Tag Archives: 2016

Cloudflare Counters MPAA and RIAA’s ‘Rehashed’ Piracy Complaints

Post Syndicated from Ernesto original https://torrentfreak.com/cloudflare-counters-mpaa-and-riaas-rehashed-piracy-complaints-171020/

A few weeks ago several copyright holder groups sent their annual “Notorious Markets” complaints to the U.S. Trade Representative (USTR).

While the recommendations usually include well-known piracy sites such as The Pirate Bay, third-party services are increasingly mentioned. MPAA and RIAA, for example, wrote that Cloudflare frustrates enforcement efforts by helping pirate sites to “hide”.

The CDN provider is not happy with these characterizations and this week submitted a rebuttal. Cloudflare’s General Counsel Doug Kramer says that the company was surprised to see these mentions. Not only because they “distort” reality, but also because they are pretty much identical to those leveled last year.

“Most surprising is that their comments were basically the same complaints they filed in 2016 and contain the same mistakes and distortions that we pointed out in our rebuttal comments from October, 2016.”

“Simply repeating the same mischaracterizations for a second year in a row does not convert them into facts, so we are compelled to reiterate our objections,” Kramer adds (pdf).

There is indeed quite a bit of overlap between the submissions from both years. In fact, several sections are copied word for word, such as the RIAA’s allegation below.

“In addition, more sites are now employing services of Cloudflare, a content delivery network and distributed domain name server service. BitTorrent sites, like many other pirate sites, are increasing [sic] turning to Cloudflare because routing their site through Cloudflare obfuscates the IP address of the actual hosting provider, masking the location of the site.”

The same can be said about the MPAA’s submission, which includes a lot of the same comments and sentences as last year. That wouldn’t be much of a problem if the information was correct, but according to Cloudflare, that’s not the case.

The two industry groups claim that the CDN provider makes it more difficult to track where pirate sites are hosted. However, Cloudflare argues the opposite.

Both RIAA and MPAA are part of the “Trusted Reporter” program and use it frequently, Cloudflare points out. This program allows rightsholders to easily obtain the actual IP-addresses of Cloudflare-hosted websites that engage in widespread copyright infringement.

Most importantly, according to Cloudflare, is that the company follows the letter of the law.

“Cloudflare does not make the process of enforcing intellectual property rights online any harder — or any easier. We follow all applicable laws and regulations,” Cloudflare explained in its submission last year.

In its 2017 rebuttal, the company reiterates this position once again. Kramer also points to a recent blog post from CEO Matthew Prince, which discusses free speech and censorship issues. The message is that vigilante justice is not the answer to piracy, and all relevant stakeholders should get together to discuss how to handle these issues going forward.

For now, however, the USTR should disregard the comments regarding Cloudflare as irrelevant and inaccurate, the company argues.

“We trust that USTR will once again agree with Cloudflare that complaints implying that Cloudflare is aiding illegal activities have no place whatsoever in USTR’s Notorious Markets inquiry. It would seem to distract from and dilute the message of that report to focus on companies that are working to make the internet more cybersecure,” Kramer concludes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Derek Woodroffe’s steampunk tentacle hat

Post Syndicated from Janina Ander original https://www.raspberrypi.org/blog/steampunk-tentacle-hat/

Halloween: that glorious time of year when you’re officially allowed to make your friends jump out of their skin with your pranks. For those among us who enjoy dressing up, Halloween is also the occasion to go all out with costumes. And so, dear reader, we present to you: a steampunk tentacle hat, created by Derek Woodroffe.

Finished Tenticle hat

Finished Tenticle hat

Extreme Electronics

Derek is an engineer who loves all things electronics. He’s part of Extreme Kits, and he runs the website Extreme Electronics. Raspberry Pi Zero-controlled Tesla coils are Derek’s speciality — he’s even been on one of the Royal Institution’s Christmas Lectures with them! Skip ahead to 15:06 in this video to see Derek in action:

Let There Be Light! // 2016 CHRISTMAS LECTURES with Saiful Islam – Lecture 1

The first Lecture from Professor Saiful Islam’s 2016 series of CHRISTMAS LECTURES, ‘Supercharged: Fuelling the future’. Watch all three Lectures here: http://richannel.org/christmas-lectures 2016 marked the 80th anniversary since the BBC first broadcast the Christmas Lectures on TV. To celebrate, chemist Professor Saiful Islam explores a subject that the lectures’ founder – Michael Faraday – addressed in the very first Christmas Lectures – energy.

Wearables

Wearables are electronically augmented items you can wear. They might take the form of spy eyeglasses, clothes with integrated sensors, or, in this case, headgear adorned with mechanised tentacles.

Why did Derek make this? We’re not entirely sure, but we suspect he’s a fan of the Cthulu mythos. In any case, we were a little astounded by his project. This is how we reacted when Derek tweeted us about it:

Raspberry Pi on Twitter

@ExtElec @extkits This is beyond incredible and completely unexpected.

In fact, we had to recover from a fit of laughter before we actually managed to type this answer.

Making a steampunk tentacle hat

Derek made the ‘skeleton’ of each tentacle out of a net curtain spring, acrylic rings, and four lengths of fishing line. Two servomotors connect to two ends of fishing line each, and pull them to move the tentacle.

net curtain spring and acrylic rings forming a mechanic tentacle skeleton - steampunk tentacle hat by Derek Woodroffe
Two servos connecting to lengths of fishing line - steampunk tentacle hat by Derek Woodroffe

Then he covered the tentacles with nylon stockings and liquid latex, glued suckers cut out of MDF onto them, and mounted them on an acrylic base. The eight motors connect to a Raspberry Pi via an I2C 8-port PWM controller board.

artificial tentacles - steampunk tentacle hat by Derek Woodroffe
8 servomotors connected to a controller board and a raspberry pi- steampunk tentacle hat by Derek Woodroffe

The Pi makes the servos pull the tentacles so that they move in sine waves in both the x and y directions, seemingly of their own accord. Derek cut open the top of a hat to insert the mounted tentacles, and he used more liquid latex to give the whole thing a slimy-looking finish.

steampunk tentacle hat by Derek Woodroffe

Iä! Iä! Cthulhu fhtagn!

You can read more about Derek’s steampunk tentacle hat here. He will be at the Beeston Raspberry Jam in November to show off his build, so if you’re in the Nottingham area, why not drop by?

Wearables for Halloween

This build is already pretty creepy, but just imagine it with a sensor- or camera-powered upgrade that makes the tentacles reach for people nearby. You’d have nightmare fodder for weeks.

With the help of the Raspberry Pi, any Halloween costume can be taken to the next level. How could Pi technology help you to win that coveted ‘Scariest costume’ prize this year? Tell us your ideas in the comments, and be sure to share pictures of you in your get-up with us on Twitter, Facebook, or Instagram.

The post Derek Woodroffe’s steampunk tentacle hat appeared first on Raspberry Pi.

Google Asked to Delist Pirate Movie Sites, ISPs Asked to Block Them

Post Syndicated from Andy original https://torrentfreak.com/google-asked-to-delist-pirate-movie-sites-isps-asked-to-block-them-171018/

After seizing several servers operated by popular private music tracker What.cd, last November French police went after a much bigger target.

Boasting millions of regular visitors, Zone-Telechargement (Zone-Download) was ranked the 11th most-visited website in the whole of the country. The site offered direct downloads of a wide variety of pirated content, including films, series, games, and music. Until the French Gendarmerie shut it down, that is.

After being founded in 2011 and enjoying huge growth following the 2012 raids against Megaupload, the Zone-Telechargement ‘brand’ was still popular with French users, despite the closure of the platform. It, therefore, came as no surprise that the site was quickly cloned by an unknown party and relaunched as Zone-Telechargement.ws.

The site has been doing extremely well following its makeover. To the annoyance of copyright holders, SimilarWeb reports the platform as France’s 37th most popular site with around 58 million visitors per month. That’s a huge achievement in less than 12 months.

Now, however, the site is receiving more unwanted attention. PCInpact says it has received information that several movie-focused organizations including the French National Film Center are requesting tough action against the site.

The National Federation of Film Distributors, the Video Publishing Union, the Association of Independent Producers and the Producers Union are all demanding the blocking of Zone-Telechargement by several local ISPs, alongside its delisting from search results.

The publication mentions four Internet service providers – Free, Numericable, Bouygues Telecom, and Orange – plus Google on the search engine front. At this stage, other search companies, such as Microsoft’s Bing, are not reported as part of the action.

In addition to Zone-Telechargement, several other ‘pirate’ sites (Papystreaming.org, Sokrostream.cc and Zonetelechargement.su, another site playing on the popular brand) are included in the legal process. All are described as “structurally infringing” by the complaining movie outfits, PCInpact notes.

The legal proceedings against the sites are based in Article 336-2 of the Intellectual Property Code. It’s ground already trodden by movie companies who following a 2011 complaint, achieved victory in 2013 against several Allostreaming-linked sites.

In that case, the High Court of Paris ordered ISPs, several of which appear in the current action, to “implement all appropriate means including blocking” to prevent access to the infringing sites.

The Court also ordered Google, Microsoft, and Yahoo to “take all necessary measures to prevent the occurrence on their services of any results referring to any of the sites” on their platforms.

Also of interest is that the action targets a service called DL-Protecte.com, which according to local anti-piracy agency HADOPI, makes it difficult for rightsholders to locate infringing content while at the same time generates more revenue for pirate sites.

A judgment is expected in “several months.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Amazon Lightsail Update – Launch and Manage Windows Virtual Private Servers

Post Syndicated from Jeff Barr original https://aws.amazon.com/blogs/aws/amazon-lightsail-update-launch-and-manage-windows-virtual-private-servers/

I first told you about Amazon Lightsail last year in my blog post, Amazon Lightsail – the Power of AWS, the Simplicity of a VPS. Since last year’s launch, thousands of customers have used Lightsail to get started with AWS, launching Linux-based Virtual Private Servers.

Today we are adding support for Windows-based Virtual Private Servers. You can launch a VPS that runs Windows Server 2012 R2, Windows Server 2016, or Windows Server 2016 with SQL Server 2016 Express and be up and running in minutes. You can use your VPS to build, test, and deploy .NET or Windows applications without having to set up or run any infrastructure. Backups, DNS management, and operational metrics are all accessible with a click or two.

Servers are available in five sizes, with 512 MB to 8 GB of RAM, 1 or 2 vCPUs, and up to 80 GB of SSD storage. Prices (including software licenses) start at $10 per month:

You can try out a 512 MB server for one month (up to 750 hours) at no charge.

Launching a Windows VPS
To launch a Windows VPS, log in to Lightsail , click on Create instance, and select the Microsoft Windows platform. Then click on Apps + OS if you want to run SQL Server 2016 Express, or OS Only if Windows is all you need:

If you want to use a Powershell script to customize your instance after it launches for the first time, click on Add launch script and enter the script:

Choose your instance plan, enter a name for your instance(s), and select the quantity to be launched, then click on Create:

Your instance will be up and running within a minute or so:

Click on the instance, and then click on Connect using RDP:

This will connect using a built-in, browser-based RDP client (you can also use the IP address and the credentials with another client):

Available Today
This feature is available today in the US East (Northern Virginia), US East (Ohio), US West (Oregon), EU (London), EU (Ireland), EU (Frankfurt), Asia Pacific (Singapore), Asia Pacific (Mumbai), Asia Pacific (Sydney), and Asia Pacific (Tokyo) Regions.

Jeff;

 

PureVPN Explains How it Helped the FBI Catch a Cyberstalker

Post Syndicated from Andy original https://torrentfreak.com/purevpn-explains-how-it-helped-the-fbi-catch-a-cyberstalker-171016/

Early October, Ryan S. Lin, 24, of Newton, Massachusetts, was arrested on suspicion of conducting “an extensive cyberstalking campaign” against a 24-year-old Massachusetts woman, as well as her family members and friends.

The Department of Justice described Lin’s offenses as a “multi-faceted” computer hacking and cyberstalking campaign. Launched in April 2016 when he began hacking into the victim’s online accounts, Lin allegedly obtained personal photographs and sensitive information about her medical and sexual histories and distributed that information to hundreds of other people.

Details of what information the FBI compiled on Lin can be found in our earlier report but aside from his alleged crimes (which are both significant and repugnant), it was PureVPN’s involvement in the case that caused the most controversy.

In a report compiled by an FBI special agent, it was revealed that the Hong Kong-based company’s logs helped the authorities net the alleged criminal.

“Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home Lin was living in at the time, and the software company where Lin was employed at the time,” the agent’s affidavit reads.

