Tag Archives: defense

Kodi-Addon Developer Gives Up Piracy Defense Due to Lack of Funds

Post Syndicated from Ernesto original https://torrentfreak.com/kodi-addon-developer-gives-up-piracy-defense-due-to-lack-of-funds-180521/

Last year, American satellite and broadcast provider Dish Network targeted two well-known players in the third-party Kodi add-on ecosystem.

In a complaint filed in a federal court in Texas, add-on ZemTV and the TVAddons library were accused of copyright infringement, with both facing up to $150,000 for each offense.

While TVAddons operator Adam Lackman responded to the allegations last week, ZemTV’s developer ‘Shani’ decided not to reply.

Shahjahan Durrani, Shani for short, never denied that he was the driving force behind the Kodi-addons ZemTV, LiveStreamsPro, and F4MProxy. While the London-based developer had never set foot in Texas, he initially planned to put up a defense. Financially, however, this was a problem.

ZemTV’s developer launched a fundraiser last fall to crowdsource the legal battle. While he was able to raise close to £1,000, the legal costs already exceeded that the case even got fully underway.

Without the ability to pay the legal costs Shani is unable to put up a proper defense. But speaking with TorrentFreak, he explains that after the motion to dismiss was denied, he didn’t have much hope for a fair trial anyway.

“I was shocked and disappointed, not only by reading that the court dismissed my jurisdiction appeal, they did so with just one sentence. It seems unfair and doesn’t give any confidence to me that the court/judge would be fair,” Shani tells us.

This left the developer with two options. Find a way to fund the legal battle, money which may never be recovered, or give up the fight and face a default judgment. Shani chose the latter option.

Shani told his attorney Erin Russel to cease all activity on the case and to take no further steps on his behalf.

“I don’t have enough resources to fight this case completely with four kids that I am raising and anything more I do will be seem to be submitting to the US Courts which I am not going to do unless I have enough money to fight the case,” the developer wrote in an email to Russel.

The attorney informed the court of this decision late last week and withdrew from the case.

This means that the lawsuit is steering towards a default judgment, and indeed, Dish has already moved for an entry of default.

“To date, Durrani has not filed an answer or other responsive pleading or requested additional time to do so,” Dish’s motion reads. “Accordingly, the Clerk should enter a default against Durrani.”

Shani still hopes that Dish will not push through. The developer stresses that he never operated any of the servers that provided copyright-infringing streams, nor has he ever made money from his addons.

“I hope they would let the matter go as the addon code has been taken down for more than a year now. Plus, they already know by the return of the subpoena to the servers that none of them were handled or paid by me,” Shani says.

“This was an open source addon and no one would pay hundreds of pounds to host the servers/streams in the hope that people would donate. I actually never ever asked for any donation and never ever earned a single penny from Kodi addons.”

ZemTV, like many other addons, merely offered the interface that makes it possible to watch third-party streams on the Kodi platform. While that may be infringement or not, the developer notes that despite the lawsuit, these third-party streams are still online.

“The irony of all this mess is that those servers and apps are still functional and working while I am dealing with this illogical case,” Shani concludes.

If the Texas District Court enters the default, Dish will demand a judgment which likely includes thousands of dollars in damages. However, since Durrani lives in the UK and has no assets in the US, these damages may be hard to recoup.

Dish’s request for an entry of default is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

TVAddons Denies Copyright Infringement Claims in Court

Post Syndicated from Ernesto original https://torrentfreak.com/tvaddons-denies-copyright-infringement-claims-in-court-180518/

Last year, American satellite and broadcast provider Dish Network targeted two well-known players in the third-party Kodi add-on ecosystem.

In a complaint filed in a federal court in Texas, add-on ZemTV and the TVAddons library were accused of copyright infringement. As a result, both are facing up to $150,000 in damages for each offense.

The owner and operator of TVAddons, Adam Lackman, and ZemTV developer, Shahjahan Durrani, previously asked the court to dismiss the case, because neither reside in the United States.

The request was recently denied and the case continues. This means that the defendants must respond to the allegations at the Texas District Court. Yesterday, TVAddons’ lawyer Jason Sweet submitted the answers of defendant Adam Lackman, who denies many of the claims put forward by Dish.

TVAddons’ operator denies that he had the “ability to supervise and control” the alleged infringing activity of ZemTV, as Dish stated, and also refutes the claims that he received a “direct financial benefit” and “refused to take any action” to stop the infringement.

Lackman does confirm that ZemTV was available for download through TVAddons and that Dish sent a takedown notice to have it removed. TVAddons received this notice and forwarded it to the developer of the addon.

The answers are very minimal and mostly deny the complaint’s claims. However, the filing also includes several affirmative defenses, which provide some more insight and detail.

In the complaint, TVAddons’ operator stands accused of “contributory / inducing copyright infringement,” but his lawyer points out that these are two different claims with separate thresholds which can’t be combined.

One requires knowledge of and a material contribution to the infringement, for example, while the other deals with the distribution of a device or product through which the infringing use is promoted.

“Contributory infringement and inducing infringement are two distinct causes of action and cannot be combined when pled. Federal Rule of Civil Procedure 10(b) requires separate counts for separate claims,” Sweet writes.

And there are other points of confusion highlighted by the defense. Dish has stated that the copyrighted works at issue have not been registered, as that is no longer required to file a lawsuit under the Copyright Act.

While that is correct, TVAddons’ lawyer points out that it prevents Dish from seeking statutory damages and attorneys fees or costs, because that does require copyright registration.

