Tag Archives: conspiracy

‘Pirate’ Android App Store Operator Avoids Prison

Post Syndicated from Ernesto original https://torrentfreak.com/pirate-android-app-store-operator-avoids-prison-180413/

Assisted by police in France and the Netherlands, the FBI took down the “pirate” Android stores Appbucket, Applanet and SnappzMarket in the summer of 2012.

During the years that followed several people connected to the Android app sites were arrested and indicted, and slowly but surely these cases are reaching their conclusions.

This week the Northern District Court of Georgia announced the sentencing of one of the youngest defendants. Aaron Buckley was fifteen when he started working on Applanet, and still a teenager when armed agents raided his house.

Years passed and a lot has changed since then, Buckley’s attorney informed the court before sentencing. The former pirate, who pleaded guilty to Conspiracy to Commit Copyright Infringement and Criminal Copyright Infringement, is a completely different person today.

Similar to many people who have a run-in with the law, life wasn’t always easy on him. Computers offered a welcome escape but also dragged Buckley into trouble, something he deeply regrets now.

Following the indictment, things started to change. The Applanet operator picked up his life, away from the computer, and also got involved in community work. Among other things, he plays a leading role in a popular support community for LGBT teenagers.

Given the tough circumstances of his personal life, which we won’t elaborate on, his attorney requested a downward departure from the regular sentencing guidelines, to allow for lesser punishment.

After considering all the options, District Court Judge Timothy C. Batten agreed to a lower sentence. Unlike some other pirate app stores operators, who must spend years in prison, Buckley will not be incarcerated.

Instead, the Applanet operator, who is now in his mid-twenties, will be put on probation for three years, including a year of home confinement.

The sentence (pdf)

In addition, he has to perform 20 hours of community service and work towards passing a General Educational Development (GED) exam.

It’s tough to live with the prospect of possibly spending years in jail, especially for more than a decade. Given the circumstances, this sentence must be a huge relief.

TorrentFreak contacted Buckley, who informed us that he is happy with the outcome and ready to work on a bright future.

“I really respect the government and the judge in their sentencing and am extremely grateful that they took into account all concerns of my health and life situation in regards to possible sentences,” he tells us.

“I am just glad to have another chance to use my time and skills to hopefully contribute to society in a more positive way as much as I am capable thanks to the outcome of the case.”

Time to move on.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

AskRob: Does Tor let government peek at vuln info?

Post Syndicated from Robert Graham original http://blog.erratasec.com/2018/03/askrob-does-tor-let-government-peek-at.html

On Twitter, somebody asked this question:

The question is about a blog post that claims Tor privately tips off the government about vulnerabilities, using as proof a “vulnerability” from October 2007 that wasn’t made public until 2011.
The tl;dr is that it’s bunk. There was no vulnerability, it was a feature request. The details were already public. There was no spy agency involved, but the agency that does Voice of America, and which tries to protect activists under foreign repressive regimes.

Discussion

The issue is that Tor traffic looks like Tor traffic, making it easy to block/censor, or worse, identify users. Over the years, Tor has added features to make it look more and more like normal traffic, like the encrypted traffic used by Facebook, Google, and Apple. Tors improves this bit-by-bit over time, but short of actually piggybacking on website traffic, it will always leave some telltale signature.
An example showing how we can distinguish Tor traffic is the packet below, from the latest version of the Tor server:
Had this been Google or Facebook, the names would be something like “www.google.com” or “facebook.com”. Or, had this been a normal “self-signed” certificate, the names would still be recognizable. But Tor creates randomized names, with letters and numbers, making it distinctive. It’s hard to automate detection of this, because it’s only probably Tor (other self-signed certificates look like this, too), which means you’ll have occasional “false-positives”. But still, if you compare this to the pattern of traffic, you can reliably detect that Tor is happening on your network.
This has always been a known issue, since the earliest days. Google the search term “detect tor traffic”, and set your advanced search dates to before 2007, and you’ll see lots of discussion about this, such as this post for writing intrusion-detection signatures for Tor.
Among the things you’ll find is this presentation from 2006 where its creator (Roger Dingledine) talks about how Tor can be identified on the network with its unique network fingerprint. For a “vulnerability” they supposedly kept private until 2011, they were awfully darn public about it.
The above blogpost claims Tor kept this vulnerability secret until 2011 by citing this message. It’s because Levine doesn’t understand the terminology and is just blindly searching for an exact match for “TLS normalization”. Here’s an earlier proposed change for the long term goal of to “make our connection handshake look closer to a regular HTTPS [TLS] connection”, from February 2007. Here is another proposal from October 2007 on changing TLS certificates, from days after the email discussion (after they shipped the feature, presumably).
What we see here is here is a known problem from the very beginning of the project, a long term effort to fix that problem, and a slow dribble of features added over time to preserve backwards compatibility.
Now let’s talk about the original train of emails cited in the blogpost. It’s hard to see the full context here, but it sounds like BBG made a feature request to make Tor look even more like normal TLS, which is hinted with the phrase “make our funders happy”. Of course the people giving Tor money are going to ask for improvements, and of course Tor would in turn discuss those improvements with the donor before implementing them. It’s common in project management: somebody sends you a feature request, you then send the proposal back to them to verify what you are building is what they asked for.
As for the subsequent salacious paragraph about “secrecy”, that too is normal. When improving a problem, you don’t want to talk about the details until after you have a fix. But note that this is largely more for PR than anything else. The details on how to detect Tor are available to anybody who looks for them — they just aren’t readily accessible to the layman. For example, Tenable Networks announced the previous month exactly this ability to detect Tor’s traffic, because any techy wanting to would’ve found the secrets how to. Indeed, Teneble’s announcement may have been the impetus for BBG’s request to Tor: “can you fix it so that this new Tenable feature no longer works”.
To be clear, there are zero secret “vulnerability details” here that some secret spy agency could use to detect Tor. They were already known, and in the Teneble product, and within the grasp of any techy who wanted to discover them. A spy agency could just buy Teneble, or copy it, instead of going through this intricate conspiracy.

Conclusion

The issue isn’t a “vulnerability”. Tor traffic is recognizable on the network, and over time, they make it less and less recognizable. Eventually they’ll just piggyback on true HTTPS and convince CloudFlare to host ingress nodes, or something, making it completely undetectable. In the meanwhile, it leaves behind fingerprints, as I showed above.
What we see in the email exchanges is the normal interaction of a donor asking for a feature, not a private “tip off”. It’s likely the donor is the one who tipped off Tor, pointing out Tenable’s product to detect Tor.
Whatever secrets Tor could have tipped off to the “secret spy agency” were no more than what Tenable was already doing in a shipping product.

Update: People are trying to make it look like Voice of America is some sort of intelligence agency. That’s a conspiracy theory. It’s not a member of the American intelligence community. You’d have to come up with a solid reason explaining why the United States is hiding VoA’s membership in the intelligence community, or you’d have to believe that everything in the U.S. government is really just some arm of the C.I.A.

Kim Dotcom Begins New Fight to Avoid Extradition to United States

Post Syndicated from Andy original https://torrentfreak.com/kim-dotcom-begins-new-fight-to-avoid-extradition-to-united-states-180212/

More than six years ago in January 2012, file-hosting site Megaupload was shut down by the United States government and founder Kim Dotcom and his associates were arrested in New Zealand.

What followed was an epic legal battle to extradite Dotcom, Mathias Ortmann, Finn Batato, and Bram van der Kolk to the United States to face several counts including copyright infringement, racketeering, and money laundering. Dotcom has battled the US government every inch of the way.

The most significant matters include the validity of the search warrants used to raid Dotcom’s Coatesville home on January 20, 2012. Despite a prolonged trip through the legal system, in 2014 the Supreme Court dismissed Dotcom’s appeals that the search warrants weren’t valid.

In 2015, the District Court later ruled that Dotcom and his associates are eligible for extradition. A subsequent appeal to the High Court failed when in February 2017 – and despite a finding that communicating copyright-protected works to the public is not a criminal offense in New Zealand – a judge also ruled in favor.

Of course, Dotcom and his associates immediately filed appeals and today in the Court of Appeal in Wellington, their hearing got underway.

Lawyer Grant Illingworth, representing Van der Kolk and Ortmann, told the Court that the case had “gone off the rails” during the initial 10-week extradition hearing in 2015, arguing that the case had merited “meaningful” consideration by a judge, something which failed to happen.

“It all went wrong. It went absolutely, totally wrong,” Mr. Illingworth said. “We were not heard.”

As expected, Illingworth underlined the belief that under New Zealand law, a person may only be extradited for an offense that could be tried in a criminal court locally. His clients’ cases do not meet that standard, the lawyer argued.

Turning back the clocks more than six years, Illingworth again raised the thorny issue of the warrants used to authorize the raids on the Megaupload defendants.

It had previously been established that New Zealand’s GCSB intelligence service had illegally spied on Dotcom and his associates in the lead up to their arrests. However, that fact was not disclosed to the District Court judge who authorized the raids.

“We say that there was misleading conduct at this stage because there was no reference to the fact that information had been gathered illegally by the GCSB,” he said.

But according to Justice Forrest Miller, even if this defense argument holds up the High Court had already found there was a prima facie case to answer “with bells on”.

“The difficulty that you face here ultimately is whether the judicial process that has been followed in both of the courts below was meaningful, to use the Canadian standard,” Justice Miller said.

“You’re going to have to persuade us that what Justice Gilbert [in the High Court] ended up with, even assuming your interpretation of the legislation is correct, was wrong.”

Although the US seeks to extradite Dotcom and his associates on 13 charges, including racketeering, copyright infringement, money laundering and wire fraud, the Court of Appeal previously confirmed that extradition could be granted based on just some of the charges.

The stakes couldn’t be much higher. The FBI says that the “Megaupload Conspiracy” earned the quartet $175m and if extradited to the US, they could face decades in jail.

While Dotcom was not in court today, he has been active on Twitter.

“The court process went ‘off the rails’ when the only copyright expert Judge in NZ was >removed< from my case and replaced by a non-tech Judge who asked if Mega was ‘cow storage’. He then simply copy/pasted 85% of the US submissions into his judgment," Dotcom wrote.

Dotcom also appeared to question the suitability of judges at both the High Court and Court of Appeal for the task in hand.

