant’s website server used software named “Serv-UFTPServerv6.3”. The court of first instance dismissed the plaintiff’s claim[1]. The court of second instance held that Langke Company argued that it did not use the software in question and claimed that the Telnet welcome screen information could be changed at will. However, the defendant did not provide evidence to prove that Leiruo Company had modified the interface information. The court of second instance reversed the judgment and ruled that the software copyright infringement was established[2]. The defendant, Langke Company, applied for retrial against the judgment of the second instance. The court of retrial supported the view of the court of first instance, revoked the judgment of the second instance, and upheld the judgment of the first instance[3]. The above cases show that the probative value of evidence obtained remotely via Telnet is indeed a difficult issue. However, in recent years, in more and more cases, the court often believes that evidence obtained remotely via Telnet has reached the standard of high probability for the determination of facts. In the case of Autonum Company v. Guanzhida Company for infringement of computer software copyright, the court of retrial held that the Telnet command is a common computer command, and that Telnet is a common computer command. The feedback information after the probe can reflect the identity information of the program installed and used by the probed server. From a technical point of view, the feedback information is not a random string, but a response to the probe to establish a TCP connection. The response information contains the software information that is running on the corresponding port. Under normal circumstances, the probe can judge the status of the corresponding software installed and used by the probed server based on the feedback information, that is, the Telnet evidence collection method is technically reliable. If the feedback information is highly likely to be related to the facts to be proved, it should still be considered that the party bearing the burden of proof has fulfilled the burden of proof. The defendant, Guanzhida Company, argued that the results of Telnet remote evidence collection were not certain and unique. The retrial court held that cases involving Telnet remote evidence collection must be analyzed in combination with the specific circumstances of all the evidence in the case. The claim of the right holder cannot be rejected on the grounds that the Telnet remote evidence collection method is not certain and unique to the facts to be proved.[4] In the case of Leiruo Company v. Jieaobi Company for infringement of computer software copyright, the second-instance court also held that the 21 The port, whose feedback information has a high degree of certainty, has reached the standard of high probability of evidence in civil litigation[5]. This case was selected as one of the top ten typical cases of intellectual property judicial protection in Jiangsu Province in 2015.

04 Allocation of the burden of proof in related cases

On the basis of the recognition of the probative value of Telnet remote evidence collection, the judgment of related cases also depends on the allocation of the burden of proof. First, if the evidence obtained by Telnet remote evidence collection is considered not to have reached the standard of high probability in civil litigation, then the plaintiff has not fulfilled the burden of proof and may bear adverse consequences. Second, if Telnet If evidence obtained through remote investigation meets the high probability standard in civil litigation, the burden of proof shifts to the defendant. The defendant must provide evidence to support their claims.

For example, in the aforementioned case of Autonom v. Guanzhida regarding infringement of computer software copyright, the court of retrial emphasized that Guanzhida failed to provide a reasonable explanation for the presence of information in the feedback that was identical in name and version number to the software in question. Furthermore, Guanzhida failed to provide evidence that it had independently developed and used mail server software with the same name and version number as the software in question but different program code, or to provide modification logs to prove that it intentionally modified the server settings to make the feedback information inconsistent with the actual running software. Consistent. In conclusion, Guanzhida Company should bear the legal consequences of failing to provide evidence. It should be noted here that in this case, the defendant Guanzhida Company actually bore the legal consequences of failing to provide evidence, not the consequences of establishing the facts[4]. Similarly, in the case of Leiruo Company v. Jieaobi Company for infringement of computer software copyright, the second-instance court also emphasized that Jieaobi Company claimed that it did not constitute infringement. According to the principle of “whoever asserts, must prove,” it should submit relevant evidence such as server logs to provide counter-evidence. In the case that Jieaobi Company could not prove its claims, the court ruled that it should bear the civil liability of ceasing infringement and compensating for losses[5]. Summary In summary, it can be seen from the above cases that Telnet-related In cases involving remote evidence collection, although the Telnet remote evidence collection method and the facts to be proven are not technically absolutely certain or unique, the court tends to analyze each case based on the specific circumstances of all the evidence. In cases where the evidence collection process is clear and explicit, the court often finds that the plaintiff has fulfilled their burden of proof based on Telnet remote evidence collection, and that their evidence has a high degree of probability. Based on this, the burden of proof is reasonably allocated, and the legal consequences borne by each party are determined.

References:

[1] Shenzhen Nanshan District People’s Court, (2011) Shennanfazhiminchuzi No. 1039 Civil Judgment.

[2] Shenzhen Intermediate People’s Court, (2014) Shenzhongfazhiminzhongzi No. 504 Civil Judgment.

[3] Guangdong Higher People’s Court, (2015) Yuegaofaminsantizi No. 2 Civil Judgment.

[4] Guangdong Higher People’s Court, (2017) Yueminzai 463 Civil Judgment No. [5] Jiangsu Provincial Higher People’s Court, Civil Judgment No. (2015) Su Zhi Min Zhong Zi No. 00108.