“Plaintiff is not entitled to statutory damages, including attorney’s fees and costs because registration is required for foreign works to gain the procedural benefits of a prima facie presumption of the validity of a copyright, statutory damages, and attorney’s fees..,” the defense writes.

Adding to that, TVAddons’ operator denies that he engaged in or contributed to any of the alleged infringements. And if there was any wrongdoing, this was certainly not intended.

“Defendant was not aware and had no reason to believe that any of his acts constituted an infringement of copyright. Any infringement by Defendant was innocent and not willful.”

The response is just the start of the case and both sides are expected to conduct further discovery to back up their respective positions. ZemTV’s operator, whose alleged infringements are central to the TVAddons case, has yet to file his answers.

TVAddons, meanwhile, remains operational through TVAddons.co with a reduced library of addons. After it was decimated last year, the site has started to regain its user base, in the hope that they will support the legal battle.

“If you are tired of seeing big companies act like they own the law, please consider making a donation to help us pay our lawyers. This lawsuit is about more than just us, it’s about the expansion of copyright law and a big bad corporation trying to bully us into submission,” TVAddons wrote last week.

A copy of TVAddons answer to the amended complaint is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Metallica Was Right About Suing Napster, Guitarist Says

Post Syndicated from Ernesto original https://torrentfreak.com/metallica-was-right-about-suing-napster-guitarist-says-180515/

When Metallica sued the revolutionary file-sharing platform Napster in 2000, the band was both criticized and praised.

Music industry insiders and several other musicians backed the move, but the public wasn’t happy to see their new sharing tool being destroyed.

What followed was a heated legal battle from which Metallica emerged as the clear winner, but not without scars. The defense painted the band as greedy rock stars and Luddites who had no clue about technology, as drummer Lars Ulrich later recalled.

Today, nearly two decades later, the world has moved on. Napster is long dead and gone, but online piracy is still very much alive. Perhaps even more so than in the early 2000s.

In an interview with Swedish TV show Nyhetsmorgon picked up by Rolling Stone, Metallica’s lead guitarist Kirk Hammett now says that going after Napster was the right thing to do. While the lawsuit also brought in negative elements, the Napster threat was real.

“The whole Napster thing definitely didn’t do us any favors whatsoever,” Hammett says. “But you know what? We’re still in the right on that. We’re still right about Napster. No matter who’s out there saying, ‘Metallica was wrong’.

“All you have to do is look at the state of the music industry, and that kind of explains the whole situation right there,” Hammett adds.

Metallica’s guitarists appear to suggest that the music industry is still collapsing due to the burden of piracy. Interestingly, however, the music industry’s own figures are rather uplifting.

In 2017, the recorded music market grew by 8.1% worldwide. This was the third growth year in a row, and the highest growth rate since the music industry body IFPI started tracking these numbers in 1997.

This doesn’t mean that piracy has no effect at all, of course. Still, there is still plenty of room to grow, despite this disappearance of the highly profitable CD format. Times have changed, but people are still willing to pay for music.

It’s worth noting that a lot of growth is coming from streaming services, which are good for more than half of all recorded music revenues in the US today. This also happens to be the platform that Metallica has ignored for years.

It took until the release of the 2016 album “Hardwired… to Self-Destruct” until the band embraced streaming more broadly.

Metallica now wants to make sure that their work is accessible legally, even though the outlet is not ideal in their view. This, ironically, means that their work is available on Napster again, as it’s a legal streaming service now.

“We want to be accessible, and you need to have a mixture that you’re accessible on all the modern fronts,” Hammett says in the interview. And indeed, that’s a wise strategy if you want to prevent people from pirating.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Some notes on eFail

Post Syndicated from Robert Graham original https://blog.erratasec.com/2018/05/some-notes-on-efail.html

I’ve been busy trying to replicate the “eFail” PGP/SMIME bug. I thought I’d write up some notes.

PGP and S/MIME encrypt emails, so that eavesdroppers can’t read them. The bugs potentially allow eavesdroppers to take the encrypted emails they’ve captured and resend them to you, reformatted in a way that allows them to decrypt the messages.

Disable remote/external content in email

The most important defense is to disable “external” or “remote” content from being automatically loaded. This is when HTML-formatted emails attempt to load images from remote websites. This happens legitimately when they want to display images, but not fill up the email with them. But most of the time this is illegitimate, they hide images on the webpage in order to track you with unique IDs and cookies. For example, this is the code at the end of an email from politician Bernie Sanders to his supporters. Notice the long random number assigned to track me, and the width/height of this image is set to one pixel, so you don’t even see it:

Such trackers are so pernicious they are disabled by default in most email clients. This is an example of the settings in Thunderbird:

The problem is that as you read email messages, you often get frustrated by the fact the error messages and missing content, so you keep adding exceptions:

The correct defense against this eFail bug is to make sure such remote content is disabled and that you have no exceptions, or at least, no HTTP exceptions. HTTPS exceptions (those using SSL) are okay as long as they aren’t to a website the attacker controls. Unencrypted exceptions, though, the hacker can eavesdrop on, so it doesn’t matter if they control the website the requests go to. If the attacker can eavesdrop on your emails, they can probably eavesdrop on your HTTP sessions as well.

Some have recommended disabling PGP and S/MIME completely. That’s probably overkill. As long as the attacker can’t use the “remote content” in emails, you are fine. Likewise, some have recommend disabling HTML completely. That’s not even an option in any email client I’ve used — you can disable sending HTML emails, but not receiving them. It’s sufficient to just disable grabbing remote content, not the rest of HTML email rendering.

I couldn’t replicate the direct exfiltration

There rare two related bugs. One allows direct exfiltration, which appends the decrypted PGP email onto the end of an IMG tag (like one of those tracking tags), allowing the entire message to be decrypted.