“Justice Miller and Justice Gilbert (he wrote that High Court judgment) were business partners at the law firm Chapman Tripp which represents the Hollywood Studios in my case. Both Judges are now at the Court of Appeal. Gilbert was promoted shortly after ruling against me,” Dotcom added.

Dotcom is currently suing the New Zealand government for billions of dollars in damages over the warrant which triggered his arrest and the demise of Megaupload.

The hearing is expected to last up to two-and-a-half weeks.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Denuvo Has Been Sold to Global Anti-Piracy Outfit Irdeto

Post Syndicated from Andy original https://torrentfreak.com/denuvo-has-been-sold-to-global-anti-piracy-outfit-irdeto-180123/

It’s fair to say that of all video games anti-piracy technologies, Denuvo is perhaps the most hated of recent times. That hatred unsurprisingly stems from both its success and complexity.

Those with knowledge of the system say it’s fiendishly difficult to defeat but in recent times, cracks have been showing. In 2017, various iterations of the anti-tamper system were defeated by several cracking groups, much to the delight of the pirate masses.

Now, however, a new development has the potential to herald a new lease of life for the Austria-based anti-piracy company. A few moments ago it was revealed that the company has been bought by Irdeto, a global anti-piracy company with considerable heritage and resources.

“Irdeto has acquired Denuvo, the world leader in gaming security, to provide anti-piracy and anti-cheat solutions for games on desktop, mobile, console and VR devices,” Irdeto said in a statement.

“Denuvo provides technology and services for game publishers and platforms, independent software vendors, e-publishers and video publishers across the globe. Current Denuvo customers include Electronic Arts, UbiSoft, Warner Bros and Lionsgate Entertainment, with protection provided for games such as Star Wars Battlefront II, Football Manager, Injustice 2 and others.”

Irdeto says that Denuvo will “continue to operate as usual” with all of its staff retained – a total of 45 across Austria, Poland, the Czech Republic, and the US. Denuvo headquarters in Salzburg, Austria, will also remain intact along with its sales operations.

“The success of any game title is dependent upon the ability of the title to operate as the publisher intended,” says Irdeto CEO Doug Lowther.

“As a result, protection of both the game itself and the gaming experience for end users is critical. Our partnership brings together decades of security expertise under one roof to better address new and evolving security threats. We are looking forward to collaborating as a team on a number of initiatives to improve our core technology and services to better serve our customers.”

Denuvo was founded relatively recently in 2013 and employs less than 50 people. In contrast, Irdeto’s roots go all the way back to 1969 and currently has almost 1,000 staff. It’s a subsidiary of South Africa-based Internet and media group Naspers, a corporate giant with dozens of notable companies under its control.

While Denuvo is perhaps best known for its anti-piracy technology, Irdeto is also placing emphasis on the company’s ability to hinder cheating in online multi-player gaming environments. This has become a hot topic recently, with several lawsuits filed in the US by companies including Blizzard and Epic.

Denuvo CEO Reinhard Blaukovitsch

“Hackers and cybercriminals in the gaming space are savvy, and always have been. It is critical to implement robust security strategies to combat the latest gaming threats and protect the investment in games. Much like the movie industry, it’s the only way to ensure that great games continue to get made,” says Denuvo CEO Reinhard Blaukovitsch.

“In joining with Irdeto, we are bringing together a unique combination of security expertise, technology and enhanced piracy services to aggressively address security challenges that customers and gamers face from hackers.”

While it seems likely that the companies have been in negotiations for some, the timing of this announcement also coincides with negative news for Denuvo.

Yesterday it was revealed that the latest variant of its anti-tamper technology – Denuvo v4.8 – had been defeated by online cracking group CPY (Conspiracy). Version 4.8 had been protecting Sonic Forces since its release early November 2017 but the game was leaked out onto the Internet late Sunday with all protection neutralized.

Sonic Forces cracked by CPY

Irdeto has a long history of acquiring anti-piracy companies and technologies. They include Lockstream (DRM for content on mobile phones), Philips Cryptoworks (DVB conditional access system), Cloakware (various security), Entriq (media protection), BD+ (Blu-ray protection), and BayTSP (anti-piracy monitoring).

It’s also noteworthy that Irdeto supplied behind-the-scenes support in two of the largest IPTV provider raids of recent times, one focused on Spain in 2017 and more recently in Cyprus, Bulgaria, Greece and the Netherlands (1,2,3).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

“Pirate” Streaming Service Sued by “Legal” Competitor

Post Syndicated from Ernesto original https://torrentfreak.com/pirate-streaming-service-sued-by-legal-competitor-171222/

In recent years there has been a boom in video streaming services, some operating with proper licenses and others without.

In a few cases, the line between legal and illegal is hard to spot for the public. When the latest Hollywood blockbusters are available for free it’s quite clear, but there are also slick-looking paid subscription services that operate without proper licenses.

The latter is what eTVnet is accused of. The streaming service targets Russian speakers in the United States and is accessible via the web or streaming boxes such as Roku. However, it does so without proper licenses, a complaint filed at a Massachusetts federal court alleges.

“On information and belief, the eTVnet Conspirators have illegally copied thousands of movies and are distributing them to paying customers illegally,” the complaint reads.

“By populating their streaming video service with stolen, illegally copied, and infringing copyrighted content, the eTVnet Conspirators have unlawfully and unfairly gained an advantage over their competitors, including Plaintiff.”

While this reads like a typical copyright infringement lawsuit, it isn’t. The complaint was filed by the Scottish company Alamite Ventures, which operates TUA.tv, a competing streaming service in the US.

The company filed suit against eTVnet, which is incorporated in Canada, as well as two owners and operators of the streaming service. They stand accused of civil conspiracy, unfair business practices, and false or misleading representations of fact under the Lanham Act.

“The eTVnet Conspirators deceptively market the eTVnet Service as a legal and fully licensed service,” Alamite Ventures notes.

ETVNET

There obviously can’t be a claim for copyright infringement damages, since Alamite is not a copyright holder, but the complaint does mention that major US companies such as HBO, Disney and Netflix are harmed as well.

“Given the staggering amount of copyright infringement committed by the eTVnet Conspirators, the damage to United States-based copyright owners easily eclipses $100,000,000,” it reads.

There is no calculation or evidence to back the $100 million claim, which seems quite substantial. However, according to Alamite Ventures there is no doubt that eTVnet is willingly operating a pirate service.

“…the eTVnet Conspirators know that their actions are illegal and have instituted a sophisticated scheme to avoid getting caught.”

“For example, the eTVnet Conspirators do not allow new users to access the stolen content library until they can verify that the new users are not “spies” or affiliated with content producers or law enforcement.”

Alamite Ventures hopes the court will agree and requests damages, as well as the shutdown of eTVnet in the United States.

A copy of the full complaint is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Libertarians are against net neutrality

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/12/libertarians-are-against-net-neutrality.html

This post claims to be by a libertarian in support of net neutrality. As a libertarian, I need to debunk this. “Net neutrality” is a case of one-hand clapping, you rarely hear the competing side, and thus, that side may sound attractive. This post is about the other side, from a libertarian point of view.

That post just repeats the common, and wrong, left-wing talking points. I mean, there might be a libertarian case for some broadband regulation, but this isn’t it.

This thing they call “net neutrality” is just left-wing politics masquerading as some sort of principle. It’s no different than how people claim to be “pro-choice”, yet demand forced vaccinations. Or, it’s no different than how people claim to believe in “traditional marriage” even while they are on their third “traditional marriage”.

Properly defined, “net neutrality” means no discrimination of network traffic. But nobody wants that. A classic example is how most internet connections have faster download speeds than uploads. This discriminates against upload traffic, harming innovation in upload-centric applications like DropBox’s cloud backup or BitTorrent’s peer-to-peer file transfer. Yet activists never mention this, or other types of network traffic discrimination, because they no more care about “net neutrality” than Trump or Gingrich care about “traditional marriage”.

Instead, when people say “net neutrality”, they mean “government regulation”. It’s the same old debate between who is the best steward of consumer interest: the free-market or government.

Specifically, in the current debate, they are referring to the Obama-era FCC “Open Internet” order and reclassification of broadband under “Title II” so they can regulate it. Trump’s FCC is putting broadband back to “Title I”, which means the FCC can’t regulate most of its “Open Internet” order.

Don’t be tricked into thinking the “Open Internet” order is anything but intensely politically. The premise behind the order is the Democrat’s firm believe that it’s government who created the Internet, and all innovation, advances, and investment ultimately come from the government. It sees ISPs as inherently deceitful entities who will only serve their own interests, at the expense of consumers, unless the FCC protects consumers.

It says so right in the order itself. It starts with the premise that broadband ISPs are evil, using illegitimate “tactics” to hurt consumers, and continues with similar language throughout the order.

A good contrast to this can be seen in Tim Wu’s non-political original paper in 2003 that coined the term “net neutrality”. Whereas the FCC sees broadband ISPs as enemies of consumers, Wu saw them as allies. His concern was not that ISPs would do evil things, but that they would do stupid things, such as favoring short-term interests over long-term innovation (such as having faster downloads than uploads).

The political depravity of the FCC’s order can be seen in this comment from one of the commissioners who voted for those rules:

FCC Commissioner Jessica Rosenworcel wants to increase the minimum broadband standards far past the new 25Mbps download threshold, up to 100Mbps. “We invented the internet. We can do audacious things if we set big goals, and I think our new threshold, frankly, should be 100Mbps. I think anything short of that shortchanges our children, our future, and our new digital economy,” Commissioner Rosenworcel said.

This is indistinguishable from communist rhetoric that credits the Party for everything, as this booklet from North Korea will explain to you.

But what about monopolies? After all, while the free-market may work when there’s competition, it breaks down where there are fewer competitors, oligopolies, and monopolies.

There is some truth to this, in individual cities, there’s often only only a single credible high-speed broadband provider. But this isn’t the issue at stake here. The FCC isn’t proposing light-handed regulation to keep monopolies in check, but heavy-handed regulation that regulates every last decision.

Advocates of FCC regulation keep pointing how broadband monopolies can exploit their renting-seeking positions in order to screw the customer. They keep coming up with ever more bizarre and unlikely scenarios what monopoly power grants the ISPs.