Among many in the privacy community, this revelation was met with disappointment. On the PureVPN website the company claims to carry no logs and on a general basis, it’s expected that so-called “no-logging” VPN providers should provide people with some anonymity, at least as far as their service goes. Now, several days after the furor, the company has responded to its critics.

In a fairly lengthy statement, the company begins by confirming that it definitely doesn’t log what websites a user views or what content he or she downloads.

“PureVPN did not breach its Privacy Policy and certainly did not breach your trust. NO browsing logs, browsing habits or anything else was, or ever will be shared,” the company writes.

However, that’s only half the problem. While it doesn’t log user activity (what sites people visit or content they download), it does log the IP addresses that customers use to access the PureVPN service. These, given the right circumstances, can be matched to external activities thanks to logs carried by other web companies.

PureVPN talks about logs held by Google’s Gmail service to illustrate its point.

“A network log is automatically generated every time a user visits a website. For the sake of this example, let’s say a user logged into their Gmail account. Every time they accessed Gmail, the email provider created a network log,” the company explains.

“If you are using a VPN, Gmail’s network log would contain the IP provided by PureVPN. This is one half of the picture. Now, if someone asks Google who accessed the user’s account, Google would state that whoever was using this IP, accessed the account.

“If the user was connected to PureVPN, it would be a PureVPN IP. The inquirer [in the Lin case, the FBI] would then share timestamps and network logs acquired from Google and ask them to be compared with the network logs maintained by the VPN provider.”

Now, if PureVPN carried no logs – literally no logs – it would not be able to help with this kind of inquiry. That was the case last year when the FBI approached Private Internet Access for information and the company was unable to assist.

However, as is made pretty clear by PureVPN’s explanation, the company does log user IP addresses and timestamps which reveal when a user was logged on to the service. It doesn’t matter that PureVPN doesn’t log what the user allegedly did online, since the third-party service already knows that information to the precise second.

Following the example, GMail knows that a user sent an email at 10:22am on Monday October 16 from a PureVPN IP address. So, if PureVPN is approached by the FBI, the company can confirm that User X was using the same IP address at exactly the same time, and his home IP address was XXX.XX.XXX.XX. Effectively, the combined logs link one IP address to the other and the user is revealed. It’s that simple.

It is for this reason that in TorrentFreak’s annual summary of no-logging VPN providers, the very first question we ask every single company reads as follows:

Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user/users of your service? If so, what information do you hold and for how long?

Clearly, if a company says “yes we log incoming IP addresses and associated timestamps”, any claim to total user anonymity is ended right there and then.

While not completely useless (a logging service will still stop the prying eyes of ISPs and similar surveillance, while also defeating throttling and site-blocking), if you’re a whistle-blower with a job or even your life to protect, this level of protection is entirely inadequate.

The take-home points from this controversy are numerous, but perhaps the most important is for people to read and understand VPN provider logging policies.

Secondly, and just as importantly, VPN providers need to be extremely clear about the information they log. Not tracking browsing or downloading activities is all well and good, but if home IP addresses and timestamps are stored, this needs to be made clear to the customer.

Finally, VPN users should not be evil. There are plenty of good reasons to stay anonymous online but cyberstalking, death threats and ruining people’s lives are not included. Fortunately, the FBI have offline methods for catching this type of offender, and long may that continue.

PureVPN’s blog post is available here.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Popular Zer0day Torrent Tracker Taken Offline By Mass Copyright Complaint

Post Syndicated from Andy original https://torrentfreak.com/popular-zer0day-torrent-tracker-taken-offline-by-mass-copyright-complaint-171014/

In January 2016, a BitTorrent enthusiast decided to launch a stand-alone tracker, purely for fun.

The Zer0day platform, which hosts no torrents, is a tracker in the purest sense, directing traffic between peers, no matter what content is involved and no matter where people are in the world.

With this type of tracker in short supply, it was soon utilized by The Pirate Bay and the now-defunct ExtraTorrent. By August 2016, it was tracking almost four million peers and a million torrents, a considerable contribution to the BitTorrent ecosystem.

After handling many ups and downs associated with a service of this type, the tracker eventually made it to the end of 2016 intact. This year it grew further still and by the end of September was tracking an impressive 5.5 million peers spread over 1.2 million torrents. Soon after, however, the tracker disappeared from the Internet without warning.

In an effort to find out what had happened, TorrentFreak contacted Zer0day’s operator who told us a familiar story. Without any warning at all, the site’s host pulled the plug on the service, despite having been paid 180 euros for hosting just a week earlier.

“We’re hereby informing you of the termination of your dedicated server due to a breach of our terms of service,” the host informed Zer0day.

“Hosting trackers on our servers that distribute infringing and copyrighted content is prohibited. This server was found to distribute such content. Should we identify additional similar activity in your services, we will be forced to close your account.”

While hosts tend not to worry too much about what their customers are doing, this one had just received a particularly lengthy complaint. Sent by the head of anti-piracy at French collecting society SCPP, it laid out the group’s problems with the Zer0day tracker.

“SCPP has been responsible for the collective management and protection of sound recordings and music videos producers’ rights since 1985. SCPP counts more than 2,600 members including the majority of independent French producers, in addition to independent European producers, and the major international companies: Sony, Universal and Warner,” the complaints reads.

“SCPP administers a catalog of 7,200,000 sound tracks and 77,000 music videos. SCPP is empowered by its members to take legal action in order to put an end to any infringements of the producers’ rights set out in Article L335-4 of the French Intellectual Property Code…..punishable by a three-year prison sentence or a fine of €300,000.”

Noting that it works on behalf of a number of labels and distributors including BMG, Sony Music, Universal Music, Warner Music and others, SCPP listed countless dozens of albums under its protection, each allegedly tracked by the Zer0day platform.

“It has come to our attention that these music albums are illegally being communicated to the public (made available for download) by various users of the BitTorrent-Network,” the complaint reads.

Noting that Zer0day is involved in the process, the anti-piracy outfit presented dozens of hash codes relating to protected works, demanding that the site stop facilitation of infringement on each and every one of them.

“We have proof that your tracker udp://tracker.zer0day.to:1337/announce provided peers of the BitTorrent-Network with information regarding these torrents, to be specific IP Addresses of peers that were offering without authorization the full albums for download, and that this information enabled peers to download files that contain the sound recordings to which our members producers have the exclusive rights.

“These sound recordings are thus being illegally communicated to the public, and your tracker is enabling the seeders to do so.”

Rather than take the hashes down from the tracker, SCPP actually demanded that Zer0day create a permanent blacklist within 24 hours, to ensure the corresponding torrents wouldn’t be tracked again.

“You should understand that this letter constitutes a notice to you that you may be liable for the infringing activity occurring on your service. In addition, if you ignore this notice, you may also be liable for any resulting infringement,” the complaint added.

But despite all the threats, SCPP didn’t receive the response they’d demanded since the operator of the site refused to take any action.

“Obviously, ‘info hashes’ are not copyrightable nor point to specific copyrighted content, or even have any meaning. Further, I cannot verify that request strings parameters (‘info hashes’) you sent me contain copyrighted material,” he told SCPP.

“Like the website says; for content removal kindly ask the indexing site to remove the listing and the .torrent file. Also, tracker software does not have an option to block request strings parameters (‘info hashes’).”

The net effect of non-compliance with SCPP was fairly dramatic and swift. Zer0day’s host took down the whole tracker instead and currently it remains offline. Whether it reappears depends on the site’s operator finding a suitable web host, but at the moment he says he has no idea where one will appear from.

“Currently I’m searching for some virtual private server as a temporary home for the tracker,” he concludes.

As mentioned in an earlier article detailing the problems sites like Zer0day.to face, trackers aren’t absolutely essential for the functioning of BitTorrent transfers. Nevertheless, their existence certainly improves matters for file-sharers so when they go down, millions can be affected.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Господа министри, мерете си данните

Post Syndicated from Bozho original https://blog.bozho.net/blog/2965

Когато някой „по телевизора“ изкаже някакво твърдение, никога не е ясно откъде са му данните. Разпространяват се доста митове, основани на гледане в тавана. Но в тези случаи има поне частично обяснение – хората може би просто няма откъде да вземат данните, за да ги анализират.

Не така стоят нещата с министрите, обаче. Министрите (и председателите на агенции) разполагат с администрация, която може да им даде данни. Прави впечатление обаче фриволното боравене с метарията, и разпространяване на данни, които просто са грешни. Боян Юруков вече е писал за председателя на агенцията за българите в чужбина, който напълно необосновано обяви, че има 6-7 милиона българи в чужбина.

Аз ще се спра на министъра на околната среда, Нено Димов, който през седмицата е обявил, че „през 2016 г. в столицата е имало едва две минимални превишения на показателите за замърсяване с фини прахови частици“. Това ми звучеше доста малко вероятно, предвид, че данните за 2015-та, които съм разглеждал, показваха 60 дни над нормата (при допустими 35). За 1 година такъв напредък, въпреки позитивния тренд, изглеждаше невероятен.

За съжаление ИАОС не публикува суровите данни във формата, в който бях взел тези до 2015 (с искане за обществена информация), но благодарение на инициативата за отворени данни все пак всеки ден качват данни от бюлетина за качеството на въздуха, където пише коя станция е превишила дадена норма. На база на тези данни не мога да направя същите графики като в предишния анализ, но мога да проверя твърдението на министъра.

И то, разбира се, се оказа грешно. Ето броя дни, в които нормата е превишена:

Превишена стойност в поне 1 станция: 74 дни
Превишена стойност в поне 2 станции: 48 дни
Превишена стойност в поне 3 станции: 43 дни
Превишена стойност в поне 4 станции: 36 дни
Превишена стойност в поне 5 станции: 15 дни

По спомен, станциите са 6, но последната е на Копитото и там винаги е чисто. С наличните данни (които са качени за 340, а не за 365 дни) не мога да кажа за средната стойност за града, но когато 4 от 5 станции имат превишение 36 дни (1 над европейската норма), министърът просто изнася грешни данни. Или „е имал предвид друго“, в който случай – нека обясни.

Пак подчертавам, че трендът наистина изглежда позитивен. Също така приветствам вземането на мерки срещу замърсяването от страна на министерството – именно национална политика по въпроса е начинът за решаване на проблема. Но не е редно да имаш цялата администрация на МОСВ и ИАОС под себе си и да кажеш, че само 2 дни била превишена нормата. Надявам се мерките, които се подготвят, да са основание на по-верни данни.

Всъщност, трендът може би изглежда възходящ заради факта, че от няколко години измервателната станция на Орлов мост е премахната. Там, разбира се, фините прахови частици са в най-големи количества. Вероятно има разумно обяснение за премахването (наистина Орлов мост е граничен случай), но трябва да го имаме предвид.

И в това всъщност е част от проблема – в София има доста малко измервателни станции, за да придобием пълна картина. Най-близката станция до мен е на километри. За щастие има проекта airbg.info, чрез който всеки може да си постави измервателна станция и да докладва данните. Така се създава доста по-пълна картина на замърсяването. В съботната сутрин, без мъгли и без нужда от сериозно отопление, картата на София изглежда добре.

Но да се върнем на министрите и данните. Политиката за отворени данни има за цел както повече прозрачност, така и по-информирани решения в управлението. Второто засега не изглежда да е постигнато, решения продължават често да се вземат „по интуиция“, а официални лица продължават да разпространяват неосновани на данни твърдения. Но поне данните ги има, та гражданите можем да посочим грешките.

My Blogging

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/10/my_blogging.html

Blog regulars will notice that I haven’t been posting as much lately as I have in the past. There are two reasons. One, it feels harder to find things to write about. So often it’s the same stories over and over. I don’t like repeating myself. Two, I am busy writing a book. The title is still: Click Here to Kill Everybody: Peril and Promise in a Hyper-Connected World. The book is a year late, and as a very different table of contents than it had in 2016. I have been writing steadily since mid-August. The book is due to the publisher at the end of March 2018, and will be published in the beginning of September.

This is the current table of contents:

  • Introduction: Everything is Becoming a Computer
  • Part 1: The Trends
    • 1. Capitalism Continues to Drive the Internet
    • 2. Customer/User Control is Next
    • 3. Government Surveillance and Control is Also Increasing
    • 4. Cybercrime is More Profitable Than Ever
    • 5. Cyberwar is the New Normal
    • 6. Algorithms, Automation, and Autonomy Bring New Dangers
    • 7. What We Know About Computer Security
    • 8. Agile is Failing as a Security Paradigm
    • 9. Authentication and Identification are Getting Harder
    • 10. Risks are Becoming Catastrophic
  • Part 2: The Solutions
    • 11. We Need to Regulate the Internet of Things
    • 12. We Need to Defend Critical Infrastructure
    • 13. We Need to Prioritize Defense Over Offence
    • 14. We Need to Make Smarter Decisions About Connecting
    • 15. What’s Likely to Happen, and What We Can Do in Response
    • 16. Where Policy Can Go Wrong
  • Conclusion: Technology and Policy, Together

So that’s what’s been happening.