An example of this is the following email. This is a standard HTML email message consisting of multiple parts. The trick is that the IMG tag in the first part starts the URL (blog.robertgraham.com/…) but doesn’t end it. It has the starting quotes in front of the URL but no ending quotes. The ending will in the next chunk.

The next chunk isn’t HTML, though, it’s PGP. The PGP extension (in my case, Enignmail) will detect this and automatically decrypt it. In this case, it’s some previous email message I’ve received the attacker captured by eavesdropping, who then pastes the contents into this email message in order to get it decrypted.

What should happen at this point is that Thunderbird will generate a request (if “remote content” is enabled) to the blog.robertgraham.com server with the decrypted contents of the PGP email appended to it. But that’s not what happens. Instead, I get this:

I am indeed getting weird stuff in the URL (the bit after the GET /), but it’s not the PGP decrypted message. Instead what’s going on is that when Thunderbird puts together a “multipart/mixed” message, it adds it’s own HTML tags consisting of lines between each part. In the email client it looks like this:

The HTML code it adds looks like:

That’s what you see in the above URL, all this code up to the first quotes. Those quotes terminate the quotes in the URL from the first multipart section, causing the rest of the content to be ignored (as far as being sent as part of the URL).

So at least for the latest version of Thunderbird, you are accidentally safe, even if you have “remote content” enabled. Though, this is only according to my tests, there may be a work around to this that hackers could exploit.

STARTTLS

In the old days, email was sent plaintext over the wire so that it could be passively eavesdropped on. Nowadays, most providers send it via “STARTTLS”, which sorta encrypts it. Attackers can still intercept such email, but they have to do so actively, using man-in-the-middle. Such active techniques can be detected if you are careful and look for them.
Some organizations don’t care. Apparently, some nation states are just blocking all STARTTLS and forcing email to be sent unencrypted. Others do care. The NSA will passively sniff all the email they can in nations like Iraq, but they won’t actively intercept STARTTLS messages, for fear of getting caught.
The consequence is that it’s much less likely that somebody has been eavesdropping on you, passively grabbing all your PGP/SMIME emails. If you fear they have been, you should look (e.g. send emails from GMail and see if they are intercepted by sniffing the wire).

You’ll know if you are getting hacked

If somebody attacks you using eFail, you’ll know. You’ll get an email message formatted this way, with multipart/mixed components, some with corrupt HTML, some encrypted via PGP. This means that for the most part, your risk is that you’ll be attacked only once — the hacker will only be able to get one message through and decrypt it before you notice that something is amiss. Though to be fair, they can probably include all the emails they want decrypted as attachments to the single email they sent you, so the risk isn’t necessarily that you’ll only get one decrypted.
As mentioned above, a lot of attackers (e.g. the NSA) won’t attack you if its so easy to get caught. Other attackers, though, like anonymous hackers, don’t care.
Somebody ought to write a plugin to Thunderbird to detect this.

Summary

It only works if attackers have already captured your emails (though, that’s why you use PGP/SMIME in the first place, to guard against that).
It only works if you’ve enabled your email client to automatically grab external/remote content.
It seems to not be easily reproducible in all cases.
Instead of disabling PGP/SMIME, you should make sure your email client hast remote/external content disabled — that’s a huge privacy violation even without this bug.

Notes: The default email client on the Mac enables remote content by default, which is bad:

Iconic Megaupload.com Domain Has a New Owner

Post Syndicated from Ernesto original https://torrentfreak.com/iconic-megaupload-com-domain-has-a-new-owner-180509/

Following the 2012 raid on Megaupload and Kim Dotcom, U.S. and New Zealand authorities seized millions of dollars in cash and other property, located around the world.

Claiming the assets were obtained through copyright and money laundering crimes, the U.S. government launched separate civil cases in which it asked the court to forfeit a wide variety of seized possessions of the Megaupload defendants.

One of these cases was lost after the U.S. branded Dotcom and his colleagues as “fugitives”.The defense team appealed the ruling, but lost again, and a subsequent petition at the Supreme Court was denied.

As a result, Dotcom had to leave behind several bank accounts and servers, as well as all hope of getting some of his dearly treasured domain names back. This includes the most valuable domain of all, Megaupload.com.

The forfeiture was made final earlier this year but since then little was known about the fate of the domain names. This week, however, it became clear that the US Government didn’t plan to hold on to it, as Megaupload.com now has a new owner.

According to the latest Whois information, which was updated late last week, RegistrarAds Inc is now the official Megaupload.com owner. This previously was Megaupload Limited, under FBI control.

New owner

RegistrarAds is a company based in Vancouver, Washington, which specializes in buying domain names. While we could not find a corporate website, the web is littered with domain disputes and other references to domain name issues.

Michelin North America, for example, filed a complaint against RegistrarAds because it registered the michelin-group.com domain, witch success. Similarly, the California Milk Processor Board, most famous for its Got Milk? ads, won a WIPO domain dispute over gotpuremilk.com.

How RegistrarAds obtained the Megaupload domain name isn’t entirely clear. It wasn’t dropped by the registry, but it might be possible that it was scooped up in an auction. Theoretically, the US Government could have sold it too, but we see no evidence for that.

It’s also unknown what the company’s plans are for Megaupload.com. However, given the company’s track record it’s unlikely that it will do anything file-sharing related. The domain hasn’t updated its nameservers yet and remains unreachable at the time of writing.

TorrentFreak reached out to RegistrarAds, hoping to find out more, but we have yet to hear back.