But the never mention the most simplest: that broadband monopolies can just charge customers more money. They imagine instead that these companies will pursue a string of outrageous, evil, and less profitable behaviors to exploit their monopoly position.

The FCC’s reclassification of broadband under Title II gives it full power to regulate ISPs as utilities, including setting prices. The FCC has stepped back from this, promising it won’t go so far as to set prices, that it’s only regulating these evil conspiracy theories. This is kind of bizarre: either broadband ISPs are evilly exploiting their monopoly power or they aren’t. Why stop at regulating only half the evil?

The answer is that the claim “monopoly” power is a deception. It starts with overstating how many monopolies there are to begin with. When it issued its 2015 “Open Internet” order the FCC simultaneously redefined what they meant by “broadband”, upping the speed from 5-mbps to 25-mbps. That’s because while most consumers have multiple choices at 5-mbps, fewer consumers have multiple choices at 25-mbps. It’s a dirty political trick to convince you there is more of a problem than there is.

In any case, their rules still apply to the slower broadband providers, and equally apply to the mobile (cell phone) providers. The US has four mobile phone providers (AT&T, Verizon, T-Mobile, and Sprint) and plenty of competition between them. That it’s monopolistic power that the FCC cares about here is a lie. As their Open Internet order clearly shows, the fundamental principle that animates the document is that all corporations, monopolies or not, are treacherous and must be regulated.

“But corporations are indeed evil”, people argue, “see here’s a list of evil things they have done in the past!”

No, those things weren’t evil. They were done because they benefited the customers, not as some sort of secret rent seeking behavior.

For example, one of the more common “net neutrality abuses” that people mention is AT&T’s blocking of FaceTime. I’ve debunked this elsewhere on this blog, but the summary is this: there was no network blocking involved (not a “net neutrality” issue), and the FCC analyzed it and decided it was in the best interests of the consumer. It’s disingenuous to claim it’s an evil that justifies FCC actions when the FCC itself declared it not evil and took no action. It’s disingenuous to cite the “net neutrality” principle that all network traffic must be treated when, in fact, the network did treat all the traffic equally.

Another frequently cited abuse is Comcast’s throttling of BitTorrent.Comcast did this because Netflix users were complaining. Like all streaming video, Netflix backs off to slower speed (and poorer quality) when it experiences congestion. BitTorrent, uniquely among applications, never backs off. As most applications become slower and slower, BitTorrent just speeds up, consuming all available bandwidth. This is especially problematic when there’s limited upload bandwidth available. Thus, Comcast throttled BitTorrent during prime time TV viewing hours when the network was already overloaded by Netflix and other streams. BitTorrent users wouldn’t mind this throttling, because it often took days to download a big file anyway.

When the FCC took action, Comcast stopped the throttling and imposed bandwidth caps instead. This was a worse solution for everyone. It penalized heavy Netflix viewers, and prevented BitTorrent users from large downloads. Even though BitTorrent users were seen as the victims of this throttling, they’d vastly prefer the throttling over the bandwidth caps.

In both the FaceTime and BitTorrent cases, the issue was “network management”. AT&T had no competing video calling service, Comcast had no competing download service. They were only reacting to the fact their networks were overloaded, and did appropriate things to solve the problem.

Mobile carriers still struggle with the “network management” issue. While their networks are fast, they are still of low capacity, and quickly degrade under heavy use. They are looking for tricks in order to reduce usage while giving consumers maximum utility.

The biggest concern is video. It’s problematic because it’s designed to consume as much bandwidth as it can, throttling itself only when it experiences congestion. This is what you probably want when watching Netflix at the highest possible quality, but it’s bad when confronted with mobile bandwidth caps.

With small mobile devices, you don’t want as much quality anyway. You want the video degraded to lower quality, and lower bandwidth, all the time.

That’s the reasoning behind T-Mobile’s offerings. They offer an unlimited video plan in conjunction with the biggest video providers (Netflix, YouTube, etc.). The catch is that when congestion occurs, they’ll throttle it to lower quality. In other words, they give their bandwidth to all the other phones in your area first, then give you as much of the leftover bandwidth as you want for video.

While it sounds like T-Mobile is doing something evil, “zero-rating” certain video providers and degrading video quality, the FCC allows this, because they recognize it’s in the customer interest.

Mobile providers especially have great interest in more innovation in this area, in order to conserve precious bandwidth, but they are finding it costly. They can’t just innovate, but must ask the FCC permission first. And with the new heavy handed FCC rules, they’ve become hostile to this innovation. This attitude is highlighted by the statement from the “Open Internet” order:

And consumers must be protected, for example from mobile commercial practices masquerading as “reasonable network management.”

This is a clear declaration that free-market doesn’t work and won’t correct abuses, and that that mobile companies are treacherous and will do evil things without FCC oversight.

Conclusion

Ignoring the rhetoric for the moment, the debate comes down to simple left-wing authoritarianism and libertarian principles. The Obama administration created a regulatory regime under clear Democrat principles, and the Trump administration is rolling it back to more free-market principles. There is no principle at stake here, certainly nothing to do with a technical definition of “net neutrality”.

The 2015 “Open Internet” order is not about “treating network traffic neutrally”, because it doesn’t do that. Instead, it’s purely a left-wing document that claims corporations cannot be trusted, must be regulated, and that innovation and prosperity comes from the regulators and not the free market.

It’s not about monopolistic power. The primary targets of regulation are the mobile broadband providers, where there is plenty of competition, and who have the most “network management” issues. Even if it were just about wired broadband (like Comcast), it’s still ignoring the primary ways monopolies profit (raising prices) and instead focuses on bizarre and unlikely ways of rent seeking.

If you are a libertarian who nonetheless believes in this “net neutrality” slogan, you’ve got to do better than mindlessly repeating the arguments of the left-wing. The term itself, “net neutrality”, is just a slogan, varying from person to person, from moment to moment. You have to be more specific. If you truly believe in the “net neutrality” technical principle that all traffic should be treated equally, then you’ll want a rewrite of the “Open Internet” order.

In the end, while libertarians may still support some form of broadband regulation, it’s impossible to reconcile libertarianism with the 2015 “Open Internet”, or the vague things people mean by the slogan “net neutrality”.

Sky: People Can’t Pirate Live Soccer in the UK Anymore

Post Syndicated from Andy original https://torrentfreak.com/sky-people-cant-pirate-live-soccer-in-the-uk-anymore-171108/

The commotion over the set-top box streaming phenomenon is showing no signs of dying down and if day one at the Cable and Satellite Broadcasting Association of Asia (CASBAA) Conference 2017 was anything to go by, things are only heating up.

Held at Studio City in Macau, the conference has a strong anti-piracy element and was opened by Joe Welch, CASBAA Board Chairman and SVP Public Affairs Asia, 21st Century Fox. He began Tuesday by noting the important recent launch of a brand new anti-piracy initiative.

“CASBAA recently launched the Coalition Against Piracy, funded by 18 of the region’s content players and distribution partners,” he said.

TF reported on the formation of the coalition mid-October. It includes heavyweights such as Disney, Fox, HBO, NBCUniversal and BBC Worldwide, and will have a strong focus on the illicit set-top box market.

Illegal streaming devices (or ISDs, as the industry calls them), were directly addressed in a segment yesterday afternoon titled Face To Face. Led by Dr. Ros Lynch, Director of Copyright & IP Enforcement at the UK Intellectual Property Office, the session detailed the “onslaught of online piracy” and the rise of ISDs that is apparently “shaking the market”.

Given the apparent gravity of those statements, the following will probably come as a surprise. According to Lynch, the UK IPO sought the opinion of UK-based rightsholders about the pirate box phenomenon a while back after being informed of their popularity in the East. The response was that pirate boxes weren’t an issue. It didn’t take long, however, for things to blow up.

“The UKIPO provides intelligence and evidence to industry and the Police Intellectual Property Crime Unit (PIPCU) in London who then take enforcement actions,” Lynch explained.

“We first heard about the issues with ISDs from [broadcaster] TVB in Hong Kong and we then consulted the UK rights holders who responded that it wasn’t a problem. Two years later the issue just exploded.”

The evidence of that in the UK isn’t difficult to find. In addition to millions of devices with both free Kodi addon and subscription-based systems deployed, the app market has bloomed too, offering free or near to free content to all.

This caught the eye of the Premier League who this year obtained two pioneering injunctions (1,2) to tackle live streams of football games. Streams are blocked by local ISPs in real-time, making illicit online viewing a more painful experience than it ever has been. No doubt progress has been made on this front, with thousands of streams blocked, but according to broadcaster Sky, the results are unprecedented.

“Site-blocking has moved the goalposts significantly,” said Matthew Hibbert, head of litigation at Sky UK.

“In the UK you cannot watch pirated live Premier League content anymore,” he said.

While progress has been good, the statement is overly enthusiastic. TF sources have been monitoring the availability of pirate streams on around dozen illicit sites and services every Saturday (when it is actually illegal to broadcast matches in the UK) and service has been steady on around half of them and intermittent at worst on the rest.

There are hundreds of other platforms available so while many are definitely affected by Premier League blocking, it’s safe to assume that live football piracy hasn’t been wiped out. Nevertheless, it would be wrong to suggest that no progress has been made, in this and other related areas.

Kevin Plumb, Director of Legal Services at The Premier League, said that pubs showing football from illegal streams had also massively dwindled in numbers.

“In the past 18 months the illegal broadcasting of live Premier League matches in pubs in the UK has been decimated,” he said.

This result is almost certainly down to prosecutions taken in tandem with the Federation Against Copyright Theft (FACT), that have seen several landlords landed with large fines. Indeed, both sides of the market have been tackled, with both licensed premises and IPTV device sellers being targeted.

“The most successful thing we’ve done to combat piracy has been to undertake criminal prosecutions against ISD piracy,” said FACT chief Kieron Sharp yesterday. “Everyone is pleading guilty to these offenses.”

Most if not all of FACT-led prosecutions target device and subscription sellers under fraud legislation but that could change in the future, Lynch of the Intellectual Property Office said.

“While the UK works to update its legislation, we can’t wait for the new legislation to take enforcement actions and we rely heavily on ‘conspiracy to defraud’ charges, and have successfully prosecuted a number of ISD retailers,” she said.