Popcorn Time Creator Readies BitTorrent & Blockchain-Powered Video Platform

Post Syndicated from Andy original https://torrentfreak.com/popcorn-time-creator-readies-bittorrent-blockchain-powered-youtube-competitor-171012/

Without a doubt, YouTube is one of the most important websites available on the Internet today.

Its massive archive of videos brings pleasure to millions on a daily basis but its centralized nature means that owner Google always exercises control.

Over the years, people have looked to decentralize the YouTube concept and the latest project hoping to shake up the market has a particularly interesting player onboard.

Until 2015, only insiders knew that Argentinian designer Federico Abad was actually ‘Sebastian’, the shadowy figure behind notorious content sharing platform Popcorn Time.

Now he’s part of the team behind Flixxo, a BitTorrent and blockchain-powered startup hoping to wrestle a share of the video market from YouTube. Here’s how the team, which features blockchain startup RSK Labs, hope things will play out.

The Flixxo network will have no centralized storage of data, eliminating the need for expensive hosting along with associated costs. Instead, transfers will take place between peers using BitTorrent, meaning video content will be stored on the machines of Flixxo users. In practice, the content will be downloaded and uploaded in much the same way as users do on The Pirate Bay or indeed Abad’s baby, Popcorn Time.

However, there’s a twist to the system that envisions content creators, content consumers, and network participants (seeders) making revenue from their efforts.

At the heart of the Flixxo system are digital tokens (think virtual currency), called Flixx. These Flixx ‘coins’, which will go on sale in 12 days, can be used to buy access to content. Creators can also opt to pay consumers when those people help to distribute their content to others.

“Free from structural costs, producers can share the earnings from their content with the network that supports them,” the team explains.

“This way you get paid for helping us improve Flixxo, and you earn credits (in the form of digital tokens called Flixx) for watching higher quality content. Having no intermediaries means that the price you pay for watching the content that you actually want to watch is lower and fairer.”

The Flixxo team

In addition to earning tokens from helping to distribute content, people in the Flixxo ecosystem can also earn currency by watching sponsored content, i.e advertisements. While in a traditional system adverts are often considered a nuisance, Flixx tokens have real value, with a promise that users will be able to trade their Flixx not only for videos, but also for tangible and semi-tangible goods.

“Use your Flixx to reward the producers you follow, encouraging them to create more awesome content. Or keep your Flixx in your wallet and use them to buy a movie ticket, a pair of shoes from an online retailer, a chest of coins in your favourite game or even convert them to old-fashioned cash or up-and-coming digital assets, like Bitcoin,” the team explains.

The Flixxo team have big plans. After foundation in early 2016, the second quarter of 2017 saw the completion of a functional alpha release. In a little under two weeks, the project will begin its token generation event, with new offices in Los Angeles planned for the first half of 2018 alongside a premiere of the Flixxo platform.

“A total of 1,000,000,000 (one billion) Flixx tokens will be issued. A maximum of 300,000,000 (three hundred million) tokens will be sold. Some of these tokens (not more than 33% or 100,000,000 Flixx) may be sold with anticipation of the token allocation event to strategic investors,” Flixxo states.

Like all content platforms, Flixxo will live or die by the quality of the content it provides and whether, at least in the first instance, it can persuade people to part with their hard-earned cash. Only time will tell whether its content will be worth a premium over readily accessible YouTube content but with much-reduced costs, it may tempt creators seeking a bigger piece of the pie.

“Flixxo will also educate its community, teaching its users that in this new internet era value can be held and transferred online without intermediaries, a value that can be earned back by participating in a community, by contributing, being rewarded for every single social interaction,” the team explains.

Of course, the elephant in the room is what will happen when people begin sharing copyrighted content via Flixxo. Certainly, the fact that Popcorn Time’s founder is a key player and rival streaming platform Stremio is listed as a partner means that things could get a bit spicy later on.

Nevertheless, the team suggests that piracy and spam content distribution will be limited by mechanisms already built into the system.

“[A]uthors have to time-block tokens in a smart contract (set as a warranty) in order to upload content. This contract will also handle and block their earnings for a certain period of time, so that in the case of a dispute the unfair-uploader may lose those tokens,” they explain.

That being said, Flixxo also says that “there is no way” for third parties to censor content “which means that anyone has the chance of making any piece of media available on the network.” However, Flixxo says it will develop tools for filtering what it describes as “inappropriate content.”

At this point, things start to become a little unclear. On the one hand Flixxo says it could become a “revolutionary tool for uncensorable and untraceable media” yet on the other it says that it’s necessary to ensure that adult content, for example, isn’t seen by kids.

“We know there is a thin line between filtering or curating content and censorship, and it is a fact that we have an open network for everyone to upload any content. However, Flixxo as a platform will apply certain filtering based on clear rules – there should be a behavior-code for uploaders in order to offer the right content to the right user,” Flixxo explains.

To this end, Flixxo says it will deploy a centralized curation function, carried out by 101 delegates elected by the community, which will become progressively decentralized over time.

“This curation will have a cost, paid in Flixx, and will be collected from the warranty blocked by the content uploaders,” they add.

There can be little doubt that if Flixxo begins ‘curating’ unsuitable content, copyright holders will call on it to do the same for their content too. And, if the platform really takes off, 101 curators probably won’t scratch the surface. There’s also the not inconsiderable issue of what might happen to curators’ judgment when they’re incentivized to block curate content.

Finally, for those sick of “not available in your region” messages, there’s good and bad news. Flixxo insists there will be no geo-blocking of content on its part but individual creators will still have that feature available to them, should they choose.

The Flixx whitepaper can be downloaded here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

"Responsible encryption" fallacies

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/10/responsible-encryption-fallacies.html

Deputy Attorney General Rod Rosenstein gave a speech recently calling for “Responsible Encryption” (aka. “Crypto Backdoors”). It’s full of dangerous ideas that need to be debunked.

The importance of law enforcement

The first third of the speech talks about the importance of law enforcement, as if it’s the only thing standing between us and chaos. It cites the 2016 Mirai attacks as an example of the chaos that will only get worse without stricter law enforcement.

But the Mira case demonstrated the opposite, how law enforcement is not needed. They made no arrests in the case. A year later, they still haven’t a clue who did it.

Conversely, we technologists have fixed the major infrastructure issues. Specifically, those affected by the DNS outage have moved to multiple DNS providers, including a high-capacity DNS provider like Google and Amazon who can handle such large attacks easily.

In other words, we the people fixed the major Mirai problem, and law-enforcement didn’t.

Moreover, instead being a solution to cyber threats, law enforcement has become a threat itself. The DNC didn’t have the FBI investigate the attacks from Russia likely because they didn’t want the FBI reading all their files, finding wrongdoing by the DNC. It’s not that they did anything actually wrong, but it’s more like that famous quote from Richelieu “Give me six words written by the most honest of men and I’ll find something to hang him by”. Give all your internal emails over to the FBI and I’m certain they’ll find something to hang you by, if they want.
Or consider the case of Andrew Auernheimer. He found AT&T’s website made public user accounts of the first iPad, so he copied some down and posted them to a news site. AT&T had denied the problem, so making the problem public was the only way to force them to fix it. Such access to the website was legal, because AT&T had made the data public. However, prosecutors disagreed. In order to protect the powerful, they twisted and perverted the law to put Auernheimer in jail.

It’s not that law enforcement is bad, it’s that it’s not the unalloyed good Rosenstein imagines. When law enforcement becomes the thing Rosenstein describes, it means we live in a police state.

Where law enforcement can’t go

Rosenstein repeats the frequent claim in the encryption debate:

Our society has never had a system where evidence of criminal wrongdoing was totally impervious to detection

Of course our society has places “impervious to detection”, protected by both legal and natural barriers.

An example of a legal barrier is how spouses can’t be forced to testify against each other. This barrier is impervious.

A better example, though, is how so much of government, intelligence, the military, and law enforcement itself is impervious. If prosecutors could gather evidence everywhere, then why isn’t Rosenstein prosecuting those guilty of CIA torture?

Oh, you say, government is a special exception. If that were the case, then why did Rosenstein dedicate a precious third of his speech discussing the “rule of law” and how it applies to everyone, “protecting people from abuse by the government”. It obviously doesn’t, there’s one rule of government and a different rule for the people, and the rule for government means there’s lots of places law enforcement can’t go to gather evidence.

Likewise, the crypto backdoor Rosenstein is demanding for citizens doesn’t apply to the President, Congress, the NSA, the Army, or Rosenstein himself.

Then there are the natural barriers. The police can’t read your mind. They can only get the evidence that is there, like partial fingerprints, which are far less reliable than full fingerprints. They can’t go backwards in time.

I mention this because encryption is a natural barrier. It’s their job to overcome this barrier if they can, to crack crypto and so forth. It’s not our job to do it for them.

It’s like the camera that increasingly comes with TVs for video conferencing, or the microphone on Alexa-style devices that are always recording. This suddenly creates evidence that the police want our help in gathering, such as having the camera turned on all the time, recording to disk, in case the police later gets a warrant, to peer backward in time what happened in our living rooms. The “nothing is impervious” argument applies here as well. And it’s equally bogus here. By not helping police by not recording our activities, we aren’t somehow breaking some long standing tradit

And this is the scary part. It’s not that we are breaking some ancient tradition that there’s no place the police can’t go (with a warrant). Instead, crypto backdoors breaking the tradition that never before have I been forced to help them eavesdrop on me, even before I’m a suspect, even before any crime has been committed. Sure, laws like CALEA force the phone companies to help the police against wrongdoers — but here Rosenstein is insisting I help the police against myself.

Balance between privacy and public safety

Rosenstein repeats the frequent claim that encryption upsets the balance between privacy/safety:

Warrant-proof encryption defeats the constitutional balance by elevating privacy above public safety.

This is laughable, because technology has swung the balance alarmingly in favor of law enforcement. Far from “Going Dark” as his side claims, the problem we are confronted with is “Going Light”, where the police state monitors our every action.

You are surrounded by recording devices. If you walk down the street in town, outdoor surveillance cameras feed police facial recognition systems. If you drive, automated license plate readers can track your route. If you make a phone call or use a credit card, the police get a record of the transaction. If you stay in a hotel, they demand your ID, for law enforcement purposes.

And that’s their stuff, which is nothing compared to your stuff. You are never far from a recording device you own, such as your mobile phone, TV, Alexa/Siri/OkGoogle device, laptop. Modern cars from the last few years increasingly have always-on cell connections and data recorders that record your every action (and location).

Even if you hike out into the country, when you get back, the FBI can subpoena your GPS device to track down your hidden weapon’s cache, or grab the photos from your camera.

And this is all offline. So much of what we do is now online. Of the photographs you own, fewer than 1% are printed out, the rest are on your computer or backed up to the cloud.

Your phone is also a GPS recorder of your exact position all the time, which if the government wins the Carpenter case, they police can grab without a warrant. Tagging all citizens with a recording device of their position is not “balance” but the premise for a novel more dystopic than 1984.

If suspected of a crime, which would you rather the police searched? Your person, houses, papers, and physical effects? Or your mobile phone, computer, email, and online/cloud accounts?

The balance of privacy and safety has swung so far in favor of law enforcement that rather than debating whether they should have crypto backdoors, we should be debating how to add more privacy protections.

“But it’s not conclusive”

Rosenstein defends the “going light” (“Golden Age of Surveillance”) by pointing out it’s not always enough for conviction. Nothing gives a conviction better than a person’s own words admitting to the crime that were captured by surveillance. This other data, while copious, often fails to convince a jury beyond a reasonable doubt.
This is nonsense. Police got along well enough before the digital age, before such widespread messaging. They solved terrorist and child abduction cases just fine in the 1980s. Sure, somebody’s GPS location isn’t by itself enough — until you go there and find all the buried bodies, which leads to a conviction. “Going dark” imagines that somehow, the evidence they’ve been gathering for centuries is going away. It isn’t. It’s still here, and matches up with even more digital evidence.
Conversely, a person’s own words are not as conclusive as you think. There’s always missing context. We quickly get back to the Richelieu “six words” problem, where captured communications are twisted to convict people, with defense lawyers trying to untwist them.