Megaupload.com is not the only domain that changed owners recently. The same happened to Megaclick.com, which is now registered to Buydomains.com. Several of the other seized Megaupload domain names remain in possession of US authorities, for now.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Court Orders Pirate IPTV Linker to Shut Down or Face Penalties Up to €1.25m

Post Syndicated from Andy original https://torrentfreak.com/court-orders-pirate-iptv-linker-to-shut-down-or-face-penalties-up-to-e1-25m-180911/

There are few things guaranteed in life. Death, taxes, and lawsuits filed regularly by Dutch anti-piracy outfit BREIN.

One of its most recent targets was Netherlands-based company Leaper Beheer BV, which also traded under the names Flickstore, Dump Die Deal and Live TV Store. BREIN filed a complaint at the Limburg District Court in Maastricht, claiming that Leaper provides access to unlicensed live TV streams and on-demand movies.

The anti-piracy outfit claimed that around 4,000 live channels were on offer, including Fox Sports, movie channels, commercial and public channels. These could be accessed after the customer made a payment which granted access to a unique activation code which could be entered into a set-top box.

BREIN told the court that the code returned an .M3U playlist, which was effectively a hyperlink to IPTV channels and more than 1,000 movies being made available without permission from their respective copyright holders. As such, this amounted to a communication to the public in contravention of the EU Copyright Directive, BREIN argued.

In its defense, Leaper said that it effectively provided a convenient link-shortening service for content that could already be found online in other ways. The company argued that it is not a distributor of content itself and did not make available anything that wasn’t already public. The company added that it was completely down to the consumer whether illegal content was viewed or not.

The key question for the Court was whether Leaper did indeed make a new “communication to the public” under the EU Copyright Directive, a standard the Court of Justice of the European Union (CJEU) says should be interpreted in a manner that provides a high level of protection for rightsholders.

The Court took a three-point approach in arriving at its decision.

  • Did Leaper act in a deliberate manner when providing access to copyright content, especially when its intervention provided access to consumers who would not ordinarily have access to that content?
  • Did Leaper communicate the works via a new method to a new audience?
  • Did Leaper have a profit motive when it communicated works to the public?
  • The Court found that Leaper did communicate works to the public and intervened “with full knowledge of the consequences of its conduct” when it gave its customers access to protected works.

    “Access to [the content] in a different way would be difficult for those customers, if Leaper were not to provide its services in question,” the Court’s decision reads.

    “Leaper reaches an indeterminate number of potential recipients who can take cognizance of the protected works and form a new audience. The purchasers who register with Leaper are to be regarded as recipients who were not taken into account by the rightful claimants when they gave permission for the original communication of their work to the public.”

    With that, the Court ordered Leaper to cease-and-desist facilitating access to unlicensed streams within 48 hours of the judgment, with non-compliance penalties of 5,000 euros per IPTV subscription sold, link offered, or days exceeded, to a maximum of one million euros.

    But the Court didn’t stop there.

    “Leaper must submit a statement audited by an accountant, supported by (clear, readable copies of) all relevant documents, within 12 days of notification of this judgment of all the relevant (contact) details of the (person or legal persons) with whom the company has had contact regarding the provision of IPTV subscriptions and/or the provision of hyperlinks to sources where films and (live) broadcasts are evidently offered without the permission of the entitled parties,” the Court ruled.

    Failure to comply with this aspect of the ruling will lead to more penalties of 5,000 euros per day up to a maximum of 250,000 euros. Leaper was also ordered to pay BREIN’s costs of 20,700 euros.

    Describing the people behind Leaper as “crooks” who previously sold media boxes with infringing addons (as previously determined to be illegal in the Filmspeler case), BREIN chief Tim Kuik says that a switch of strategy didn’t help them evade the law.

    “[Leaper] sold a link to consumers that gave access to unauthorized content, i.e. pay-TV channels as well as video-on-demand films and series,” BREIN chief Tim Kuik informs TorrentFreak.

    “They did it for profit and should have checked whether the content was authorized. They did not and in fact were aware the content was unauthorized. Which means they are clearly infringing copyright.

    “This is evident from the CJEU case law in GS Media as well as Filmspeler and The Pirate Bay, aka the Dutch trilogy because the three cases came from the Netherlands, but these rulings are applicable throughout the EU.

    “They just keep at it knowing they’re cheating and we’ll take them to the cleaners,” Kuik concludes.

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    How AWS Meets a Physical Separation Requirement with a Logical Separation Approach

    Post Syndicated from Min Hyun original https://aws.amazon.com/blogs/security/how-aws-meets-a-physical-separation-requirement-with-a-logical-separation-approach/

    We have a new resource available to help you meet a requirement for physically-separated infrastructure using logical separation in the AWS cloud. Our latest guide, Logical Separation: An Evaluation of the U.S. Department of Defense Cloud Security Requirements for Sensitive Workloads outlines how AWS meets the U.S. Department of Defense’s (DoD) stringent physical separation requirement by pioneering a three-pronged logical separation approach that leverages virtualization, encryption, and deploying compute to dedicated hardware.

    This guide will help you understand logical separation in the cloud and demonstrates its advantages over a traditional physical separation model. Embracing this approach can help organizations confidently meet or exceed security requirements found in traditional on-premises environments, while also providing increased security control and flexibility.

    Logical Separation is the second guide in the AWS Government Handbook Series, which examines cybersecurity policy initiatives and identifies best practices.

    If you have questions or want to learn more, contact your account executive or AWS Support.

    RIAA: ISP Profited From Keeping Pirating Customers Aboard

    Post Syndicated from Ernesto original https://torrentfreak.com/riaa-isp-profited-from-keeping-pirating-customers-aboard-180508/

    Last year several major record labels, represented by the RIAA, filed a lawsuit against ISP Grande Communications accusing it of turning a blind eye to pirating subscribers.