Finally, information provided yesterday by network company CISCO shine light on what it costs to run a subscription-based pirate IPTV operation.

Director of Intelligence & Security Operations Avigail Gutman said a pirate IPTV server offering 1,000 channels to around 1,000 subscribers can cost as little as 2,000 euros per month to run but can generate 12,000 euros in revenue during the same period.

“In April of 2017, ten major paid TV and content providers had relinquished 3.09 million euros per month to 285 ISD-based streaming pirate syndicates,” she said.

There’s little doubt that IPTV piracy, both paid and free, is here to stay. The big question is how it will be tackled short and long-term and whether any changes in legislation will have any unintended knock-on effects.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

MPAA and RIAA’s Megaupload Lawsuits Remain on Hold

Post Syndicated from Ernesto original https://torrentfreak.com/mpaa-and-riaas-megaupload-lawsuits-remain-on-hold-171023/

More than half a decade has passed since Megaupload was shut down and it’s still unclear how the criminal proceedings will unfold.

Aside from Andrus Nomm’s plea deal, progress in the criminal proceedings has been slow.

Earlier this year there was some movement when the New Zealand High Court ruled that Kim Dotcom and his former colleagues can be extradited to the US. This extradition would not be on copyright grounds, but for conspiracy to defraud.

Following the ruling, Dotcom and his former colleagues quickly announced they would take the matter to the Court of Appeal. This process is still pending and may take several more months to complete.

While all parties await the outcome, the criminal case in the United States remains pending. The same goes for the civil cases launched by the MPAA and RIAA in 2014.

Since the civil cases may influence the criminal proceedings, Megaupload’s legal team previously managed to put these cases on hold, and last week they requested another extension.

This is not the first time that such a request had been made. There have been several extensions already.

At the time of the last request, there were concerns that the long delays could result in the destruction of evidence, as some of Megaupload’s hard drives were starting to fail. However, after the parties agreed on a solution to back-up and restore the files, this is no longer an issue.

“With the preservation order in place, and there being no other objection, Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months,” Megaupload’s legal team informed the court this week.

Without any objections from the MPAA and RIAA, U.S. District Court Judge Liam O’Grady swiftly granted Megaupload’s request to stay both lawsuits until April next year.

To be continued.

Order to stay

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

New UK IP Crime Report Reveals Continued Focus on ‘Pirate’ Kodi Boxes

Post Syndicated from Andy original https://torrentfreak.com/new-uk-ip-crime-report-reveals-continued-focus-on-pirate-kodi-boxes-170908/

The UK’s Intellectual Property Office has published its annual IP Crime Report, spanning the period 2016 to 2017.

It covers key events in the copyright and trademark arenas and is presented with input from the police and trading standards, plus private entities such as the BPI, Premier League, and Federation Against Copyright Theft, to name a few.

The report begins with an interesting statistic. Despite claims that many millions of UK citizens regularly engage in some kind of infringement, figures from the Ministry of Justice indicate that just 47 people were found guilty of offenses under the Copyright, Designs and Patents Act during 2016. That’s down on the 69 found guilty in the previous year.

Despite this low conviction rate, 15% of all internet users aged 12+ are reported to have consumed at least one item of illegal content between March and May 2017. Figures supplied by the Industry Trust for IP indicate that 19% of adults watch content via various IPTV devices – often referred to as set-top, streaming, Android, or Kodi boxes.

“At its cutting edge IP crime is innovative. It exploits technological loopholes before they become apparent. IP crime involves sophisticated hackers, criminal financial experts, international gangs and service delivery networks. Keeping pace with criminal innovation places a burden on IP crime prevention resources,” the report notes.

The report covers a broad range of IP crime, from counterfeit sportswear to foodstuffs, but our focus is obviously on Internet-based infringement. Various contributors cover various aspects of online activity as it affects them, including music industry group BPI.

“The main online piracy threats to the UK recorded music industry at present are from BitTorrent networks, linking/aggregator sites, stream-ripping sites, unauthorized streaming sites and cyberlockers,” the BPI notes.

The BPI’s website blocking efforts have been closely reported, with 63 infringing sites blocked to date via various court orders. However, the BPI reports that more than 700 related URLs, IP addresses, and proxy sites/ proxy aggregators have also been rendered inaccessible as part of the same action.

“Site blocking has proven to be a successful strategy as the longer the blocks are in place, the more effective they are. We have seen traffic to these sites reduce by an average of 70% or more,” the BPI reports.

While prosecutions against music pirates are a fairly rare event in the UK, the Crown Prosecution Service (CPS) Specialist Fraud Division highlights that their most significant prosecution of the past 12 months involved a prolific music uploader.

As first revealed here on TF, Wayne Evans was an uploader not only on KickassTorrents and The Pirate Bay, but also some of his own sites. Known online as OldSkoolScouse, Evans reportedly cost the UK’s Performing Rights Society more than £1m in a single year. He was sentenced in December 2016 to 12 months in prison.

While Evans has been free for some time already, the CPS places particular emphasis on the importance of the case, “since it provided sentencing guidance for the Copyright, Designs and Patents Act 1988, where before there was no definitive guideline.”

The CPS says the case was useful on a number of fronts. Despite illegal distribution of content being difficult to investigate and piracy losses proving tricky to quantify, the court found that deterrent sentences are appropriate for the kinds of offenses Evans was accused of.

The CPS notes that various factors affect the severity of such sentences, not least the length of time the unlawful activity has persisted and particularly if it has done so after the service of a cease and desist notice. Other factors include the profit made by defendants and/or the loss caused to copyright holders “so far as it can accurately be calculated.”

Importantly, however, the CPS says that beyond issues of personal mitigation and timely guilty pleas, a jail sentence is probably going to be the outcome for others engaging in this kind of activity in future. That’s something for torrent and streaming site operators and their content uploaders to consider.

“[U]nless the unlawful activity of this kind is very amateur, minor or short-lived, or in the absence of particularly compelling mitigation or other exceptional circumstances, an immediate custodial sentence is likely to be appropriate in cases of illegal distribution of copyright infringing articles,” the CPS concludes.

But while a music-related trial provided the highlight of the year for the CPS, the online infringement world is still dominated by the rise of streaming sites and the now omnipresent “fully-loaded Kodi Box” – set-top devices configured to receive copyright-infringing live TV and VOD.

In the IP Crime Report, the Intellectual Property Office references a former US Secretary of Defense to describe the emergence of the threat.

“The echoes of Donald Rumsfeld’s famous aphorism concerning ‘known knowns’ and ‘known unknowns’ reverberate across our landscape perhaps more than any other. The certainty we all share is that we must be ready to confront both ‘known unknowns’ and ‘unknown unknowns’,” the IPO writes.

“Not long ago illegal streaming through Kodi Boxes was an ‘unknown’. Now, this technology updates copyright infringement by empowering TV viewers with the technology they need to subvert copyright law at the flick of a remote control.”

While the set-top box threat has grown in recent times, the report highlights the important legal clarifications that emerged from the BREIN v Filmspeler case, which found itself before the European Court of Justice.

As widely reported, the ECJ determined that the selling of piracy-configured devices amounts to a communication to the public, something which renders their sale illegal. However, in a submission by PIPCU, the Police Intellectual Property Crime Unit, box sellers are said to cast a keen eye on the legal situation.

“Organised criminals, especially those in the UK who distribute set-top boxes, are aware of recent developments in the law and routinely exploit loopholes in it,” PIPCU reports.

“Given recent judgments on the sale of pre-programmed set-top boxes, it is now unlikely criminals would advertise the devices in a way which is clearly infringing by offering them pre-loaded or ‘fully loaded’ with apps and addons specifically designed to access subscription services for free.”

With sellers beginning to clean up their advertising, it seems likely that detection will become more difficult than when selling was considered a gray area. While that will present its own issues, PIPCU still sees problems on two fronts – a lack of clear legislation and a perception of support for ‘pirate’ devices among the public.

“There is no specific legislation currently in place for the prosecution of end users or sellers of set-top boxes. Indeed, the general public do not see the usage of these devices as potentially breaking the law,” the unit reports.

“PIPCU are currently having to try and ‘shoehorn’ existing legislation to fit the type of criminality being observed, such as conspiracy to defraud (common law) to tackle this problem. Cases are yet to be charged and results will be known by late 2017.”

Whether these prosecutions will be effective remains to be seen, but PIPCU’s comments suggest an air of caution set to a backdrop of box-sellers’ tendency to adapt to legal challenges.

“Due to the complexity of these cases it is difficult to substantiate charges under the Fraud Act (2006). PIPCU have convicted one person under the Serious Crime Act (2015) (encouraging or assisting s11 of the Fraud Act). However, this would not be applicable unless the suspect had made obvious attempts to encourage users to use the boxes to watch subscription only content,” PIPCU notes, adding;

“The selling community is close knit and adapts constantly to allow itself to operate in the gray area where current legislation is unclear and where they feel they can continue to sell ‘under the radar’.”

More generally, pirate sites as a whole are still seen as a threat. As reported last month, the current anti-piracy narrative is that pirate sites represent a danger to their users. As a result, efforts are underway to paint torrent and streaming sites as risky places to visit, with users allegedly exposed to malware and other malicious content. The scare strategy is supported by PIPCU.

“Unlike the purchase of counterfeit physical goods, consumers who buy unlicensed content online are not taking a risk. Faulty copyright doesn’t explode, burn or break. For this reason the message as to why the public should avoid copyright fraud needs to be re-focused.

“A more concerted attempt to push out a message relating to malware on pirate websites, the clear criminality and the links to organized crime of those behind the sites are crucial if public opinion is to be changed,” the unit advises.

But while the changing of attitudes is desirable for pro-copyright entities, PIPCU says that winning over the public may not prove to be an easy battle. It was given a small taste of backlash itself, after taking action against the operator of a pirate site.

“The scale of the problem regarding public opinion of online copyright crime is evidenced by our own experience. After PIPCU executed a warrant against the owner of a streaming website, a tweet about the event (read by 200,000 people) produced a reaction heavily weighted against PIPCU’s legitimate enforcement action,” PIPCU concludes.