Rosenstein’s claim may be true, that a lot of criminals will go free because the other electronic data isn’t convincing enough. But I’d need to see that claim backed up with hard studies, not thrown out for emotional impact.

Terrorists and child molesters

You can always tell the lack of seriousness of law enforcement when they bring up terrorists and child molesters.
To be fair, sometimes we do need to talk about terrorists. There are things unique to terrorism where me may need to give government explicit powers to address those unique concerns. For example, the NSA buys mobile phone 0day exploits in order to hack terrorist leaders in tribal areas. This is a good thing.
But when terrorists use encryption the same way everyone else does, then it’s not a unique reason to sacrifice our freedoms to give the police extra powers. Either it’s a good idea for all crimes or no crimes — there’s nothing particular about terrorism that makes it an exceptional crime. Dead people are dead. Any rational view of the problem relegates terrorism to be a minor problem. More citizens have died since September 8, 2001 from their own furniture than from terrorism. According to studies, the hot water from the tap is more of a threat to you than terrorists.
Yes, government should do what they can to protect us from terrorists, but no, it’s not so bad of a threat that requires the imposition of a military/police state. When people use terrorism to justify their actions, it’s because they trying to form a military/police state.
A similar argument works with child porn. Here’s the thing: the pervs aren’t exchanging child porn using the services Rosenstein wants to backdoor, like Apple’s Facetime or Facebook’s WhatsApp. Instead, they are exchanging child porn using custom services they build themselves.
Again, I’m (mostly) on the side of the FBI. I support their idea of buying 0day exploits in order to hack the web browsers of visitors to the secret “PlayPen” site. This is something that’s narrow to this problem and doesn’t endanger the innocent. On the other hand, their calls for crypto backdoors endangers the innocent while doing effectively nothing to address child porn.
Terrorists and child molesters are a clichéd, non-serious excuse to appeal to our emotions to give up our rights. We should not give in to such emotions.

Definition of “backdoor”

Rosenstein claims that we shouldn’t call backdoors “backdoors”:

No one calls any of those functions [like key recovery] a “back door.”  In fact, those capabilities are marketed and sought out by many users.

He’s partly right in that we rarely refer to PGP’s key escrow feature as a “backdoor”.

But that’s because the term “backdoor” refers less to how it’s done and more to who is doing it. If I set up a recovery password with Apple, I’m the one doing it to myself, so we don’t call it a backdoor. If it’s the police, spies, hackers, or criminals, then we call it a “backdoor” — even it’s identical technology.

Wikipedia uses the key escrow feature of the 1990s Clipper Chip as a prime example of what everyone means by “backdoor“. By “no one”, Rosenstein is including Wikipedia, which is obviously incorrect.

Though in truth, it’s not going to be the same technology. The needs of law enforcement are different than my personal key escrow/backup needs. In particular, there are unsolvable problems, such as a backdoor that works for the “legitimate” law enforcement in the United States but not for the “illegitimate” police states like Russia and China.

I feel for Rosenstein, because the term “backdoor” does have a pejorative connotation, which can be considered unfair. But that’s like saying the word “murder” is a pejorative term for killing people, or “torture” is a pejorative term for torture. The bad connotation exists because we don’t like government surveillance. I mean, honestly calling this feature “government surveillance feature” is likewise pejorative, and likewise exactly what it is that we are talking about.

Providers

Rosenstein focuses his arguments on “providers”, like Snapchat or Apple. But this isn’t the question.

The question is whether a “provider” like Telegram, a Russian company beyond US law, provides this feature. Or, by extension, whether individuals should be free to install whatever software they want, regardless of provider.

Telegram is a Russian company that provides end-to-end encryption. Anybody can download their software in order to communicate so that American law enforcement can’t eavesdrop. They aren’t going to put in a backdoor for the U.S. If we succeed in putting backdoors in Apple and WhatsApp, all this means is that criminals are going to install Telegram.

If the, for some reason, the US is able to convince all such providers (including Telegram) to install a backdoor, then it still doesn’t solve the problem, as uses can just build their own end-to-end encryption app that has no provider. It’s like email: some use the major providers like GMail, others setup their own email server.

Ultimately, this means that any law mandating “crypto backdoors” is going to target users not providers. Rosenstein tries to make a comparison with what plain-old telephone companies have to do under old laws like CALEA, but that’s not what’s happening here. Instead, for such rules to have any effect, they have to punish users for what they install, not providers.

This continues the argument I made above. Government backdoors is not something that forces Internet services to eavesdrop on us — it forces us to help the government spy on ourselves.
Rosenstein tries to address this by pointing out that it’s still a win if major providers like Apple and Facetime are forced to add backdoors, because they are the most popular, and some terrorists/criminals won’t move to alternate platforms. This is false. People with good intentions, who are unfairly targeted by a police state, the ones where police abuse is rampant, are the ones who use the backdoored products. Those with bad intentions, who know they are guilty, will move to the safe products. Indeed, Telegram is already popular among terrorists because they believe American services are already all backdoored. 
Rosenstein is essentially demanding the innocent get backdoored while the guilty don’t. This seems backwards. This is backwards.

Apple is morally weak

The reason I’m writing this post is because Rosenstein makes a few claims that cannot be ignored. One of them is how he describes Apple’s response to government insistence on weakening encryption doing the opposite, strengthening encryption. He reasons this happens because:

Of course they [Apple] do. They are in the business of selling products and making money. 

We [the DoJ] use a different measure of success. We are in the business of preventing crime and saving lives. 

He swells in importance. His condescending tone ennobles himself while debasing others. But this isn’t how things work. He’s not some white knight above the peasantry, protecting us. He’s a beat cop, a civil servant, who serves us.

A better phrasing would have been:

They are in the business of giving customers what they want.

We are in the business of giving voters what they want.

Both sides are doing the same, giving people what they want. Yes, voters want safety, but they also want privacy. Rosenstein imagines that he’s free to ignore our demands for privacy as long has he’s fulfilling his duty to protect us. He has explicitly rejected what people want, “we use a different measure of success”. He imagines it’s his job to tell us where the balance between privacy and safety lies. That’s not his job, that’s our job. We, the people (and our representatives), make that decision, and it’s his job is to do what he’s told. His measure of success is how well he fulfills our wishes, not how well he satisfies his imagined criteria.

That’s why those of us on this side of the debate doubt the good intentions of those like Rosenstein. He criticizes Apple for wanting to protect our rights/freedoms, and declare they measure success differently.

They are willing to be vile

Rosenstein makes this argument:

Companies are willing to make accommodations when required by the government. Recent media reports suggest that a major American technology company developed a tool to suppress online posts in certain geographic areas in order to embrace a foreign government’s censorship policies. 

Let me translate this for you:

Companies are willing to acquiesce to vile requests made by police-states. Therefore, they should acquiesce to our vile police-state requests.

It’s Rosenstein who is admitting here is that his requests are those of a police-state.

Constitutional Rights

Rosenstein says:

There is no constitutional right to sell warrant-proof encryption.

Maybe. It’s something the courts will have to decide. There are many 1st, 2nd, 3rd, 4th, and 5th Amendment issues here.
The reason we have the Bill of Rights is because of the abuses of the British Government. For example, they quartered troops in our homes, as a way of punishing us, and as a way of forcing us to help in our own oppression. The troops weren’t there to defend us against the French, but to defend us against ourselves, to shoot us if we got out of line.

And that’s what crypto backdoors do. We are forced to be agents of our own oppression. The principles enumerated by Rosenstein apply to a wide range of even additional surveillance. With little change to his speech, it can equally argue why the constant TV video surveillance from 1984 should be made law.

Let’s go back and look at Apple. It is not some base company exploiting consumers for profit. Apple doesn’t have guns, they cannot make people buy their product. If Apple doesn’t provide customers what they want, then customers vote with their feet, and go buy an Android phone. Apple isn’t providing encryption/security in order to make a profit — it’s giving customers what they want in order to stay in business.
Conversely, if we citizens don’t like what the government does, tough luck, they’ve got the guns to enforce their edicts. We can’t easily vote with our feet and walk to another country. A “democracy” is far less democratic than capitalism. Apple is a minority, selling phones to 45% of the population, and that’s fine, the minority get the phones they want. In a Democracy, where citizens vote on the issue, those 45% are screwed, as the 55% impose their will unwanted onto the remainder.

That’s why we have the Bill of Rights, to protect the 49% against abuse by the 51%. Regardless whether the Supreme Court agrees the current Constitution, it is the sort right that might exist regardless of what the Constitution says. 

Obliged to speak the truth

Here is the another part of his speech that I feel cannot be ignored. We have to discuss this:

Those of us who swear to protect the rule of law have a different motivation.  We are obliged to speak the truth.

The truth is that “going dark” threatens to disable law enforcement and enable criminals and terrorists to operate with impunity.

This is not true. Sure, he’s obliged to say the absolute truth, in court. He’s also obliged to be truthful in general about facts in his personal life, such as not lying on his tax return (the sort of thing that can get lawyers disbarred).

But he’s not obliged to tell his spouse his honest opinion whether that new outfit makes them look fat. Likewise, Rosenstein knows his opinion on public policy doesn’t fall into this category. He can say with impunity that either global warming doesn’t exist, or that it’ll cause a biblical deluge within 5 years. Both are factually untrue, but it’s not going to get him fired.

And this particular claim is also exaggerated bunk. While everyone agrees encryption makes law enforcement’s job harder than with backdoors, nobody honestly believes it can “disable” law enforcement. While everyone agrees that encryption helps terrorists, nobody believes it can enable them to act with “impunity”.

I feel bad here. It’s a terrible thing to question your opponent’s character this way. But Rosenstein made this unavoidable when he clearly, with no ambiguity, put his integrity as Deputy Attorney General on the line behind the statement that “going dark threatens to disable law enforcement and enable criminals and terrorists to operate with impunity”. I feel it’s a bald face lie, but you don’t need to take my word for it. Read his own words yourself and judge his integrity.

Conclusion

Rosenstein’s speech includes repeated references to ideas like “oath”, “honor”, and “duty”. It reminds me of Col. Jessup’s speech in the movie “A Few Good Men”.

If you’ll recall, it was rousing speech, “you want me on that wall” and “you use words like honor as a punchline”. Of course, since he was violating his oath and sending two privates to death row in order to avoid being held accountable, it was Jessup himself who was crapping on the concepts of “honor”, “oath”, and “duty”.

And so is Rosenstein. He imagines himself on that wall, doing albeit terrible things, justified by his duty to protect citizens. He imagines that it’s he who is honorable, while the rest of us not, even has he utters bald faced lies to further his own power and authority.

We activists oppose crypto backdoors not because we lack honor, or because we are criminals, or because we support terrorists and child molesters. It’s because we value privacy and government officials who get corrupted by power. It’s not that we fear Trump becoming a dictator, it’s that we fear bureaucrats at Rosenstein’s level becoming drunk on authority — which Rosenstein demonstrably has. His speech is a long train of corrupt ideas pursuing the same object of despotism — a despotism we oppose.

In other words, we oppose crypto backdoors because it’s not a tool of law enforcement, but a tool of despotism.

A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed

Post Syndicated from Darknet original https://www.darknet.org.uk/2017/10/a2sv-auto-scanning-ssl-vulnerability-tool-poodle-heartbleed/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed

A2SV is a Python-based SSL Vulnerability focused tool that allows for auto-scanning and detection of the common and well-known SSL Vulnerabilities.

SSL Vulnerabilities Detected by A2SV

  • [CVE-2007-1858] Anonymous Cipher
  • [CVE-2012-4929] CRIME(SPDY)
  • [CVE-2014-0160] CCS Injection
  • [CVE-2014-0224] HeartBleed
  • [CVE-2014-3566] SSLv3 POODLE
  • [CVE-2015-0204] FREAK Attack
  • [CVE-2015-4000] LOGJAM Attack
  • [CVE-2016-0800] SSLv2 DROWN

Planned for future:

  • [PLAN] SSL ACCF
  • [PLAN] SSL Information Analysis

Installation & Requirements for A2SV

A.

Read the rest of A2SV – Auto Scanning SSL Vulnerability Tool For Poodle & Heartbleed now! Only available at Darknet.

PureVPN Logs Helped FBI Net Alleged Cyberstalker

Post Syndicated from Andy original https://torrentfreak.com/purevpn-logs-helped-fbi-net-alleged-cyberstalker-171009/

Last Thursday, Ryan S. Lin, 24, of Newton, Massachusetts, was arrested on suspicion of conducting “an extensive cyberstalking campaign” against his former roommate, a 24-year-old Massachusetts woman, as well as her family members and friends.