    According to the RIAA, the Internet provider knew that some of its subscribers were frequently distributing copyrighted material, but failed to take any meaningful action in response.

    Grande refuted the accusations and filed a motion to dismiss the case. The ISP partially succeeded as the claims against its management company Patriot were dropped. The same was true for the vicarious infringement allegations, as the court saw no evidence that the ISP had a direct financial interest in the infringing activity.

    While the RIAA could still go after the ISP for contributory copyright infringement, it wants more. A few days ago, the music group submitted a motion for leave to file an amended complaint including new evidence obtained during discovery.

    Among other things, the RIAA argues in more detail that Grande willingly kept pirating subscribers abroad, to generate more revenue. According to the complaint, Grande terminated accounts of pirating subscribers in the past, but stopped doing so in 2010.

    “The evidence in this case reveals that, until 2010, Grande actually suspended and may even have terminated known repeat infringing customers,” reads the amended complaint, filed at a Texas federal court.

    “But then, from 2011 to 2016, Defendants made the conscious decision not to terminate a single Grande subscriber for copyright infringement, regardless of how much proof they received, from any source, of those subscribers blatant, repeat infringement.”

    After the RIAA filed its lawsuit, Grande allegedly started terminating subscribers again, According to the music group, the ISP hereby implicitly acknowledged that it acted unlawfully during the period in between.

    The new complaint claims that Grande profited from the repeat infringers. They were also the most profitable customers by profit margin, as many had a more lucrative “a la carte” subscription.

    “Defendants’ policy of refusing to take meaningful action against repeat infringers protects a significant revenue stream that Grande receives every month from its many infringing subscribers,” RIAA writes.

    These allegations, including the claim that RIAA members’ sound recordings acted as a draw, are backed up by evidence filed under seal.

    According to the record labels, however, it’s clear that Grande failed to adopt and reasonably implement a policy to stop repeat infringers. As such, it should have no DMCA safe harbor defense and be held liable for both vicarious and contributory copyright infringement.

    In addition, the RIAA stated that newly discovered evidence also shows that the ISPs’ management company Patriot should not escape liability.

    If the court accepts the amended complaint, Grande will have to respond to the new evidence and additional allegations.

    As in the original complaint, the RIAA seeks statutory damages, which could go up to $150,000 per infringed work, actual damages, plus profits generated by Grande as a result of the infringement. The music group also asks for preliminary and permanent injunctions preventing Grande from further infringement.

    A copy of the amended complaint is available here (pdf).

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    ISPs Win Landmark Case to Protect Privacy of Alleged Pirates

    Post Syndicated from Andy original https://torrentfreak.com/isps-win-landmark-case-protect-privacy-alleged-pirates-180508/

    With waves of piracy settlement letters being sent out across the world, the last line of defense for many accused Internet users has been their ISPs.

    In a number of regions, notably the United States, Europe, and the UK, most ISPs have given up the fight, handing subscriber details over to copyright trolls with a minimum of resistance. However, there are companies out there prepared to stand up for their customers’ rights, if eventually.

    Over in Denmark, Telenor grew tired of tens of thousands of requests for subscriber details filed by a local law firm on behalf of international copyright troll groups. It previously complied with demands to hand over the details of individuals behind 22,000 IP addresses, around 11% of the 200,000 total handled by ISPs in Denmark. But with no end in sight, the ISP dug in its heels.

    “We think there is a fundamental legal problem because the courts do not really decide what is most important: the legal security of the public or the law firms’ commercial interests,” Telenor’s Legal Director Mette Eistrøm Krüger said last year.

    Assisted by rival ISP Telia, Telenor subsequently began preparing a case to protect the interests of their customers, refusing in the meantime to comply with disclosure requests in copyright cases. But last October, the District Court ruled against the telecoms companies, ordering them to provide identities to the copyright trolls.

    Undeterred, the companies took their case to the Østre Landsret, one of Denmark’s two High Courts. Yesterday their determination paid off with a resounding victory for the ISPs and security for the individuals behind approximately 4,000 IP addresses targeted by Copyright Collection Ltd via law firm Njord Law.

    “In its order based on telecommunications legislation, the Court has weighed subscribers’ rights to confidentiality of information regarding their use of the Internet against the interests of rightsholders to obtain information for the purpose of prosecuting claims against the subscribers,” the Court said in a statement.

    Noting that the case raised important questions of European Union law and the European Convention on Human Rights, the High Court said that after due consideration it would overrule the decision of the District Court. The rights of the copyright holders do not trump the individuals right to privacy, it said.

    “The telecommunications companies are therefore not required to disclose the names and addresses of their subscribers,” the Court ruled.

    Telenor welcomed the decision, noting that it had received countless requests from law firms to disclose the identities of thousands of subscribers but had declined to hand them over, a decision that has now been endorsed by the High Court.

    “This is an important victory for our right to protect our customers’ data,” said Telenor Denmark’s Legal Director, Mette Eistrøm Krüger.

    “At Telenor we protect our customers’ data and trust – therefore it has been our conviction that we cannot be forced into almost automatically submitting personal data on our customers simply to support some private actors who are driven by commercial interests.”

    Noting that it’s been putting up a fight since 2016 against handing over customers’ data for purposes other than investigating serious crime, Telenor said that the clarity provided by the decision is most welcome.

    “We and other Danish telecom companies are required to log customer data for the police to fight serious crime and terrorism – but the legislation has just been insufficient in relation to the use of logged data,” Krüger said.