In summary, it seems likely that more effort will be expended during the next 12 months to target the set-top box threat, but there doesn’t appear to be an abundance of confidence in existing legislation to tackle all but the most egregious offenders. That being said, a line has now been drawn in the sand – if the public is prepared to respect it.

The full IP Crime Report 2016-2017 is available here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

BitTorrent Users Form The World’s Largest Criminal Enterprise, Lawyer Says

Post Syndicated from Andy original https://torrentfreak.com/bittorrent-users-form-the-worlds-largest-criminal-enterprise-lawyer-says-170731/

As the sharing of copyrighted material on the Internet continues, so do the waves of lawsuits which claim compensation for alleged damage caused.

Run by so-called ‘copyright trolls’, these legal efforts are often painted as the only way for rightsholders to send a tough message to deter infringement. In reality, however, these schemes are often the basis for a separate revenue stream, one in which file-sharers are forced to pay large cash sums to make supposed jury trials disappear.

Courts around the United States are becoming familiar with these ‘settlement factories’ and sometimes choose to make life more difficult for the trolls. With this potential for friction, the language deployed in lawsuits is often amped up to paint copyright holders as fighting for their very existence. Meanwhile, alleged infringers are described as hardened criminals intent on wreaking havoc on the entertainment industries.

While this polarization is nothing new, a court filing spotted by the troll-fighters over at Fight Copyright Trolls sees the demonization of file-sharers amped up to eleven – and then some.

The case, which is being heard in a district court in Nevada, features LHF Productions, the outfit behind action movie London Has Fallen. It targets five people who allegedly shared the work using BitTorrent and failed to respond to the company’s requests to settle.

“[N]one of the Defendants referenced herein have made any effort to answer or otherwise respond to the Plaintiff’s allegations. In light of the Defendants’ apparent failure to take any action with respect to the present lawsuit, the Plaintiff is left with no choice but to seek a default judgment,” the motion reads.

In the absence of any defense, LHF Productions asks the court to grant default judgments of $15,000 per defendant, which amounts to $75,000 overall, a decent sum for what amounts to five downloads. LHF Productions notes that it could’ve demanded $150,000 from each individual but feels that a more modest sum would be sufficient to “deter future infringement.”

However, when reading the description of the defendants provided by LHF, one could be forgiven for thinking that they’re actually heinous criminals hell-bent on worldwide destruction.

“The Defendants are participants in a global piracy ring composed of one hundred fifty million members – a ring that threatens to tear down fundamental structures of intellectual property,” the lawsuit reads.

While there are indeed 150 million users of BitTorrent, this characterization that they’re all involved in a single “piracy ring” is both misleading and inaccurate.

BitTorrent swarms are separate entities, so the correct way of describing the defendants would be limited to their action for the movie London Has Fallen. Instead, they’re painted as being involved in a global conspiracy with more members than the populations of the United Kingdom, Canada, and Spain combined.

It seems that the introduction of more drama into these infringement lawsuits is becoming necessary as more courts become wise to the activities of trolls, not least organizations being branded criminal themselves, such as the now defunct Prenda Law.

Perhaps with this in mind, LHF Productions tries to convince the court that far from being small-time file-sharers, people downloading their movie online are actually part of something extremely big, a crime wave so huge that nothing like it has ever been witnessed.

“While the actions of each individual participant may seem innocuous, their collective action amounts to one of the largest criminal enterprises ever seen on earth,” LHF says of the defendants.

“[I]f this pervasive culture of piracy is allowed to continue undeterred, it threatens to undo centuries of intellectual property law and unravel a core pillar of our economy. After all, the right to intellectual property was something so fundamental, so essential, to our nation’s founding, that our founding father’s found it necessary to include in the first article of the Constitution.”

If the apocalyptic scenario painted by LHF in its lawsuit (pdf) is to be believed, recouping a mere $15,000 from each defendant begins to sound like a bargain. Certainly, the movie outfit will be hoping the judge sees it that way too.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Usenet Provider Giganews Sues Perfect 10 For Fraud, Demands $20m

Post Syndicated from Andy original https://torrentfreak.com/usenet-provider-giganews-sues-perfect-10-for-fraud-demands-20m-170712/

For many years, Perfect 10 went about its business of publishing images of women in print and on the Internet. At some point along the way, however, the company decided that threatening to sue online service providers was more profitable.

Claiming copyright infringement, Perfect 10 took on a number of giants including Google, Amazon, Mastercard, and Visa, not to mention hosting providers such as LeaseWeb and OVH.

With court papers revealing that Perfect 10 owner Norman Zada worked 365 days a year on litigation and that the company acquired copyrights for use in lawsuits, it’s no surprise that around two dozen of Perfect 10’s lawsuits ended in cash settlements and defaults.

With dollar signs in mind, Perfect 10 went after another pretty big fish in 2011. The publisher claimed that Usenet provider Giganews was responsible when its users uploaded Perfect 10 images to the newsgroups. Things did not go well.

In November 2014, the U.S. District Court for the Central District of California found that Giganews was not liable for the infringing activities of its users. Perfect 10 was ordered to pay Giganews $5.6m in attorney’s fees and costs. Perfect 10 lost again at the Court of Appeals for the Ninth Circuit.

But even with all of these victories under its belt, Giganews just can’t catch a break.

The company is clearly owed millions but Perfect 10 is refusing to pay up. As a result, this week Giganews filed yet another suit, accusing Perfect 10 and Norman Zada of fraud aimed at depriving Giganews of the amounts laid out by the court.

The claims center around an alleged conspiracy in which Perfect 10 transferred its funds and assets to Zada.

“As of now (over two years since the judgment), Perfect 10 has not voluntarily paid any amount of the judgment,” the complaint begins.

“Instead, Perfect 10, through the unlawful acts of Zada and in conspiracy with him, has intentionally avoided satisfaction of the judgment through a series of fraudulent transfers of Perfect 10’s corporate assets to Zada’s personal possession.”

Giganews says these “illegal and fraudulent” transfers began back in 2014, when Perfect 10 began to realize that the fight against the Usenet provider was going bad.

For example, on November 20, 2014, around six days after the court granted summary judgment in favor of Giganews, Perfect 10 transferred $850,000 to Zada’s personal account. The Perfect 10 owner later told a Judgment Debtor’s Examination that the transfer was made due to the summary judgment orders, a statement that amounts to a confession of fraud, Giganews says.

“We had a settlement of $1.1 million in, I believe, June. I was entitled to that money,” Zada told the hearing. “And after the summary judgment orders were issued, I did not see any point in keeping more cash than we needed in the account.”

Giganews says that Perfect 10 transferred at least $1.75m in cash to Zada.

Then, within weeks of the court ordering Perfect 10 to pay $5.6m in attorneys fees and costs, Giganews says that Zada “fraudulently transferred substantially all
of Perfect 10’s physical assets” to himself for an amount that did not represent their true value.

Those assets included a car, furniture, and computer servers. When Zada was questioned why the transfers took place, he admitted that “it would have been
totally disruptive to have those [assets] seized” in satisfaction of the judgment. Indeed, the complaint alleges that the assets never moved physical location.

Perhaps surprisingly given the judgment, Giganews alleges that Zada continues to run Perfect 10’s business in much the same way as he did before. The company even has copyright infringement litigation underway against AOL in Germany, despite having few assets.

This is made possible, Giganews says, by Perfect 10 calling on assets it previously transferred to Zada. When required by the company, Zada simply “gives” them back.

In summary, Giganews says these transfers display the “badges of fraud” that indicate attempts to “hinder, delay or defraud” creditors, while leaving Perfect 10 practically insolvent.

“As a consequence, Plaintiffs are entitled to a judgment against Defendants, and each of them, in the sum of the unlawfully transferred amounts of at least $1,750,000, or in an amount to be proven at trial, together with interest on that amount at the legal rate of 10% per annum from and after March 24, 2015,” the complaint reads.

But the claim doesn’t stop there. Giganews asks the court to prevent Perfect 10 from transferring any more cash or assets out of Perfect 10 to Zada or anyone acting in concert with him or on his behalf. This is rounded off with a claim for punitive and exemplary damages of $20m to be considered during a jury trial.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Pirate App Store Operator Jailed for Criminal Copyright Infringement

Post Syndicated from Ernesto original https://torrentfreak.com/pirate-app-store-operator-jailed-for-criminal-copyright-infringement-170710/

Assisted by police in France and the Netherlands, the FBI took down the “pirate” Android stores Appbucket, Applanet and SnappzMarket during the summer of 2012.

The domain seizures were the first ever against “rogue” mobile app marketplaces and followed similar actions against BitTorrent and streaming sites.

During the years that followed several people connected to the Android app sites were arrested and indicted. This is also true for the now 27-year-old Joshua Taylor, a resident of Kentwood, Michigan.

Taylor, who arranged SnappzMarket’s servers, was previously convicted of conspiracy to commit criminal copyright infringement and has now been sentenced (pdf) to 16 months in prison for his role in the operation.

According to the Department of Justice, SnappzMarket distributed more than one million pirated apps with a retail value exceeding $1.7 million.

In a sentencing memorandum, defense attorney John Lovell argued that his client never made any “profits” from his involvement, noting that the co-conspirators played a much more significant role.

“Josh Taylor is 27 years old with no other criminal history. His offense involved procuring storage space for the masterminds of the operation,” Lovell wrote. “SnappzMarket did not pay Josh. Whatever profits were generated by SnappzMarket were split between Sharp and Peterson.”

The court record further reveals that Taylor had a very tough childhood and was plagued by both mental and physical challenges.

According to the testimony from his psychologist Meredith Davis, he didn’t understand that he was committing a felonious act, and lacked the cognitive capacity do so intentionally.

The psychologist stressed that her client deeply regrets what happened and she doesn’t think it’s likely that would run into similar problems in the future.

“He has expressed a great deal of remorse for his involvement in the charged crime. Mr. Taylor possesses a high degree of vigilance to avoid any further contact with the law,” Davis wrote to the court.

Despite these arguments, U.S. District Judge Timothy Batten Sr. found a prison sentence appropriate.

While 16 months is significant, it’s not as much as 46 month prison sentence co-conspirator Scott Walton received earlier. Kody Peterson, another key SnappzMarket operator, only received a one year sentence but he agreed to do undercover work for the FBI.