According to the Department of Justice, Lin’s “multi-faceted campaign of computer hacking and cyberstalking” began in April 2016 when he began hacking into the victim’s online accounts, obtaining personal photographs, sensitive information about her medical and sexual histories, and other private details.

It’s alleged that after obtaining the above material, Lin distributed it to hundreds of others. It’s claimed he created fake online profiles showing the victim’s home address while soliciting sexual activity. This caused men to show up at her home.

“Mr. Lin allegedly carried out a relentless cyber stalking campaign against a young woman in a chilling effort to violate her privacy and threaten those around her,” said Acting United States Attorney William D. Weinreb.

“While using anonymizing services and other online tools to avoid attribution, Mr. Lin harassed the victim, her family, friends, co-workers and roommates, and then targeted local schools and institutions in her community. Mr. Lin will now face the consequences of his crimes.”

While Lin awaits his ultimate fate (he appeared in U.S. District Court in Boston Friday), the allegation he used anonymization tools to hide himself online but still managed to get caught raises a number of questions. An affidavit submitted by Special Agent Jeffrey Williams in support of the criminal complaint against Lin provides most of the answers.

Describing Lin’s actions against the victim as “doxing”, Williams begins by noting that while Lin was the initial aggressor, the fact he made the information so widely available raises the possibility that other people got involved with malicious acts later on. Nevertheless, Lin remains the investigation’s prime suspect.

According to the affidavit, Lin is computer savvy having majored in computer science. He allegedly utilized a number of methods to hide his identity and IP address, including TOR, Virtual Private Network (VPN) services and email providers that “do not maintain logs or other records.”

But if that genuinely is the case, how was Lin caught?

First up, it’s worth noting that plenty of Lin’s aggressive and stalking behaviors towards the victim were demonstrated in a physical sense, offline. In that respect, it appears the authorities already had him as the prime suspect and worked back from there.

In one instance, the FBI examined a computer that had been used by Lin at a former workplace. Although Windows had been reinstalled, the FBI managed to find Google Chrome data which indicated Lin had viewed articles about bomb threats he allegedly made. They were also able to determine he’d accessed the victim’s Gmail account and additional data suggested that he’d used a VPN service.

“Artifacts indicated that PureVPN, a VPN service that was used repeatedly in the cyberstalking scheme, was installed on the computer,” the affidavit reads.

From here the Special Agent’s report reveals that the FBI received cooperation from Hong Kong-based PureVPN.

“Significantly, PureVPN was able to determine that their service was accessed by the same customer from two originating IP addresses: the RCN IP address from the home Lin was living in at the time, and the software company where Lin was employed at the time,” the agent’s affidavit reads.

Needless to say, while this information will prove useful to the FBI’s prosecution of Lin, it’s also likely to turn into a huge headache for the VPN provider. The company claims zero-logging, which clearly isn’t the case.

“PureVPN operates a self-managed VPN network that currently stands at 750+ Servers in 141 Countries. But is this enough to ensure complete security?” the company’s marketing statement reads.

“That’s why PureVPN has launched advanced features to add proactive, preventive and complete security. There are no third-parties involved and NO logs of your activities.”

PureVPN privacy graphic

However, if one drills down into the PureVPN privacy policy proper, one sees the following:

Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a ‘connection’ and the total bandwidth used during this connection is called ‘bandwidth’. Connection and bandwidth are kept in record to maintain the quality of our service. This helps us understand the flow of traffic to specific servers so we could optimize them better.

This seems to match what the FBI says – almost. While it says it doesn’t log, PureVPN admits to keeping records of when a user connects to the service and for how long. The FBI clearly states that the service also captures the user’s IP address too. In fact, it appears that PureVPN also logged the IP address belonging to another VPN service (WANSecurity) that was allegedly used by Lin to connect to PureVPN.

That record also helped to complete another circle of evidence. IP addresses used by
Kansas-based WANSecurity and Secure Internet LLC (servers operated by PureVPN) were allegedly used to access Gmail accounts known to be under Lin’s control.

Somewhat ironically, this summer Lin took to Twitter to criticize VPN provider IPVanish (which is not involved in the case) over its no-logging claims.

“There is no such thing as a VPN that doesn’t keep logs,” Lin said. “If they can limit your connections or track bandwidth usage, they keep logs.”

Or, in the case of PureVPN, if they log a connection time and a source IP address, that could be enough to raise the suspicions of the FBI and boost what already appears to be a pretty strong case.

If convicted, Lin faces up to five years in prison and three years of supervised release.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Now Available – Microsoft SQL Server 2017 for Amazon EC2

Post Syndicated from Jeff Barr original https://aws.amazon.com/blogs/aws/now-available-microsoft-sql-server-2017-for-amazon-ec2/

Microsoft SQL Server 2017 (launched just a few days ago) includes lots of powerful new features including support for graph databases, automatic database tuning, and the ability to create clusterless Always On Availability Groups. It can also be run on Linux and in Docker containers.

Run on EC2
I’m happy to announce that you can now launch EC2 instances that run Windows Server 2016 and four editions (Web, Express, Standard, and Enterprise) of SQL Server 2017. The AMIs (Amazon Machine Images) are available today in all AWS Regions and run on a wide variety of EC2 instance types, including the new x1e.32xlarge with 128 vCPUs and almost 4 TB of memory.

You can launch these instances from the AWS Management Console or through AWS Marketplace. Here’s what they look like in the console:

And in AWS Marketplace:

Licensing Options Galore
You have lots of licensing options for SQL Server:

Pay As You Go – This option works well if you would prefer to avoid buying licenses, are already running an older version of SQL Server, and want to upgrade. You don’t have to deal with true-ups, software compliance audits, or Software Assurance and you don’t need to make a long-term purchase. If you are running the Standard Edition of SQL Server, you also benefit from our recent price reduction, with savings of up to 52%.

License Mobility – This option lets your use your active Software Assurance agreement to bring your existing licenses to EC2, and allows you to run SQL Server on Windows or Linux instances.

Bring Your Own Licenses – This option lets you take advantage of your existing license investment while minimizing upgrade costs. You can run SQL Server on EC2 Dedicated Instances or EC2 Dedicated Hosts, with the potential to reduce operating costs by licensing SQL Server on a per-core basis. This option allows you to run SQL Server 2017 on EC2 Linux instances (SUSE, RHEL, and Ubuntu are supported) and also supports Docker-based environments running on EC2 Windows and Linux instances. To learn more about these options, read the Installation Guidance for SQL Server on Linux and Run SQL Server 2017 Container Image with Docker.

Learn More
To learn more about SQL Server 2017 and to explore your licensing options in depth, take a look at the SQL Server on AWS page.

If you need advice and guidance as you plan your migration effort, check out the AWS Partners who have qualified for the Microsoft Workloads competency and focus on database solutions.

Amazon RDS support for SQL Server 2017 is planned for November. This will give you a fully managed option.

Plan to join the AWS team at the PASS Summit (November 1-3 in Seattle) and at AWS re:Invent (November 27th to December 1st in Las Vegas).

Jeff;

PS – Special thanks to my colleague Tom Staab (Partner Solutions Architect) for his help with this post!

Кой бяга от здравната ни система?

Post Syndicated from Боян Юруков original https://yurukov.net/blog/2017/koi-bqga-ot-zdravnata-ni-sistema/

Едно от най-честите обяснения, които се дават за състоянието на здравната ни система, е липсата на хора – лекари, акушерки и медицински сестри. Наистина, почти всички сфери изискващи специалисти в страната страдат от този проблем. Най-осезаемо това се вижда в сферата на информационните технологии и машиностроенето. Доколкото е вярно обаче това за здравеопазването?

Преди няколко години споделих в социалките една графика, която направих набързо от данните на НСИ. Сравняваше колко лекари работят в България като абсолютен брой и спрямо глава от населението. Също така, колко учат в сферата на здравеопазването и колко завършват. Днес реших да обновя тези графики с последните данни и да ги разширя. Макар да дават само сухи числа за един единствен аспект от системата, от тях може да научим доста. Здравеопазването определено има сериозни проблеми, които са не само многопласови, но и трудно може да се дестилират в няколко графики. С такива обаче може да се опитаме да оборим няколко мита.

Както винаги, започвам с условностите. Тези данни събират всички практикуващи лекари – лични, тесни специалисти, хирурзи, анестезиолозите и прочие. В категорията медицински специалисти се включват мед. сестри, акушерки, лаборанти, фледшери и други. Не може да анализираме това колко от тях работят на повече от едно място, колко операции и процедури правят, колко специализират, колко отпадат, колко получават точно от всичко това и колко са натоварени, просто защото такива данни няма. Навярно се пазят в болниците, но надали някой има илюзия, че ще ги споделят. Затова може да говорим само за общ брой. НСИ има разбивка по области, но тук не ги разглеждам. Учащите в сферата на здравеопазването са „наедно“ като разглеждам само бакалаврите и магистрите. Във всички графики долу взимам показателите през 2001-ва за основа и сравнявам.

Нека да започнем с броя работещи лекари и медицински специалисти в страната. От данните на НСИ се вижда, че за последите 15 години те всъщност се увеличават като абсолютен брой. Особено при лекарите тенденцията е почти изцяло нагоре. При медицинските специалисти има намаление в последните 3 години, но все още сме над нивото от 2001-ва. Интересно е, че когато първо пуснах тази графика тогава се говореше как масово напускат, а всъщност имаше няколкогодишно увеличение с по 1-2% на година. Лекарите през 2016-та в страната, например, са били с над 8% повече от 2001-ва. Най-големият скок е бил в последните 7 години.

Ако разгледаме спрямо населението, тенденцията става още по-стръмна нагоре. Няма спор, че заради отрицателния приръст и емиграцията (макар намаляваща) населението намалява и това е проблем. Това обаче означава, че на един лекар и медицинска сестра се падат по-малко хора. Също е вярно, че заради застаряващото население са нужни всъщност повече ресурси за здравни грижи, но както виждаме, тенденцията при последните далеч не е универсално надолу. Последният проблем всъщност до голяма степен ще „отмине“ след 20-25 години, заедно с поколението на т.н. baby-boomer-и – бумът в раждането и по-важно оцеляването на бебетата преди 60-тина години. Така виждаме, че на всеки 1000 пациента има с поне 12% повече медицински сестри и над 20% повече лекари, отколкото 15 години по-рано.

Гледайки напред във времето виждаме и постоянен скок в броя учащи и завършващи лекари и медицински специалисти. Разбира се, може да се поспори за качеството и съм сигурен, че доста лекари биха имали да кажат по нещо за това. Когато говорим за масови здравни грижи обаче, 90% от състоянията имат нужда от някакъв личен лекар с що-годе сносни знания. Също така, международната слава на медицинските ни университети въобще не е лоша. Всичко това дори с напускането на някои лекари и чуждестранните студенти, които въобще не са малко, виждаме, че на година завършват и остават в страната повече специалисти по здравни грижи, отколкото са нужни за обновяване на системата. При това този процес се засилва.

При лекарите е видно, че неизменно има увеличение. Няма спор, че в определени професии има проблем. Такива са анестезиолозите, недостиг на които има в цял свят. Заедно с антибиотичната резистентност липсата им се сочи като основен риск за операциите в бъдещето. Кадри в други критични сфери се губят дори в богати държави като Германия и Великобритания. Като по-голям проблем у нас се сочи липсата на медицински сестри и акушерки. Затова ето разбивка как кадрите заети в болници и клиники са се движили в последните 15 години.

Несъмнено има намаление при акушерките, но броят им се стабилизирал в последните 6 години. При медицинските сестри и фелдшерите дори е имало увеличение, което рязко тръгва надолу в последните години. В това може би ще прозрем провали в определени политики в здравната сфера на последните кабинети. Погледнато спрямо населението обаче виждаме друга картинка. Отново – отрицателният приръст е огромен проблем, но погледнат спрямо брой пациенти на мед. сестри и акушерки, всъщност тенденцията е към подобрение независимо от негативите.

Затова нека спрем с извинението, че няма лекари и медицински специалисти. Кадри поне в тази сфера има. Ако има проблем в разпределението им, то това е заради грешни стимули и сбъркана политика. Ако има проблем в качеството, то това е заради специализациите, които абсолютно всеки е съгласен, че са сбъркани като принцип. Финансирането, пътеките, болниците източващи касата и биващи източвани, ненужните процедури, връзките с фармацевтичните компании, наработещата спешна помощ, шарлатаните с алтернативни лечения и неефективната превенция и диагностика са сред огромните проблеми. Еднозначно решения няма и никой не е намерил.