    “Therefore I am pleased that with this judgment the High Court has stated that customers’ legal certainty is most important in these cases.”

    The decision was also welcomed by Telia Denmark, with Legal Director Lasse Andersen describing the company as being “really really happy” with “a big win.”

    “It is a victory for our customers and for all telecom companies’ customers,” Andersen said.

    “They can now feel confident that the data that we collect about them cannot be disclosed for purposes other than the terms under which they are collected as determined by the jurisdiction.

    “Therefore, anyone and everybody cannot claim our data. We are pleased that throughout the process we have determined that we will not hand over our data to anyone other than the police with a court order,” Andersen added.

    But as the ISPs celebrate, the opposite is true for Njord Law and its copyright troll partners.

    “It is a sad message to the Danish film and television industry that the possibilities for self-investigating illegal file sharing are complicated and that the work must be left to the police’s scarce resources,” said Jeppe Brogaard Clausen of Njord Law.

    While the ISPs finally stood up for users in these cases, Telenor in particular wishes to emphasize that supporting the activities of pirates is not its aim. The company says it does not support illegal file-sharing “in any way” and is actively working with anti-piracy outfit Rights Alliance to prevent unauthorized downloading of movies and other content.

    The full decision of the Østre Landsret can be found here (Danish, pdf)

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    NIST Issues Call for "Lightweight Cryptography" Algorithms

    Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/05/nist_issues_cal.html

    This is interesting:

    Creating these defenses is the goal of NIST’s lightweight cryptography initiative, which aims to develop cryptographic algorithm standards that can work within the confines of a simple electronic device. Many of the sensors, actuators and other micromachines that will function as eyes, ears and hands in IoT networks will work on scant electrical power and use circuitry far more limited than the chips found in even the simplest cell phone. Similar small electronics exist in the keyless entry fobs to newer-model cars and the Radio Frequency Identification (RFID) tags used to locate boxes in vast warehouses.

    All of these gadgets are inexpensive to make and will fit nearly anywhere, but common encryption methods may demand more electronic resources than they possess.

    The NSA’s SIMON and SPECK would certainly qualify.

    ISP Sued For Breaching User Privacy After Blocking Pirate Sites

    Post Syndicated from Andy original https://torrentfreak.com/isp-sued-for-breaching-user-privacy-after-blocking-pirate-sites-180428/

    After hinting at moves to curb online piracy last month, on April 13 the Japanese government announced
    emergency measures to target websites hosting pirated manga, anime and other types of content.

    In common with dozens of counterparts around the world, the government said it favored site-blocking as the first line of defense. However, with no specific legislation to fall back on, authorities asked local ISPs if they’d come along for the ride voluntarily. On Monday, the Nippon Telegraph and Telephone Corp. (NTT) announced that it would.

    “We have taken short-term emergency measures until legal systems on site-blocking are implemented,” NTT in a statement.

    NTT Communications Corp., NTT Docomo Inc. and NTT Plala Inc., said they would target three sites highlighted by the government – Mangamura, AniTube! and MioMio – which together have a huge following in Japan.

    The service providers added that at least in the short-term, they would prevent access to the sites using DNS blocking and would restrict access to other sites if requested to do so by the government. But, just a few days on, NTT is already facing problems.

    Lawyer Yuichi Nakazawa has now launched legal action against NTT, demanding that the corporation immediately ends its site-blocking operations.

    The complaint, filed at the Tokyo District Court, notes that the lawyer uses an Internet connection provided by NTT. Crucially, it also states that in order to block access to the sites in question, NTT would need to spy on customers’ Internet connections to find out if they’re trying to access the banned sites.

    The lawyer informs TorrentFreak that the ISP’s decision prompted him into action.

    “NTT’s decision was made arbitrarily on the site without any legal basis. No matter how legitimate the objective of copyright infringement is, it is very dangerous,” Nakazawa explains.

    “I felt that ‘freedom,’ which is an important value of the Internet, was threatened. Actually, when the interruption of communications had begun, the company thought it would be impossible to reverse the situation, so I filed a lawsuit at this stage.”

    Breaches of privacy could present a significant problem under Japanese law. The Telecommunications Business Act guarantees privacy of communications and prevents censorship, as does Article 21 of the Constitution.

    “The secrecy of communications being handled by a telecommunications carrier shall not be violated,” the Telecommunications Business Act states, adding that “no communications being handled by a telecommunications carrier shall be censored.”

    The Constitution is also clear, stating that “no censorship shall be maintained, nor shall the secrecy of any means of communication be violated.”

    For his part, lawyer Yuichi Nakazawa is also concerned that his contract with the ISP is being breached.

    “There is an Internet connection agreement between me and NTT. I am a customer of NTT. There is no provision in the contract between me and NTT to allow arbitrary interruption of communications,” he explains.

    Nakazawa doesn’t appear to be against site-blocking per se, he’s just concerned that relevant laws and agreements are being broken.

    “It is necessary to restrict sites of pirated publications but that does not mean you can do anything,” Nakazawa said, as quoted by Mainichi. “We should have sufficient discussions for an appropriate measure, including revising the law.”

    The question of whether site-blocking does indeed represent an invasion of privacy will probably come down to how the ISP implements it and how that is interpreted by the courts.

    A source familiar with the situation told TF that spying on user connections is clearly a problem but the deployment of an outer network firewall rule that simply prevents traffic passing through might be viewed differently.

    Such a rule would provide no secret or private information that wasn’t already available to the ISP when the customer requested a banned site through a web browser, although it still falls foul of the “no censorship” requirements of both the Constitution and Telecommunications Business Act.