Gary Edwin Sharp II, the only remaining defendant, previously pleaded guilty and is currently scheduled to be sentenced in November. Like the others, he also faces up to several years in prison.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Could Pirate TV Box Users Be Prosecuted For Fraud?

Post Syndicated from Andy original https://torrentfreak.com/could-pirate-tv-box-users-be-prosecuted-for-fraud-170709/

With the issue of piracy-enabled set-top boxes still making the headlines, the English Premier League (EPL) has emerged as the most likely organization to prosecute sellers of infringing boxes in the UK.

However, last month the Federation Against Copyright Theft, who provide anti-piracy services for the EPL, revealed that mere users of boxes (such as those containing augmented Kodi setups) could be targeted for prosecution sometime in the future.

As noted in our earlier coverage, people who merely stream pirated content into their own homes are difficult to track online. They pose much greater challenges than BitTorrent users, for example, who can lead investigators straight to their door. But for FACT chief executive Kieron Sharp, there are opportunities to find people via non-technical means.

“When we’re working with the police against a company that’s selling IPTV boxes or illicit streaming devices on a large scale, they have records of who they’ve sold them to,” Sharp said.

The suggestion here is that box sellers’ customer lists contain the personal details of people who obtain Premier League and other content for free so, once identified, could be open to prosecution.

With conventional thinking under copyright law, prosecuting a set-top box/Kodi user for streaming content to his own home is a bit of a daunting prospect, not to mention an expensive one. Copyright cases are notoriously complicated and an individual putting up a spirited defense could cause problems for the prosecution. The inevitable light sentence wouldn’t provide much of a deterrent either.

With all that in mind, it appears that FACT is more interested in prosecuting under other legislation.

During an interview with BBC Radio 5 Live’s Chris Warburton this week, Sharp said that people streaming into their own homes are committing a criminal offense, i.e., something that could interest the police and attract a fine or custodial sentence.

“The law has always been the case that people who are doing something illegal, streaming in their own homes, through these devices, are committing a crime. What’s happened recently is that’s been clarified by an EU judge in one case and by a civil judge in another,” Sharp said.

The EU case was BREIN v Filmspeler, which in part determined that people who stream content from an illegal source do so in breach of copyright law. The judge in the civil case was Justice Arnold, who in a UK Premier League blocking case reached the same conclusion.

While it’s now fairly clear that streaming pirate content in the EU is indeed illegal, is a civil wrong, and can be dealt with by suing someone, it’s not immediately clear how that turns into a criminal offense. It wasn’t clear in the interview either, so Warburton pressed Sharp again.

“What is the bit of the law that you are breaking when you’re streaming, how are you committing a criminal act?” he asked Sharp.

“There are various pieces of legislation,” the FACT chief said. “The one we’ve been looking at is under the Fraud Act which would say you are committing a fraud by streaming these football matches through to your television, watching them at home, and not paying for the license to do so.”

At this point, everything begins to slot into place.

For the past several years through several high-profile Internet piracy cases, FACT has shied away from prosecutions under copyright law. Each time it has opted for offenses under the Fraud Act 2006, partly because longer sentences were available at the time, i.e., up to 10 years in prison.

However, earlier this year FACT’s lawyer revealed that prosecutions under the Fraud Act can be easier for a jury to understand than those actioned under copyright law.

With this wealth of experience in mind, it’s easy to see why FACT would take this route in set-top box cases, especially when fraud legislation is relatively easy to digest.

Possession etc. of articles for use in frauds

“A person is guilty of an offense if he has in his possession or under his control any article for use in the course of or in connection with any fraud,” the Fraud Act reads.

To clarify, an ‘article’ includes “any program or data held in electronic form,” which is perfect for infringing Kodi addons etc.

Given the above, it seems that if the Court can be convinced that the person knowingly possessed a pirate set-top box programmed for fraudulent purposes, there could, in theory, be a successful prosecution resulting in a prison sentence and/or a fine.

Obtaining services dishonestly

“A person is guilty of an offense under this section if he obtains services for himself or another….by a dishonest act, and….he [knowingly] obtains them without any payment having been made for or in respect of them or without payment having been made in full,” the relevant section of the Act reads.

There are probably other angles to this under the Fraud Act but these seem to fit so well that others might not be needed. But how likely is it that someone could be prosecuted in this manner?

Sharp reiterated to the BBC that FACT could get the identities of box buyers as part of investigations into sellers, and as part of that “would see what the situation is” with their customers.

“It may well be that in the future, somebody who is an end-user may well get prosecuted,” he said.

But while the possibilities are there, Sharp really didn’t seem that keen to commit to the hounding of stream consumers in the future, and certainly not now. FACT’s strategy appears to be grounded in getting the word out that people are breaking the law.

“[People] think they can get away with it and that’s an important message from our perspective, that they must understand that they are committing offenses, apart from all the other issues of why they should be paying for the legal product. This is something that should be of concern to them, that they are committing offenses,” Sharp said.

The big question that remains is whether FACT and the English Premier League would ever take a case against a regular end-user to court. History tells us that this is fairly unlikely, but if any case did end up in court, it would definitely be hand-picked for best results.

For example, someone who bought a box from eBay would probably be of no real interest, but someone who had extended email exchanges with a seller, during which they discussed in detail how to pirate English Premier League games specifically, would provide a more useful test subject.

And then, when there are two people involved (the knowingly infringing buyer and the seller, who would also be prosecuted) that also raises the question of whether there had been an element of conspiracy.

Overall though, what people probably want to know is whether lots of people are going to get prosecuted for fraud and the answer to that is almost certainly ‘no.’ Prosecutions against the little guy are resource hungry, expensive, offer little return, and tend to generate negative publicity if they’re perceived as vindictive.

A single highly publicized case is a possible outcome if FACT and the EPL got really desperate, but there’s no guarantee that the Crown Prosecution Service would allow the case to go ahead.

“Prosecutors should guard against the criminal law being used as a debt collection agency or to protect the commercial interests of companies and organizations,” recent CPS advice reads.

“However, prosecutors should also remain alert to the fact that such organizations can become the focus of serious and organized criminal offending.”

FACT could, of course, conduct a private prosecution, which they have done several times in the past. But that is a risk too, so it seems likely that education efforts will come first, to try and slow things down.

“Our desire has always been that sports fans, football fans, would pay for the commercial package, they would pay a fee to watch and that is still our position,” Sharp told the BBC.

“But working with our clients and members such as the Premier League and Sky and BT Sports, we have to consider all the options available to us, to put a bit of a brake on this problem because it’s growing all the time.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

NonPetya: no evidence it was a "smokescreen"

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/06/nonpetya-no-evidence-it-was-smokescreen.html

Many well-regarded experts claim that the not-Petya ransomware wasn’t “ransomware” at all, but a “wiper” whose goal was to destroy files, without any intent at letting victims recover their files. I want to point out that there is no real evidence of this.

Certainly, things look suspicious. For one thing, it certainly targeted the Ukraine. For another thing, it made several mistakes that prevent them from ever decrypting drives. Their email account was shutdown, and it corrupts the boot sector.

But these things aren’t evidence, they are problems. They are things needing explanation, not things that support our preferred conspiracy theory.

The simplest, Occam’s Razor explanation explanation is that they were simple mistakes. Such mistakes are common among ransomware. We think of virus writers as professional software developers who thoroughly test their code. Decades of evidence show the opposite, that such software is of poor quality with shockingly bad bugs.

It’s true that effectively, nPetya is a wiper. Matthieu Suiche‏ does a great job describing one flaw that prevents it working. @hasherezade does a great job explaining another flaw.  But best explanation isn’t that this is intentional. Even if these bugs didn’t exist, it’d still be a wiper if the perpetrators simply ignored the decryption requests. They need not intentionally make the decryption fail.

Thus, the simpler explanation is that it’s simply a bug. Ransomware authors test the bits they care about, and test less well the bits they don’t. It’s quite plausible to believe that just before shipping the code, they’d add a few extra features, and forget to regression test the entire suite. I mean, I do that all the time with my code.

Some have pointed to the sophistication of the code as proof that such simple errors are unlikely. This isn’t true. While it’s more sophisticated than WannaCry, it’s about average for the current state-of-the-art for ransomware in general. What people think of, such the Petya base, or using PsExec to spread throughout a Windows domain, is already at least a year old.

Indeed, the use of PsExec itself is a bit clumsy, when the code for doing the same thing is already public. It’s just a few calls to basic Windows networking APIs. A sophisticated virus would do this itself, rather than clumsily use PsExec.

Infamy doesn’t mean skill. People keep making the mistake that the more widespread something is in the news, the more skill, the more of a “conspiracy” there must be behind it. This is not true. Virus/worm writers often do newsworthy things by accident. Indeed, the history of worms, starting with the Morris Worm, has been things running out of control more than the author’s expectations.

What makes nPetya newsworthy isn’t the EternalBlue exploit or the wiper feature. Instead, the creators got lucky with MeDoc. The software is used by every major organization in the Ukraine, and at the same time, their website was horribly insecure — laughably insecure. Furthermore, it’s autoupdate feature didn’t check cryptographic signatures. No hacker can plan for this level of widespread incompetence — it’s just extreme luck.

Thus, the effect of bumbling around is something that hit the Ukraine pretty hard, but it’s not necessarily the intent of the creators. It’s like how the Slammer worm hit South Korea pretty hard, or how the Witty worm hit the DoD pretty hard. These things look “targeted”, especially to the victims, but it was by pure chance (provably so, in the case of Witty).

Certainly, MeDoc was targeted. But then, targeting a single organization is the norm for ransomware. They have to do it that way, giving each target a different Bitcoin address for payment. That it then spread to the entire Ukraine, and further, is the sort of thing that typically surprises worm writers.

Finally, there’s little reason to believe that there needs to be a “smokescreen”. Russian hackers are targeting the Ukraine all the time. Whether Russian hackers are to blame for “ransomware” vs. “wiper” makes little difference.

Conclusion

We know that Russian hackers are constantly targeting the Ukraine. Therefore, the theory that this was nPetya’s goal all along, to destroy Ukraines computers, is a good one.