Подобни проблеми има в цял свят, но успяват да държат пълна малко по-малко продънената си кофа с несъизмеримо по-голям поток от пари. У нас нямаме такава възможност. Поне не докато не се вдигне производителността и приходите от вноски. Междувременно трябва да спрем да броим лекарите, а да говорим по-сериозно какво се налага да правят в рамките на стандартния ден, как да спрем злоупотребите, грубото отношение от двете страни, как да запазим здравето и живота и на двете страни и как да подобрим доверието и най-вече очакванията у хората какво медицината може и какво не. Липсите в тези сфери карат все повече не само да харчат неимоверни суми за шамани и „алтернативи“, но и откровено застрашават живота на децата си.

Тук не давам решение и не изброявам всички проблеми, а показвам къде не е проблемът или поне къде най-малко е. Така отговорът на заглавието горе е, че не лекарите и медицинските сестри бягат. Не бягат и толкова пациентите, защото медицинският туризъм се засилва, а все повече болници отварят врати. Бяга се единствено от отговорност. Липсата на доверие в тази и други системи гони и немалка част от българите, които решават, че някъде може би е по-добре. Дали са прави или не е по-трудно да се каже, отколкото си мислят повечето, а и не е въпроса тук. Ефектът е видим.

Denuvo Crisis After Total Warhammer 2 Gets Pirated in Hours

Post Syndicated from Andy original https://torrentfreak.com/denuvo-crisis-after-total-warhammer-2-gets-pirated-in-hours-170929/

Needing little introduction, the anti-piracy system sold by Denuvo Software Solutions of Austria is probably the most well-known product of its type of the planet.

For years, Denuvo was considered pretty much impenetrable, with its presence a virtual stamp of assurance that a game being protected by it would not fall victim to piracy, potentially for years. In recent times, however, things have begun to crumble.

Strangely, it started in early 2016 with bad news. Chinese cracking group 3DM declared that Denuvo was probably uncrackable and no protected games would appear online during the next two years.

By June, however, hope appeared on the horizon, with hints that progress was being made. By August 2016, all doubts were removed when a group called CONSPIR4CY (a reported collaboration between CPY and CODEX) released Rise of the Tomb Raider.

After that, Denuvo-protected titles began dropping like flies, with some getting cracked weeks after their launch. Then things got serious.

Early this year, Resident Evil 7 fell in less than a week. In the summer, RiME fell in a few days, four days exactly for Tekken 7.

Now, however, Denuvo has suffered its biggest failure yet, with strategy game Total War: Warhammer 2 falling to pirates in less than a day, arguably just a few hours. It was cracked by STEAMPUNKS, a group that’s been dumping cracked games on the Internet at quite a rate for the past few months.

TOTAL.WAR.WARHAMMER.2-STEAMPUNKS

“Take this advice, DO NOT CODE a new installer when you have very hot Babes dancing in their bikini just in front of you. Never again,” the group said in a statement. “This time we locked ourselves inside and produced a new installer.”

The fall of this game in such a short space of time will be of major concern to Denuvo Software Solutions. After Resident Evil 7 was cracked in days earlier this year, Denuvo Marketing Director Thomas Goebl told Eurogamer that some protection was better than nothing.

“Given the fact that every unprotected title is cracked on the day of release — as well as every update of games — our solution made a difference for this title,” he said.

With yesterday’s 0-day crack of Total War: Warhammer 2, it can be argued that Denuvo made absolutely no difference whatsoever to the availability of the title. It didn’t even protect the initial launch window.

Goebl’s additional comment in the summer was that “so far only one piracy group has been able to bypass [Denuvo].” Now, just a handful of months later, there are several groups with the ability. That’s not a good look for the company.

Back in 2016, Denuvo co-founder Robert Hernandez told Kotaku that the company does not give refunds. It would be interesting to know if anything has changed there too.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Football Coach Retweets, Gets Sued for Copyright Infringement

Post Syndicated from Andy original https://torrentfreak.com/football-coach-retweets-gets-sued-for-copyright-infringement-170928/

When copyright infringement lawsuits hit the US courts, there’s often a serious case at hand. Whether that’s the sharing of a leaked movie online or indeed the mass infringement that allegedly took place on Megaupload, there’s usually something quite meaty to discuss.

A lawsuit filed this week in a Pennsylvania federal court certainly provides the later, but without managing to be much more than a fairly trivial matter in the first instance.

The case was filed by sports psychologist and author Dr. Keith Bell. It begins by describing Bell as an “internationally recognized performance consultant” who has worked with 500 teams, including the Olympic and national teams for the United States, Canada, Australia, New Zealand, Hong Kong, Fiji, and the Cayman Islands.

Bell is further described as a successful speaker, athlete and coach; “A four-time
collegiate All-American swimmer, a holder of numerous world and national masters swim records, and has coached several collegiate, high school, and private swim teams to competitive success.”

At the heart of the lawsuit is a book that Bell published in 1982, entitled Winning Isn’t Normal.

“The book has enjoyed substantial acclaim, distribution and publicity. Dr. Bell is the sole author of this work, and continues to own all rights in the work,” the lawsuit (pdf) reads.

Bell claims that on or about November 6, 2015, King’s College head football coach Jeffery Knarr retweeted a tweet that was initially posted from @NSUBaseball32, a Twitter account operated by Northeastern State University’s RiverHawks baseball team. The retweet, as shown in the lawsuit, can be seen below.

The retweet that sparked the lawsuit

“The post was made without authorization from Dr. Bell and without attribution
to Dr. Bell,” the lawsuit reads.

“Neither Defendant King’s College nor Defendant Jeffery Knarr contacted Dr.
Bell to request permission to use Dr. Bell’s copyrighted work. As of November 14, 2015, the post had received 206 ‘Retweets’ and 189 ‘Likes.’ Due to the globally accessible nature of Twitter, the post was accessible by Internet users across the world.”

Bell says he sent a cease and desist letter to NSU in September 2016 and shortly thereafter NSU removed the post, which removed the retweets. However, this meant that Knarr’s retweet had been online for “at least” 10 months and 21 days.

To put the icing on the cake, Bell also holds the trademark to the phrase “Winning Isn’t Normal”, so he’s suing Knarr and his King’s College employer for trademark infringement too.

“The Defendants included Plaintiff’s trademark twice in the Twitter post. The first instance was as the title of the post, with the mark shown in letters which
were emphasized by being capitalized, bold, and underlined,” the lawsuit notes.

“The second instance was at the end of the post, with the mark shown in letters which were emphasized by being capitalized, bold, underlined, and followed by three
exclamation points.”

Describing what appears to be a casual retweet as “willful, intentional and purposeful” infringement carried out “in disregard of and with indifference to Plaintiff’s rights,” Bell demands damages and attorneys fees from Knarr and his employer.

“As a direct and proximate result of said infringement by Defendants, Plaintiff is
entitled to damages in an amount to be proven at trial,” the lawsuit concludes.

Since the page from the book retweeted by Knarr is a small portion of the overall work, there may be a fair use defense. Nevertheless, defending this kind of suit is never cheap, so it’s probably fair to say there will already be a considerable amount of regret among the defendants at ever having set eyes on Bell’s 35-year-old book.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Какво искат каталунците? (Част 2)

Post Syndicated from Йовко Ламбрев original https://yovko.net/what-catalans-want-2/

След 1939 г. Испания потъва в мрачния период на диктатурата на Франко. Каталуния отново е наказана да не говори своя език под смъртна заплаха. Докато живях в Барселона, лично се запознах със съвсем млади каталунци, загубили дядо или баба заради това. Рани, твърде скорошни, за да бъдат забравени или простени. Още по-малко, че прошка не е поискана.

Първите години след войната са кошмарно тежки за цяла Испания. Едва в края на 50-те и началото на 60-те започва икономическо и културно възстановяване на Каталуния. Езикът все още е забранен в медиите, но бива позволен в театрите, иначе въпреки забраната книгопечатането на литература на каталунски, макар и силно затруднено, не е прекъсвало. Както вероятно вече сте разбрали от първата част каталунците са смели и много упорити хора.

Каталунският език

Един от митовете за каталунския език е, че той е диалект на кастилския (испанския), което обаче изобщо не е вярно. Езикът има само някои прилики с кастилския, както има с френския и италианския, което е нормално, доколкото са в една езикова група и с близка география. Думите, значението и произношението са в огромна степен различни. Глаголите са различни и с различни корени, макар да има сходни. Има и капани – такива глаголи, които се изписват еднакво, но в различните езици имат напълно друго значение (напр. acostar на кастилски е лягам, докато на каталунски е да донеса нещо по-близо). Ако искам да кажа простичкото как се казвам – на кастилски ще е Me llamo Yovko или Mi nombre es Yovko, а на каталунски Em dic Yovko (произнася се ам дик Йовко) или ако спазим горния конструкт El meu nom és Yovko (обърнете внимание на членуването). Кастилският е еволюирал и се е опростил значително в доста отношения заради по-масовата му употреба, докато каталунският е останал по-близо до древността и корените, носи по-сложна граматика.

Живо доказателство, че каталунският е различен език, е, че говорещите кастилски не могат да говорят каталунски. Разбират по смисъл думите, които са сходни, но дотам. По същия начин испанците и италианците се разбират в прилична степен дори и всеки да говори на своя език – това не означава, че единият език е диалект на другия, нали?

В моят курс по каталунски със съпругата ми бяхме единствените, на които кастилският не им е майчин език или поне не основен. Нещо повече – нашият кастилски беше ужасно базов. И макар да учехме нов език (каталунски), чрез друг език, който не владеем добре (кастилския), ние завършихме сред отличниците, докато на доста курсисти с роден кастилски им беше трудно да достигнат дори средни резултати. Иначе казано познанията по кастилски не носеха никакво предимство.

Сега тук по-веселото е, че самият каталунски има поне три диалекта, без да броим валенсианския, който си е всъщност каталунски с някои дребни разлики. Но пък тук ще вземем да вбесим валенсианците, затова млъквам!

Така или иначе темата за езика е чувствителна за каталунците – те си го обичат много, изстрадали са възможността да го говорят и имат всички основания да го пазят като репер на своята културна идентичност. Това е тяхно право, достойно за уважение от всички ни!

Управлението на автономията

По време на своето управление Франко всъщност не възстановява монархията, едва малко преди да умре кротко в леглото си през 1975 г. е посочил наследника си – поредният Бурбон, внук на последния крал и дочакал да седне на престола на Кралство Испания под крилото на Франко – Хуан-Карлос.

Каталунци-конституционалисти оказват сериозна юридическа помощ при съставянето на днешната Испанска конституция от 1978 г., с която Каталуния възстановява своята политическа и културна автономия. Година по-късно, през 1979 г., е приет и Статутът на автономията (основният закон на областта).

Според този основен закон Каталуния е автономна област със самостоятелно политическо и юридическо самоуправление. Парламентът се избира през 4 години и излъчва президент (който е и министър-председател) и правителство.

Каталуния има собствена военизирана полиция (жандармерия) – Mossos d’Esquadra, която е под командването на каталунското правителство и не е подчинена на националните Guardia Civil (жандармерия) и Policía Nacional (полиция). Единствено ако бъде суспендирана автономията, Испания може да подчини Mossos-ите на националните сили за сигурност (чл.155 от Конституцията). Затова, когато ви разиграват сценки от селски вечеринки, че някакъв си прокурор, бил той и главен или гневен, се бил разпоредил каталунската полиция да се подчини на Guardia Civil, им кажете, както направиха каталунците – да си гледат работата – защото това не може да се случи с прокурорско разпореждане. Испанските закони бива да важат и за Испания, нали?

Националните сили за сигурност в Каталуния имат правомощия само да охраняват пристанища, летища, крайбрежие, национални граници, митници и да се грижат за имиграционния контрол и антитерористични операции.

Народната партия и Мариано Рахой

През 2006 г. е одобрен новият Статут на Каталуния чрез референдум, както е по правилата. Гласуван е също и с мнозинство от каталунския и от испанския парламент. Промените обаче са обжалвани пред Конституционния съд от кръгове около дясно-консервативната Народна партия (Partido Popular), която от 2004 г. се ръководи от Мариано Рахой, а от 2011 г. досега управлява Испания. През 2015 г. те всъщност загубиха изборите, но понеже не се сформира правителство, останаха на власт до следващите предсрочни избори през 2016 г., след които управляват в правителство на малцинството, тъй като социалистите от PSOE тихо съдействаха, отказвайки се да участват в гласуването, което позволи Pахой да прокара кабинета си през парламента с обикновено мнозинство. Реално подкрепата на изборите за Народната партия бе едва 33% (от 70% гласували) – иначе казано се ползва с доверието на едва 23% от имащите право на глас в Испания.