    NTT Communications has declined to comment on the lawsuit but says it had no plans to backtrack on plans to block the sites. Earlier this week, SoftBank Corp., another ISP considering a blockade, expressed concerns that site-blocking has the potential to infringe secrecy of communications rules.

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    Epic Responds to Cheating Fortnite Kid’s Mom in Court

    Post Syndicated from Ernesto original https://torrentfreak.com/epic-responds-to-cheating-fortnite-kids-mom-in-court-180424/

    Last fall, Epic Games released Fortnite’s free-to-play “Battle Royale” game mode, generating massive interest among gamers.

    This also included thousands of cheaters, many of whom were subsequently banned. Epic Games then went a step further by taking several cheaters to court for copyright infringement.

    One of the alleged cheaters turned out to be a minor, who’s referred to by his initials C.R. in the Carolina District Court. Epic Games wasn’t aware of this when it filed the lawsuit, but the kid’s mother let the company know, loud and clear.

    “This company is in the process of attempting to sue a 14-year-old child,” the mother informed the Court last fall.

    Among other defenses, the mother highlighted that the EULA, which the game publisher relies heavily upon in the complaint, isn’t legally binding. The EULA states that minors require permission from a parent or legal guardian, which was not the case here.

    “Please note parental consent was not issued to [my son] to play this free game produced by Epic Games, INC,” the mother wrote in her letter.

    After this letter, things went quiet. Epic managed to locate and serve the defendant with help from a private investigator, but no official response to the complaint was filed. This eventually prompted Epic to request an entry of default.

    However, US District Court Malcolm Howard wouldn’t allow Epic to cruise to a win that easily. Instead, he ruled that the mother’s letter should be seen as a motion to dismiss the case.

    “While it is true that defendant has not responded since proper service was effectuated, the letter from defendant’s mother detailing why this matter should be dismissed cannot be ignored,” Judge Howard wrote earlier this month.

    As a result, Epic Games had to reply to the letter, which it did yesterday. In a redacted motion the game publisher argues that most of the mother’s arguments failed to state a claim and are therefore irrelevant.

    Epic argues that the only issue that remains is the lack of parental consent when C.R. agreed to the EULA and the Terms. The mother argued that these are not valid agreements because her son is a minor, but Epic disagrees.

    “This ‘infancy defense’ is not available to C.R,” Epic writes, pointing to jurisprudence where another court ruled that a minor can’t use the infancy defense to void contractual obligations while keeping the benefits of the same contract.

    “C.R. affirmatively agreed to abide by Epic’s Terms and EULA, and ‘retained the benefits’ of the contracts he entered into with Epic. Accordingly, C.R. should not be able to ‘use the infancy defense to void [his] contractual obligations by retaining the benefits of the contract[s]’.”

    Epic further argues that it’s clear that the cheater infringed on Epic’s copyrights and facilitated others to do the same. As such, the company asks the Court to deny the mother’s motion to dismiss.

    If the Court agrees, Epic can request an entry of default. It did the same in a related case against another minor defendant earlier, which was granted by the Court late last week.

    If that happens, the underage defendants risk a default judgment. This is likely to include a claim for monetary damages as well as an injunction prohibiting the minors from any copyright infringement or cheating in the future.

    A copy of Epic Games’ redacted reply is available here (pdf).

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    [$] A successful defense against a copyright troll

    Post Syndicated from jake original https://lwn.net/Articles/752485/rss

    At the 2018 Legal and
    Licensing Workshop
    (LLW), which is a yearly gathering
    of lawyers and technical folks organized by the Free Software Foundation
    Europe (FSFE), attendees got more details on a recent hearing in a German GPL
    enforcement case. Marcus von Welser is a lawyer who represented the
    defendant, Geniatech,
    in a case that was brought by Patrick
    McHardy
    . In the presentation, von
    Welser was joined by
    Armijn Hemel, who helped
    Geniatech in its compliance efforts. The hearing
    was of interest for a number of reasons, not least because McHardy
    withdrew his request for an injunction once it became clear that the judge
    was leaning in
    favor of the defendants
    —effectively stopping this case dead in its tracks.

    OMG The Stupid It Burns

    Post Syndicated from Robert Graham original https://blog.erratasec.com/2018/04/omg-stupid-it-burns.html

    This article, pointed out by @TheGrugq, is stupid enough that it’s worth rebutting.