Yet, there’s no actual “evidence” of this. nPetya’s issues are just as easily explained by normal software bugs. The smokescreen isn’t needed. The boot record bug isn’t needed. The single email address that was shutdown isn’t significant, since half of all ransomware uses the same technique.

The experts who disagree with me are really smart/experienced people who you should generally trust. It’s just that I can’t see their evidence.

Update: I wrote another blogpost about “survivorship bias“, refuting the claim by many experts talking about the sophistication of the spreading feature.


Update: comment asks “why is there no Internet spreading code?”. The answer is “I don’t know”, but unanswerable questions aren’t evidence of a conspiracy. “What aren’t there any stars in the background?” isn’t proof the moon landings are fake, such because you can’t answer the question. One guess is that you never want ransomware to spread that far, until you’ve figured out how to get payment from so many people.

Three Men Sentenced Following £2.5m Internet Piracy Case

Post Syndicated from Andy original https://torrentfreak.com/three-men-sentenced-following-2-5m-internet-piracy-case-170622/

While legal action against low-level individual file-sharers is extremely rare in the UK, the country continues to pose a risk for those engaged in larger-scale infringement.

That is largely due to the activities of the Police Intellectual Property Crime Unit and private anti-piracy outfits such as the Federation Against Copyright Theft (FACT). Investigations are often a joint effort which can take many years to complete, but the outcomes can often involve criminal sentences.

That was the profile of another Internet piracy case that concluded in London this week. It involved three men from the UK, Eric Brooks, 43, from Bolton, Mark Valentine, 44, from Manchester, and Craig Lloyd, 33, from Wolverhampton.

The case began when FACT became aware of potentially infringing activity back in February 2011. The anti-piracy group then investigated for more than a year before handing the case to police in March 2012.

On July 4, 2012, officers from City of London Police arrested Eric Brooks’ at his home in Bolton following a joint raid with FACT. Computer equipment was seized containing evidence that Brooks had been running a Netherlands-based server hosting more than £100,000 worth of pirated films, music, games, software and ebooks.

According to police, a spreadsheet on Brooks’ computer revealed he had hundreds of paying customers, all recruited from online forums. Using PayPal or utilizing bank transfers, each paid money to access the server. Police mentioned no group or site names in information released this week.

“Enquiries with PayPal later revealed that [Brooks] had made in excess of £500,000 in the last eight years from his criminal business and had in turn defrauded the film and TV industry alone of more than £2.5 million,” police said.

“As his criminal enterprise affected not only the film and TV but the wider entertainment industry including music, games, books and software it is thought that he cost the wider industry an amount much higher than £2.5 million.”

On the same day police arrested Brooks, Mark Valentine’s home in Manchester had a similar unwelcome visit. A day later, Craig Lloyd’s home in Wolverhampton become the third target for police.

Computer equipment was seized from both addresses which revealed that the pair had been paying for access to Brooks’ servers in order to service their own customers.

“They too had used PayPal as a means of taking payment and had earned thousands of pounds from their criminal actions; Valentine gaining £34,000 and Lloyd making over £70,000,” police revealed.

But after raiding the trio in 2012, it took more than four years to charge the men. In a feature common to many FACT cases, all three were charged with Conspiracy to Defraud rather than copyright infringement offenses. All three men pleaded guilty before trial.

On Monday, the men were sentenced at Inner London Crown Court. Brooks was sentenced to 24 months in prison, suspended for 12 months and ordered to complete 140 hours of unpaid work.

Valentine and Lloyd were each given 18 months in prison, suspended for 12 months. Each was ordered to complete 80 hours unpaid work.

Detective Constable Chris Glover, who led the investigation for the City of London Police, welcomed the sentencing.

“The success of this investigation is a result of co-ordinated joint working between the City of London Police and FACT. Brooks, Valentine and Lloyd all thought that they were operating under the radar and doing something which they thought was beyond the controls of law enforcement,” Glover said.

“Brooks, Valentine and Lloyd will now have time in prison to reflect on their actions and the result should act as deterrent for anyone else who is enticed by abusing the internet to the detriment of the entertainment industry.”

While even suspended sentences are a serious matter, none of the men will see the inside of a cell if they meet the conditions of their sentence for the next 12 months. For a case lasting four years involving such large sums of money, that is probably a disappointing result for FACT and the police.

Nevertheless, the men won’t be allowed to enjoy the financial proceeds of their piracy, if indeed any money is left. City of London Police say the trio will be subject to a future confiscation hearing to seize any proceeds of crime.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

I want to talk for a moment about tolerance

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/05/i-want-to-talk-for-moment-about.html

This post is in response to this Twitter thread. I was going to do a series of tweets in response, but as the number grew, I thought it’d better be done in a blog.

She thinks we are fighting for the rights of Nazis. We aren’t — indeed, the fact that she thinks we are is exactly the problem. They aren’t Nazis.

The issue is not about a slippery slope that first Nazi’s lose free speech, then other groups start losing their speech as well. The issue is that it’s a slippery slope that more and more people get labeled a Nazi. And we are already far down that slope.

The “alt-right” is a diverse group. Like any group. Vilifying the entire alt-right by calling them Nazi’s is like lumping all Muslims in with ISIS or Al Qaeda. We really don’t have Nazi’s in America. Even White Nationalists don’t fit the bill. Nazism was about totalitarianism, real desire to exterminate Jews, lebensraum, and Aryan superiority. Sure, some of these people exist, but they are a fringe, even among the alt-right.

It’s at this point we need to discuss words like “tolerance”. I don’t think it means what you think it means.

The idea of tolerance is that reasonable people can disagree. You still believe you are right, and the other person is wrong, but you accept that they are nonetheless a reasonable person with good intentions, and that they don’t need to be punished for holding the wrong opinion.

Gay rights is a good example. I agree with you that there is only one right answer to this. Having spent nights holding my crying gay college roommate, because his father hated gays, has filled me with enormous hatred and contempt for people like his father. I’ve done my fair share shouting at people for anti-gay slurs.

Yet on the other hand, progressive icons like Barack Obama and Hillary Clinton have had evolving positions on gay rights issues, such as having opposed gay marriage at one time.

Tolerance means accepting that a person is reasonable, intelligent, and well-meaning — even if they oppose gay marriage. It means accepting that Hillary and Obama were reasonable people, even when they were vocally opposing gay marriage.

I’m libertarian. Like most libertarians, I support wide open borders, letting any immigrant across the border for any reason. To me, Hillary’s and Obama’s immigration policies are almost as racist as Trump’s. I have to either believe all you people supporting Hillary/Obama are irredeemably racist — or that well-meaning, good people can disagree about immigration.

I could go through a long list of issues that separate the progressive left and alt-right, and my point would always be the same. While people disagree on issues, and I have my own opinions about which side is right, there are reasonable people on both sides. If there are issues that divide our country down the middle, then by definition, both sides are equally reasonable. The problem with the progressive left is that they do not tolerate this. They see the world as being between one half who hold the correct opinions, and the other half who are unreasonable.

What defines the “alt-right” is not Nazism or White Nationalism, but the reaction of many on the right to intolerance of many on the left. Every time somebody is punished and vilified for uttering what is in fact a reasonable difference of opinion, they join the “alt-right”.

The issue at stake here, the issue that the ACLU is defending, is after that violent attack on the Portland train by an extremist, the city is denying all “alt-right” protesters the right to march. It’s blaming all those of the “alt-right” for the actions of one of their member. It’s similar to cities blocking Muslims from building a mosque because of extremists like ISIS and Al Qaeda, or disturbed individuals who carry out violent attacks in the name of Islam.

This is not just a violation of the First Amendment rights, it’s an obvious one. As the Volokh Conspiracy documents, the courts have ruled many times on this issue. There is no doubt that the “alt-right” has the right to march, and that the city’s efforts to deny them this right is a blatant violation of the constitution.

What we are defending here is not the rights of actual Nazi’s to march (as the courts famous ruled was still legitimate speech in Skokie, Illinois), but the rights of non-Nazi’s to march, most who have legitimate, reasonable (albeit often wrong) grievances to express. This speech is clearly being suppressed by gun wielding thugs in Portland, Oregon.

Those like Jillian see this as dealing with unreasonable speech, we see this as a problem of tolerably wrong speech. Those like Jillian York aren’t defending the right to free speech because, in their minds, they’ve vilified the people they disagree with. But that’s that’s exactly when, and only when, free speech needs our protection, when those speaking out have been vilified, and their repression seems just. Look at how Russia suppresses supporters of gay rights, with exactly this sort of vilification, whereby the majority of the populace sees the violence and policing as a legitimate response to speech that should not be free.

We aren’t fighting a slippery slope here, by defending Nazis. We’ve already slid down that slope, where reasonable people’s rights are being violated. We are fighting to get back up top.

–> –>

YouTube Content ID Critic Doesn’t Appreciate the Irony

Post Syndicated from Andy original https://torrentfreak.com/youtube-content-id-critic-doesnt-appreciate-the-irony-170514/

YouTube is not only one of the best sites on the Internet today but is arguably the best multimedia platform ever created. There can be barely a person alive who has heard of the Internet but not of YouTube. The site is that important.

But today, YouTube has problems. Despite generating hundreds of millions each year for the music industry, the major labels argue that the company fails to do enough about piracy while exploiting the safe harbor provisions of the DMCA.

YouTube sees things quite differently. The company says that its Content ID recognition system, which was developed at huge cost, allows creators to block or monetize otherwise pirated content uploaded to the platform by users.

Like every anti-piracy system ever created, Content ID is fallible. It can be circumvented using various techniques and tricks found on any number of sites and indeed, on YouTube itself. This week, that fact attracted the attention of the Music Tech Policy blog.

“What’s Wrong With Content ID? Start with Dozens of YouTube Videos on How to Defeat It,” wrote editor, industry veteran, and outspoken Google critic, Chris Castle.

Castle begins by talking a little about one of the techniques often used by people trying to evade the clutches of Content ID – changing the tempo of an uploaded music track. The idea is that by altering the speed, the fingerprint of the uploaded track is changed enough for YouTube not to recognize it as an infringing copy.

No doubt it’s a popular trick, but at this point the conspiracy theories begin.

YouTube has a feature which allows people to speed up or slow down videos, which can be handy for speed ‘reading’ an audio book, for example, or slowing down a tutorial so someone inexperienced in the task can keep up.