Partido Popular е консервативна християндемократическа партия, член на ЕНП (Европейската народна партия). Под ръководството на Рахой партията все повече залита към патриотични и националистически тези, а политическата му стратегия е основана на две базови теми – едната да противостои на административната и политическа еволюция на Каталуния (вкл. оспорвайки дефакто одобрения ѝ статут), а другата – да противостои на политическите договорки с баските. Чудно, нали?

Partido Popular и Рахой не са в състояние да генерират никакво модерно и ново политическо послание. Единственото им спасение е да концентрират влияние чрез десен популизъм и радикализиране на патриотични тези, защото на тази плоскост могат да пързалят гласоподавателите си, които са предимно сред по-възрастните, консервативните, религиозните и по-заможните испанци. В същия момент профилът на техните гласоподаватели е най-слаб откъм образование.

Partido Popular е затънала в корупционни скандали – точно утихне един и се случва следващ – черни партийни каси и странни парични потоци във всякакви посоки, очевидно за търговия с влияние, все излизат на яве, изгаря по някой бушон, но Мариано Рахой се крепи над водата. Интересен факт е, че цели петима последователни ковчежници на партията му са съдени, разследвани, обвинени или отстранени. И Европа, и ЕНП си мълчат и стискат широко затворени очи, щото нали, в името на стабилността, че иначе ако дойде Подемос на власт…

Всъщност, испанската политика в последните години се изразява горе-долу в това Partido Popular и PSOE да си подават топката. Това ще ви обясни защо испанците са склонни да търсят изход в Подемос и други нови партии, опитвайки се да избягат от пинг-понга между двете основни големи партии, потънали в корупционни скандали и безгранични сфери на задкулисно влияние.

Най-близкото приближение на Partido Popular у нас е ГЕРБ (те са и членове на ЕНП неслучайно), а на PSOE е БСП. И сега си представете ту да ви управлява ГЕРБ, ту БСП… познато ли ви е усещането? А присви ли ви душичката. Ами така и трябва! И испанците ги присвива от доста време насам!

Но да се върнем в Каталуния…

Възпалението на раната

През 2010 г. Конституционният съд, сезиран от хора на Partido Popular, отмени част от текстовете в Статута. Важно е да уточним, че в състава на този съд преобладават членове, които дължат постовете си на Partido Popular. В момента през 2017 г. това е още по-вярно. Конституционният съд на Испания, включително самият му Председател, е тежко зависим от партията на премиера Мариано Рахой! И да не си помислите сега, че искам да внушавам нещо – съвсем си е законно всичко. Това са едни почтени и достолепни хорица, в които нямаме никакво право да се усъмним. Поглеждате към нашия Конституционен съд или ВСС и… чувствате хармонията, нали? Хайде, опитайте се да прокарате нещо смислено през тях, да ви видя…

Та нищо че каталунските и испанските парламенти одобряват промените в Статута с нужното мнозинство, нищо че цяла Каталуния се е произнесла и е одобрила промените чрез законен Референдум. Излизат една шепа съдии и отменят 14 члена като противоконституционни и дават ограничителни тълкувания на други 27. Текстовете им са свързани предимно с автономната правосъдна система на Каталуния, някои важни детайли в преразпределянето на финансирането, статутът на каталунския език и определянето на Каталуния като нация.

След всичко това през 2010 г. каталунците истински се ядосаха! По улиците на Барселона излязоха между милион и милион и половина души. Сформира се гражданска организация, която се нарече ANC – Assemblea Nacional Catalana (Национално събрание на Каталуния), която си постави за цел да постигне независимост. А всяка година на 11 септември – националният празник на Каталуния – оттогава насам се организират масови демонстрации за независимост.

Още масло в огъня

Уточнихме вече, че драмата с каталунския език е чувствителна тема, след всички забранявания и преследвания и загинали заради езика си до съвсем скоро. Испанската конституция обаче се грижи за задължителността единствено на кастилския език (това, което сме свикнали да наричаме испански), а каталунците вписаха като задължителен и каталунския в границите на автономията си, но точно този текст бе сред отменените.

Не стига това, ами през 2012 г. министърът на образованието на Испания се изцепи, че неговата цел е “да се испанизират (“españolizar”) каталунските ученици” и вкара законопроект, който не само противоречи на каталунската юрисдикция, ами позволява каталунските деца да бъдат обучавани едноезично на испански, което от една страна е тъпо, когато детето ти може да излезе с два езика от училище, да го насилваш да излезе с един, а от друга – каталунците възприеха това като колониална политика, каквато тя недвусмислено беше.

Та испанската държава и управляващите от Partido Popular вместо да ходят на пръсти по тънкия лед на регионалната си политика, скачат шумно с кални обувки отгоре му.

На 23 януари 2013 г. каталунският парламент прие Декларация за суверенитет и право на самоопределение на Каталуния, която, разбира се, беше първо суспендирана от Конституционния съд, а после отменена частта ѝ за суверенитета. След още купчина юридически пречки все пак Правителството на Каталуния организира необвързващ референдум за независимост на 9 ноември 2014 и 81% от участвалите се произнесоха в полза на независима Каталуния. Активността обаче беше ниска (37-42% според зависи кой и как брои, защото Референдумът беше необвързващ и беше дадена възможност на 16 и 17-годишни да гласуват, както и на неиспански граждани, което иначе не би било възможно). Заради организирането на това допитване тогавашният президент Artur Mas, вицепрезидентът Joana Ortega и образователният министър Irene Rigau бяха обвинени и осъдени на около две години да не заемат обществени постове, както и на глоби – най-голямата за Мас, възлизаща на 36 500 евро. Има и нови обвинения за 5.2 милиона евро заради разходване на публични средства за същото допитване. Преди това обаче Мас разпусна правителството си и свика извънредни парламентарни избори на 27 септември 2015, които бяха спечелени от коалиция от партии, които подкрепят независимостта.

Кралят

Междувременно покрай тези събития Хуан Карлос абдикира в полза на сина си, Фелипе VI – нещо, което испанската конституция също не допуска, но беше променена скоростно за по-малко от седмица, което само показа на каталунците колко невъзможна е тяхната кауза в текущия политически контекст в Мадрид.

След лавината от скандали в кралското семейство на Хуан Карлос, свързани с извънбрачна връзка на краля и негов незаконен син, харчовете на двореца, особено в кризата, ловджийските му гафове, скандалите с корупционни схеми на едната му дъщеря и прането на пари и укриването на данъци от зет му, имиджът на монархията в Испания напоследък хич не е висок. Прехвърлянето на топката към Фелипе VI изглеждаше като спасителен ход в контекста на зачестилите демонстрации, искащи референдум за република, и доколкото младият крал изглежда умерен и по-рационален, за разлика от баща си – женен е за простосмъртна съпруга (била е журналистка преди да се омъжи за него), говори свободно каталунски, освен испански. Дори се бяха появили надежди, че с перфектния си каталунски може да спечели сърцата на всички като поеме ролята на медиатор и спаси ситуацията в Каталуния, но до този момент не се забелязва такова негово желание и едва ли някой още мисли, че това е възможно, доколкото той вече избра обичайната позиция на кралска надменност към проблемите на простосмъртните.

Подготовката на процеса за независимост

Предсрочните избори от 2015 г. имаха допълнителна цел. Основните партии, подкрепящи независимостта, участваха с обща гражданска (непартийна) листа, към която впоследствие се присъедини и една по-малка партия. Така управляващата коалиция в Каталуния има мнозинство в локалния парламент, с което прокара няколко закона от ключово значение за евентуална бъдеща независима република – например за Каталунска данъчна администрация, за въпросния референдум и т.н.

Реално юристите от двете страни спорят каква част от това законодателство е ОК, но предвид сложността на юрисдикциите на автономните области в Испания отговорът не е еднозначен. Тук за Рахой работи простичката теза – абе, не може локалното законодателство да има превес над националното и тези закони са “незаконни” – но всъщност не е така, зависи от много неща. Каталуния не е област Стара Загора, а автономия със собствен основен закон и локално законодателство. То не може да противоречи на националното, но може да бъде много различно от него в много посоки. И не подценявайте юридическата култура и опит на каталунците, моля – обърнете се назад и вижте натрупванията им…

Всъщност популярна теза, която испанските медии и Народната партия на Рахой непрекъснато повтарят, е, че всичко, което се случва в Каталуния, е “незаконно”. Това е непрецизно и популистко обобщение. Доказателство е, че дори приятелски настроеният към Рахой и партията му Конституционен съд на Испания не твърди такова нещо. Няма твърдение, че референдумът е незаконен или противоконституционен, а е само суспендиран от Конституционния съд, докато той прегледа законосъобразността му и се произнесе.

Не четете само El País – това е все едно да се информирате само от “24 часа”.

Вярно, редно е да признаем, че и каталунците използват всички процедурни хватки в своя полза. Законите бяха гласувани в последния момент, за да оставят в цайтнот тромавия Конституционният съд. Но реално това не е нарушение. Войната на нерви се води с всички средства и от двете страни. Особено когато няма желание за диалог.

Данъците

Популярна теза е, че каталунците искат повече пари за себе си и това е проява на егоизъм от тяхна страна. От друга те са богат, индустриален район, който осигурява солидна част за националната икономика – 20% от БВП на Испания и 25% от износа, а е само един от седемнайсетте района. Богатите райони подкрепят бедните региони при преразпределение на данъците, но проблемът е в математиката и кой как пресмята.

Според каталунските икономисти фискалният дефицит на региона надвишава 8% от БВП, което според всички международни стандарти е твърде голяма стойност и спъва развитието на икономиката. Те спорят, че реално стойността е по-голяма, защото има разминаване между разпределения дял (на хартия) за Каталуния от националните финанси, които се връщат най-вече под формата на инфраструктура, и това, което реално Каталуния получава.

Испанската държава не е съгласна. И това е нещо, което се решава на масата на преговорите, с експертни оценки и експертни спорове. Народната партия и Мариано Рахой обаче с години отказват да дискутират каталунските теми – така това се превърна в ключов аргумент на индепендистите.

И не е случайно, че прогресивните испанци твърдят, че основният двигател на процеса на независимост на Каталуния е правителството в Мадрид.

Политически диалог ли?

И за среднограмотен човек е ясно, че ако беше проведен някакъв политически диалог, всичко можеше да се размине. Но двете страни си говорят през медиите и с декларации. Испания пропиля 7 пълни години, през които можеше да потуши напрежението. Пропиля ги генерално и пълноценно, отказвайки всяко предложение да диалог. Лично Рахой се грижеше да аргументира всеки отказ.

В пространно интервю в края на август президентът на Каталуния потвърди, че дори и в последния момент, ако испанската държава се реши на диалог, той ще откликне.

Уви, Мариано Рахой е от друга планета и думите “преговори” и “политически диалог” очевидно са му чужди. Всъщност това отговаря напълно на неговия сценарий – конфронтация и радикализация. Рискува да счупи миноритарното си управление, но това е единствената стратегия, която празната му откъм идеи глава може да роди.

На 15 септември 2017 г. отново Президентът на Каталуния, Вицепрезидентът, Председателката на Каталунския парламент и кметът на Барселона заедно изпратиха писмо до Рахой и краля с предложение за диалог.

Същият ден Рахой каза само, че неговото правителство ще направи всичко възможно да осуети референдума, неговият говорител пък, че в Мадрид не са получили писмото, но в последния момент можели да го тълкуват само като заплаха, а кралят… той, както обикновено, запази царствено мълчание.

Всичко това не е от вчера

Друга весела теза е, че каталунците едва ли не вчера им е хрумнала идеята за независимост. По повода ще остава само тази картинка – отляво е вестник Guardian от края на 1918 година, а отдясно статия в същия вестник отпреди няколко дни. Открийте разликите 🙂

guardian

Републиката

Нещо, което някак остава под килима, но е редно да отчетем, е фактът, че каталунците в мнозинството си са прорепубликански настроени. Това обяснява антипатията на краля и монархистите към тях, но всеки обсъждан дотук референдум не поставя под никакво съмнение, че евентуалната независима Каталуния ще бъде република.

В Испания също се чуват гласове за референдум за ново държавно устройство и това кара определени консервативни и влиятелни кръгове да потръпват при мисълта това да се случи.

Демократичността на испанската конституция

Каталунците често критикуват демократичността на испанската конституция по принцип, макар двама от бащите ѝ да са каталунци. Истината е, че имат основания. Четирима от седмината “бащи” на испанската конституция са били част от фашисткия апарат, включително един от тях е Министърът на пропагандата на Франко. Представете си дали е възможно съвременната германска конституция да е писана от Гьобелс?