However, discounting fans of pitch-shifted vocals, Castle says it’s actually there for Google to make money from pirates. Slowed-down, Content ID-evading tracks can be sped back up to enjoy at normal speeds, he says.

“Why is it there? To cater to fans of Alvin and the Chipmunks? No. It’s there so YouTube can monetize illegal copies of music and movies,” he says.

“If Google were serious about piracy, they’d dump the speed control on YouTube. They’d also police the ‘how to’ defeat Content ID videos on YouTube.”

While Castle is perfectly entitled to his opinion (and it’s one that is popular in the industry) he seems oblivious to the fact that his own article not only reveals how Content ID can be gamed, but also goes on to demand that YouTube censors discussion on the same topic.

If that doesn’t already feel like a case of “don’t do as I do, do as I tell you”, then perhaps the next bit will.

Amping the irony up to 11, Castle then embeds one of the Content ID circumvention videos from YouTube into his own article.

How the video appears in the article

Of course, some people will quite rightly argue that in order to properly report on the problem, someone writing on this topic might need to show an example of an ‘offending’ video on YouTube. We wouldn’t disagree with that assertion at all, 100% in agreement.

There are, however, plenty of problems. For a start, discussing how Content ID can be bypassed isn’t illegal, so if any uploaded videos covering that topic are all the creators’ own work, the resulting videos are legal too.

With that in mind, it’s difficult to see what grounds YouTube would have for taking those videos down. If nothing else, it would be seen as stifling free speech, no matter how disappointing that speech is to the music and movie industries.

Admittedly, inciting people to commit a civil wrong might be a problem in some regions, but in most cases that’s not what we’re talking about here, as illustrated by Music Tech Policy’s willingness to embed the video on its site.

The take-home here is that some material on YouTube is always going to be offensive to some people, we just have to learn how to deal with it and in some cases, make the best of it.

For example, last year I was particularly irritated to find a video on YouTube which detailed how my car could be stolen in seconds using a special device. A link to buy that device was included below the video. Screw YouTube, right? Not really.

With the information presented in the video, I was able to find and buy an aftermarket alarm/immobilizer that defeated that device and others like it.

Admittedly the video (and ‘buy’ link) had the potential to recruit other would-be car thieves to the party, but if I hadn’t have seen it too, my car would still be vulnerable today. The thieves, meanwhile, would still have the ability to steal it. As it stands, it’s going nowhere, at least by that method.

Ultimately, knowledge is power and it is absolutely pointless to try and suppress it with censorship, people are always one step ahead. We just need to use all available knowledge to our advantage.

So, despite Chris Castle perhaps not appreciating the irony, he was absolutely within his rights to write that article and embed those videos in order to illustrate a point that is not only important to him, but others too. Whether people agree with him or not is moot.

He shouldn’t be censored, and YouTube shouldn’t be required to censor people either. The site already provides Content ID to millions of satisfied users and presumably, it’s in YouTube’s best interest to have that working as advertised.

That it fails sometimes is no surprise but talking about its weaknesses, on YouTube and sites like Music Tech Policy and indeed here on TF, draws attention to the topic. And only when people are allowed to discuss stuff openly does anything get done.

Censorship is never the answer and only makes matters like these worse.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Court Extends Hold on Megaupload’s MPAA and RIAA Lawsuits

Post Syndicated from Ernesto original https://torrentfreak.com/court-extends-hold-on-megauploads-mpaa-and-riaa-lawsuits-170409/

megaupload-logoWell over five years have passed since Megaupload was shutdown and it’s still unclear how the criminal proceedings will unfold.

A few weeks ago the New Zealand High Court ruled that Kim Dotcom and his former colleagues can be extradited to the US. Not on copyright grounds, but for conspiracy to defraud.

Following the ruling Dotcom quickly announced that he would take the matter to the Court of Appeal, which will prolong the case for several months at least.

While all parties await the outcome of this appeal, the criminal case in the United States remains pending. The same goes for the civil cases launched by the MPAA and RIAA in 2014.

Since the civil cases may influence the criminal proceedings, Megaupload’s legal team previously managed to put these cases on hold, and this week another extension was granted.

Previously there were concerns that the long delays could result in the destruction of evidence, as some of Megaupload’s hard drives were starting to fail. However, after the parties agreed on a solution to back-up and restore the files, this is no longer an issue.

“With the preservation order now in place, Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months, subject to the terms and conditions stated in the proposed order,” the company wrote in the motion to stay.

On Thursday U.S. District Court Judge Liam O’Grady granted Megaupload’s request to stay both lawsuits until October this year, barring any new developments. The music and movie companies didn’t oppose the motion.

The order of U.S. District Court Judge Liam O’Grady is available here (pdf). A copy of Megaupload’s request can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Kim Dotcom’s Historical Speeding Conviction Still a Deportation Danger

Post Syndicated from Andy original https://torrentfreak.com/kim-dotcoms-historical-speeding-conviction-still-a-deportation-danger-170320/

Anyone who knows Kim Dotcom knows that he loves his family, he loves money, he loves the Internet, and he loves cars.

Many of the Megaupload founder’s online videos feature a combination of these things but the latter could yet prove a serious problem for the entrepreneur.

It began on September 10, 2009 when a police radar gun logged Dotcom doing 149km/h (92mph) in a 50km/h (30mph) zone in New Zealand. Dotcom, who was reportedly driving a 3.6-liter AMG Mercedes, was chased by police who eventually caught him about a mile later near to the Coatesville mansion he used to call home.

Dotcom described his driving as a “stupid mistake” and pleaded guilty four days later by letter. He said that he had been testing a new car and had got a bit carried away.

“When spoken to by police the defendant stated he had seen an 80km/h sign. He further stated that he stepped on the gas for 3-4 seconds and then braked and reduced his speed to the speed limit. He also stated he wanted to test the acceleration of the vehicle,” police records state.

Dotcom was fined $500 plus $130 costs and banned from driving for six months but there were to be greater complications. Dotcom failed to declare the motoring conviction on his New Zealand residency application, which he completed eight months after the offense.

In the blurred image below previously released under the Official Information Act, item three shows a ‘No’ response to the question “Have you or any of your family members included in your application, ever been: Convicted of an offense including traffic offenses committed within the last five years, involving dangerous driving [or] driving having consumed excessive alcohol.”

Back in 2015, it was reported that the Immigration Minister would decide within a month whether Dotcom would be allowed to remain in New Zealand or be kicked out of the country – with his family – for failing to make the declaration.

Somewhat bizarrely, however, more than two years later and the case is still ongoing. According to the NZHerald, the case is now in its 29th month and is set to be the “longest, most drawn out investigation of its type.”

As always in matters involving Dotcom, the entrepreneur believes there is a conspiracy bubbling away in the background. He’s describing the inquiry into his non-disclosure as “Plan B” to get him out of the country, a simple deportation if the attempted extradition to the United States (Plan A) fails.

“It is a back and forth with [Immigration New Zealand]. They ask questions, we answer. We asked them what their determination is and they came back with more questions,” Dotcom says.

“I guess they are slow playing this so that they can time their decision according to the final appeal decision in the extradition matter.”

Of course, Dotcom says he’s preparing for a fight if things get out of hand. He’s promising “years of court battles” if a decision is taken to deport him, adding that his team is “confident” it will prevail. At this stage, no one would expect anything less.

The drama over this speeding conviction represents another episode in an amazing few years for Dotcom, a wild story that isn’t over yet. His life to date will soon be available on the silver screen in the movie Kim Dotcom: Caught in the Web, but it’s clear that this will have to be a two-parter, if it’s to recount the full tale.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Pranksters gonna prank

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/03/pranksters-gonna-prank.html

So Alfa Bank (the bank whose DNS traffic link it to trump-email.com) is back in the news with this press release about how in the last month, hackers have spoofed traffic trying to make it look like there’s a tie with Trump. In other words, Alfa claims these packets are trying to frame them for a tie with Trump now, and thus (by extension) it must’ve been a frame last October.

There is no conspiracy here: it’s just merry pranksters doing pranks (as this CNN article quotes me).

Indeed, among the people pranking has been me (not the pranks mentioned by Alfa, but different pranks). I ran a scan sending packets from IP address to almost everyone one the Internet, and set the reverse lookup to “mail1.trumpemail.com”.

Sadly, my ISP doesn’t allow me to put hyphens in the name, so it’s not “trump-email.com” as it should be in order to prank well.

Geeks gonna geek and pranksters gonna prank. I can imagine all sorts of other fun pranks somebody might do in order to stir the pot. Since the original news reports of the AlfaBank/trump-email.com connection last year, we have to assume any further data is tainted by goofballs like me goofing off.

By the way, in my particular case, there’s a good lesson to be had here about the arbitrariness of IP addresses and names. There is no server located at my IP address of 209.216.230.75. No such machine exists. Instead, I run my scans from a nearby machine on the same network, and “spoof” that address with masscan:

$ masscan 0.0.0.0/0 -p80 –banners –spoof-ip 209.216.230.75

This sends a web request to every machine on the Internet from that IP address, despite no machine anywhere being configured with that IP address.

I point this out because people are confused by the meaning of an “IP address”, or a “server”, “domain”, and “domain name”. I can imagine the FBI looking into this and getting a FISA warrant for the server located at my IP address, and my ISP coming back and telling them that no such server exists, nor has a server existed at that IP address for many years.

In the case of last years story, there’s little reason to believe IP spoofing was happening, but the conspiracy theory still breaks down for the same reason: the association between these concepts is not what you think it is. Listrak, the owner of the server at the center of the conspiracy, still reverse resolves the IP address 66.216.133.29 as “mail1.trump-email.com”, either because they are lazy, or because they enjoy the lulz.

It’s absurd thinking anything sent by the server is related to the Trump Orgainzation today, and it’s equally plausible that nothing the server sent was related to Trump last year as well, especially since (as CNN reports), Trump had severed their ties with Cendyn (the marketing company that uses Listrak servers for email).


Also, as mentioned in a previous blog post, I set my home network’s domain to be “moscow.alfaintra.net”, which means that some of my DNS lookups at home are actually being sent to Alfa Bank. I should probably turn this off before the FBI comes knocking at my door.