Армията е оказала силно влияние в процеса на създаване на конституцията, за да опази своя интерес, и макар одобрена на референдум с 88%, съмненията, че зад този резултат стои пряката или косвена заплаха на бившите военни на Франко, са напълно основателни.

Обобщение

Всъщност, макар и тлеещ отдавна, проблемът не беше нерешим. Каталунците са сговорчиви и работливи хора, които в мнозинството си искат да бъдат оставени на мира да си вадят хляба, да правят музика, книги и изкуство и да се веселят на многобройните си фестивали. Те са адски толерантни и широкоскроени хора, с модерни възгледи за себе си, бъдещето и Европа.

Каквото и да четете в испанските медии, в мнозинството си каталунците нямат нищо против испанците. Това, което им тежи, не са съседите, а испанската държава. Те точно така наричат държавата си – испанската държава – за да акцентират на административния апарат, а не на нацията, и… за да намекнат, че не е тяхната държава…

А тя не е тяхна, защото в общия национален парламент те имат скромно присъствие, обусловено от тежестта на региона върху картата. Не биха могли да прокарат нищо през националния парламент без подкрепата на основните испански партии, които рядко изобщо обръщат внимание на регионите. Локалното им законодателство е под терора на Конституциония съд, който особено откакто Рахой и Partido Popular са на власт, действа по поръчка.

Испания отказва всякакъв диалог с каталунските представители, въпреки че те са легитимно избрани и овластени от хората. Прави го и защото се страхува, че ако изгуби Каталуния, ще последват баските, а после може би Галисия. Баските също от години чакат обещанията на Мадрид да се реализират и все повече губят търпение, но и за това няма да прочетете много в испанските, нашите или европейските медии…

Каталуния е разделена

Истината е, че въпреки всичко Каталуния е разделена. Важно е да правим разлика между това, че 70-80% от каталунците са с нагласа да гласуват на този Референдум, и това как точно ще гласуват.

Ако не се беше стигнало до тази ескалация в последните дни, реално по-малко от половината каталунци щяха да гласуват за отделяне в неделя и всичко щеше да утихне поне за някакъв период от време. Рахой обаче изпрати жандармерия и полиция в нечуван обем, арестува каталунски политици, претърси медии и печатници, конфискува бюлетини, урни и плакати, обвини предварително стотици кметове, че съдействат на организацията по референдума, заплаши да спре националната каталунска телевизия, блокира каталунски сайтове и заплаши да спре целият top level domain на Каталуния .cat, докато междувременно е насъскал прокуратурата да рови за някоя мръсна риза на текущия каталунски президент от времето, когато е бил кмет, чрез прокурорско разпореждане се опита да вземе контрола над каталунската жандармерия, което е незаконно и противоречи едновременно на испанската конституция и на каталунския статут.

Всичко това преди референдумът да се е случил и преди да е обявен за незаконен от Конституционния съд – иначе казано, дори да допуснем хипотезата, че референдумът е престъпление – то още не е се е случило, за да има виновни за него!

След всичко това никой вече не знае как ще гласуват каталунците, защото ескалацията и радикализацията и от двете страни е факт и играта на нерви вече не е безопасна.

Европа мълчи, защото основните европейски партии са обречени заради своите “приятелски” зависимости. Иска им се това да си остане вътрешна работа на Испания и нещата да се оправят някак от само себе си. Отдавна трябваше да бъде предложено посредничество в този спор, да бъде уговорен Рахой да отстъпи нещичко и да изглади нещата. Но ЕНП няма този кураж. А европейците за пореден път виждат една куха бюрокрация, която не работи, скатава се и прибира дъждобрана точно когато завали проливен дъжд (ако изобщо е имало дъждобран). Затова не се чудете, когато хората залитат насам и натам, търсейки изход – кой в популизма, кой в национализма, кой в крайнолеви и дори понякога утопични концепции.

Искат гласът им да се чува и да има значение!

Всъщност каталунците искат едно нещо – да гласуват и гласът им да има значение – и това не може и не бива да противоречи на никоя конституция! Още по-малко в Европа! Днес. Правото на глас и самоопределение е основно човешко право и е наднационално!

Събудете се, хора! Какви легенди са наблъскали в главите ви, ако ви е нужна причина или повод, за да признаете правото на някого да изрази позиция – особено пък когато това са няколко милиона души? Наистина ли сте затрили чувствителността си към свободата, това което сте – а сте свободни хора – когато не са ви нужни причини и правила, за да изразите волята си. Правилата са за да ви гарантират това право, а не за да ви го отнемат. Правилата идват после – първо е свободната воля!

Дали каталунците ще се отделят или не е второстепеннен въпрос. По-важният е да могат да решат това свободно! А ние, останалите, няма да сме европейци и не заслужаваме да се наричаме свободни хора, ако не защитим това им право – звучно и категорично!

Visca Catalunya!

Julia Reda MEP Likened to Nazi in Sweeping Anti-Pirate Rant

Post Syndicated from Andy original https://torrentfreak.com/julia-reda-mep-likened-to-nazi-in-sweeping-anti-pirate-rant-170926/

The debate over copyright and enforcement thereof is often polarized, with staunch supporters on one side, objectors firmly on the other, and never the twain shall meet.

As a result, there have been some heated battles over the years, with pro-copyright bodies accusing pirates of theft and pirates accusing pro-copyright bodies of monopolistic tendencies. While neither claim is particularly pleasant, they have become staples of this prolonged war of words and as such, many have become desensitized to their original impact.

This morning, however, musician and staunch pro-copyright activist David Lowery published an article which pours huge amounts of gas on the fire. The headline goes straight for the jugular, asking: Why is it Every Time We Turn Over a Pirate Rock White Nationalists, Nazi’s and Bigots Scurry Out?

Lowery’s opening gambit in his piece on The Trichordist is that one only has to scratch below the surface of the torrent and piracy world in order to find people aligned with the above-mentioned groups.

“Why is it every time we dig a little deeper into the pro-piracy and torrenting movement we find key figures associated with ‘white nationalists,’ Nazi memorabilia collectors, actual Nazis or other similar bigots? And why on earth do politicians, journalists and academics sing the praises of these people?” Lowery asks.

To prove his point, the Camper Van Beethoven musician digs up the fact that former Pirate Bay financier Carl Lündstrom had some fairly unsavory neo-fascist views. While this is not in doubt, Lowery is about 10 tens years too late if he wants to tar The Pirate Bay with the extremist brush.

“It’s called guilt by association,” Pirate Bay co-founder Peter Sunde explained in 2007.

“One of our previous ISPs [owned by Lündstrom] (with clients like The Red Cross, Save the Children foundation etc) gave us cheap bandwidth since one of the guys in TPB worked there; and one of the owners [has a reputation] for his political opinions. That does NOT make us in any way associated to what political views anyone else might or might not have.”

After dealing with TPB but failing to include the above explanation, Lowery moves on to a more recent target, Megaupload founder Kim Dotcom. Dotcom owns an extremely rare signed copy of Hitler’s autobiographical manifesto, Mein Kampf (My Struggle) and once wore a German World War II helmet. It’s a mistake Prince Harry made in 2005 too.

“I’ve bought memorabilia from Churchill, from Stalin, from Hitler,” Dotcom said in response to the historical allegations. “Let me make absolutely clear, OK. I’m not buying into the Nazi ideology. I’m totally against what the Nazis did.”

With Dotcom dealt with, Lowery then turns his attention to the German Pirate Party’s Julia Reda. As a Member of the European Parliament, Reda has made it her mission to deal with overreaching copyright law, which has made her a bit of a target. That being said, would anyone really try to shoehorn her into the “White Nationalists, Nazi’s and Bigots” bracket?

They would.

In his piece, Lowery highlights comments made by Reda last year, when she complained about the copyright situation developing around the diary written by Anne Frank, which detailed the horrors of living in occupied countries during World War II.

Anne Frank died in 1945 which means that the book was elevated into the public domain in the Netherlands on January 1, 2016, 70 years after her death. A copy was made available at Wikisource, a digital library of free texts maintained by the Wikimedia Foundation, which also operates Wikipedia.

However, in early February that same year, Anne Frank’s diary became unavailable, since U.S. copyright law dictates that works are protected for 95 years from date of publication.

“Today, in an unfortunate example of the overreach of the United States’ current copyright law, the Wikimedia Foundation removed the Dutch-language text of The Diary of a Young Girl,” said Jacob Rogers, Legal Counsel for the Wikimedia Foundation

“We took this action to comply with the United States’ Digital Millennium Copyright Act (DMCA), as we believe the diary is still under US copyright protection under the law as it is currently written,” he added.

Lowery ignores this background in its entirety. He actually ignores all of it in an effort to paint a picture of Reda engaging in some far-right agenda. Lowery even places emphasis on Reda’s nationality to force his point home.

“I don’t really know what to make of her except to say that this German politician really should find something other than the Anne Frank Diary and the Anne Frank Foundation to use as an example of a work that should be freely available in the public domain,” he writes.

“Think of all the copyrighted works out there for which she might reasonably argue a claim of public domain. She decided to pick the Anne Frank diary. Hmm.”

Lowery then accuses Reda of urging people on Twitter to pirate the book, in order to hurt the fight against anti-Semitism and somehow deprive Jewish people of an income.

“After all sales of the book are used by the Anne Frank Foundation to fight anti-semitism. It’s really quite a bad look for any MP, German or not. (Even if it is just the make-believe LARPing RPG EU Parliament),” Lowery writes.

“Or maybe that is the point? Defund the Anne Frank Foundation. Cause you know I read in the twittersphere that copyright producing media conglomerates are controlled by you-know-who.”

At this point, Lowery moves on to Fight For the Future, stating that their lack of racial diversity caused them to stumble into a racially charged copyright dispute involving the famous Martin Luther King speech.

The whole article can be read here but hopefully, most readers will recognize that America needs less division right now, not more hatred.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Amazon QuickSight Now Allows Users to Create Analyses from Dashboards and Import Custom Date Formats

Post Syndicated from Jose Kunnackal original https://aws.amazon.com/blogs/big-data/amazon-quicksight-now-allows-users-to-create-analyses-from-dashboards-and-import-custom-date-formats/

Today, we are excited to announce two new features in QuickSight that will allow increased flexibility in your interactions with visualizations and data.

Create analyses from dashboards

When we launched Amazon QuickSight in November 2016, it enabled users to quickly and easily create analyses and dashboards from their data. Analyses allows business users to slice and dice their data, whether from a direct query source or from SPICE. Dashboards allow these insights to be shared in a read-only manner across a large set of users, without the need to worry about managing authentication, scaling up servers or maintaining infrastructure.

Starting today, QuickSight will allow users to save the contents of a dashboard as an analysis within their account. As the user of a dashboard, this will allow you to create an analysis that contains all visuals from the dashboard. You may then modify the visuals, or add/delete visuals in order to customize the content to your preferences. If you are a new user of QuickSight, this also provides you the ability to start your self-service analytics journey in QuickSight with content that is highly relevant to you.

For data administrators who create and manage datasets and dashboards, this feature will reduce requests from individual users for customization/tweaks to the dashboards. When onboarding users to QuickSight for self-service analytics, this also allows administrators to provide sample dashboards that can form the basis of the user’s first analysis in QuickSight.

To be able to save dashboard content as analyses, users should have the permission to do so, together with access to the datasets that are used for the dashboard. Let’s take a look at how this works. Let’s consider Sarah, who has a business dashboard shared with her in QuickSight.

With the changes in this release, Tom, the dashboard author, has an option to allow Sarah to create analyses from this dashboard.

When enabled, this also shares the dataset with Sarah in read-only mode, so that she can explore the data further. This is done automatically when Tom enables Sarah’s ability to create analyses from the dashboard.

Once this permission is enabled, Sarah has the dataset available in her account, and also sees a new ‘Save as” option in her dashboard.

Clicking on this lets Sarah create a new analysis with all the visuals from the dashboard in her account and explore the data further!

With this release, we are also introducing the capability to view all the analyses and dashboards that access a dataset. A dataset owner can then revoke permissions to specific dashboards or analyses if needed.

Custom date formats

Today’s release also adds support for custom date formats. When importing data into QuickSight, a user can convert a non-standard datetime field into a date field by providing the format. Date formats in QuickSight are case sensitive and more details can be found in the documentation.

Learn more

To learn more about these capabilities and start using them in your dashboards, see the Amazon QuickSight User Guide.

Stay engaged

If you have questions or suggestions, you can post them on the Amazon QuickSight discussion forum.

Not an Amazon QuickSight user?

To get started for FREE, see quicksight.aws.