    The article starts with the question “Why did the lessons of Stuxnet, Wannacry, Heartbleed and Shamoon go unheeded?“. It then proceeds to ignore the lessons of those things.
    Some of the actual lessons should be things like how Stuxnet crossed air gaps, how Wannacry spread through flat Windows networking, how Heartbleed comes from technical debt, and how Shamoon furthers state aims by causing damage.
    But this article doesn’t cover the technical lessons. Instead, it thinks the lesson should be the moral lesson, that we should take these things more seriously. But that’s stupid. It’s the sort of lesson people teach you that know nothing about the topic. When you have nothing of value to contribute to a topic you can always take the moral high road and criticize everyone for being morally weak for not taking it more seriously. Obviously, since doctors haven’t cured cancer yet, it’s because they don’t take the problem seriously.
    The article continues to ignore the lesson of these cyber attacks and instead regales us with a list of military lessons from WW I and WW II. This makes the same flaw that many in the military make, trying to understand cyber through analogies with the real world. It’s not that such lessons could have no value, it’s that this article contains a poor list of them. It seems to consist of a random list of events that appeal to the author rather than events that have bearing on cybersecurity.
    Then, in case we don’t get the point, the article bullies us with hyperbole, cliches, buzzwords, bombastic language, famous quotes, and citations. It’s hard to see how most of them actually apply to the text. Rather, it seems like they are included simply because he really really likes them.
    The article invests much effort in discussing the buzzword “OODA loop”. Most attacks in cyberspace don’t have one. Instead, attackers flail around, trying lots of random things, overcoming defense with brute-force rather than an understanding of what’s going on. That’s obviously the case with Wannacry: it was an accident, with the perpetrator experimenting with what would happen if they added the ETERNALBLUE exploit to their existing ransomware code. The consequence was beyond anybody’s ability to predict.
    You might claim that this is just the first stage, that they’ll loop around, observe Wannacry’s effects, orient themselves, decide, then act upon what they learned. Nope. Wannacry burned the exploit. It’s essentially removed any vulnerable systems from the public Internet, thereby making it impossible to use what they learned. It’s still active a year later, with infected systems behind firewalls busily scanning the Internet so that if you put a new system online that’s vulnerable, it’ll be taken offline within a few hours, before any other evildoer can take advantage of it.
    See what I’m doing here? Learning the actual lessons of things like Wannacry? The thing the above article fails to do??
    The article has a humorous paragraph on “defense in depth”, misunderstanding the term. To be fair, it’s the cybersecurity industry’s fault: they adopted then redefined the term. That’s why there’s two separate articles on Wikipedia: one for the old military term (as used in this article) and one for the new cybersecurity term.
    As used in the cybersecurity industry, “defense in depth” means having multiple layers of security. Many organizations put all their defensive efforts on the perimeter, and none inside a network. The idea of “defense in depth” is to put more defenses inside the network. For example, instead of just one firewall at the edge of the network, put firewalls inside the network to segment different subnetworks from each other, so that a ransomware infection in the customer support computers doesn’t spread to sales and marketing computers.
    The article talks about exploiting WiFi chips to bypass the defense in depth measures like browser sandboxes. This is conflating different types of attacks. A WiFi attack is usually considered a local attack, from somebody next to you in bar, rather than a remote attack from a server in Russia. Moreover, far from disproving “defense in depth” such WiFi attacks highlight the need for it. Namely, phones need to be designed so that successful exploitation of other microprocessors (namely, the WiFi, Bluetooth, and cellular baseband chips) can’t directly compromise the host system. In other words, once exploited with “Broadpwn”, a hacker would need to extend the exploit chain with another vulnerability in the hosts Broadcom WiFi driver rather than immediately exploiting a DMA attack across PCIe. This suggests that if PCIe is used to interface to peripherals in the phone that an IOMMU be used, for “defense in depth”.
    Cybersecurity is a young field. There are lots of useful things that outsider non-techies can teach us. Lessons from military history would be well-received.
    But that’s not this story. Instead, this story is by an outsider telling us we don’t know what we are doing, that they do, and then proceeds to prove they don’t know what they are doing. Their argument is based on a moral suasion and bullying us with what appears on the surface to be intellectual rigor, but which is in fact devoid of anything smart.
    My fear, here, is that I’m going to be in a meeting where somebody has read this pretentious garbage, explaining to me why “defense in depth” is wrong and how we need to OODA faster. I’d rather nip this in the bud, pointing out if you found anything interesting from that article, you are wrong.

    [$] Finding Spectre vulnerabilities with smatch

    Post Syndicated from corbet original https://lwn.net/Articles/752408/rss

    The furor over the Meltdown and Spectre vulnerabilities has calmed a bit —
    for now, at least — but that does not mean that developers have stopped
    worrying about them. Spectre variant 1 (the bounds-check bypass
    vulnerability) has been of particular concern because, while the kernel is
    thought to contain numerous vulnerable spots, nobody really knows how to
    find them all. As a result, the defenses that have been developed for
    variant 1 have only been deployed in a few places. Recently, though,
    Dan Carpenter has enhanced the smatch tool to enable it to find possibly
    vulnerable code in the kernel.

    Introducing Microsoft Azure Sphere

    Post Syndicated from corbet original https://lwn.net/Articles/751994/rss

    Microsoft has issued a
    press release
    describing the security dangers involved with the
    Internet of things (“a weaponized stove, baby monitors that spy, the
    contents of your refrigerator being held for ransom
    “) and introducing
    “Microsoft Azure Sphere” as a combination of hardware and software to
    address the problem. “Unlike the RTOSes common to MCUs today, our
    defense-in-depth IoT OS offers multiple layers of security. It combines
    security innovations pioneered in Windows, a security monitor, and a custom
    Linux kernel to create a highly-secured software environment and a
    trustworthy platform for new IoT experiences.

    DARPA Funding in AI-Assisted Cybersecurity

    Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/04/darpa_funding_i.html

    DARPA is launching a program aimed at vulnerability discovery via human-assisted AI. The new DARPA program is called CHESS (Computers and Humans Exploring Software Security), and they’re holding a proposers day in a week and a half.

    This is the kind of thing that can dramatically change the offense/defense balance.

    Japan Seeks to Outmaneuver Constitution With Piracy Blocking Proposals

    Post Syndicated from Andy original https://torrentfreak.com/japan-seeks-to-outmaneuver-constitution-with-piracy-blocking-proposals-180406/

    Speaking at a news conference last month, Japan’s Chief Cabinet Secretary Yoshihide Suga said that the Japanese government is considering measures to prohibit access to pirate sites, initially to protect the country’s manga and anime industries.

    “The damage is getting worse. We are considering the possibilities of all measures including site blocking,” he said.

    But Japan has a problem.

    The country has no specific legislation that allows for site-blocking of any kind, let alone on copyright infringement grounds. In fact, the constitution expressly supports freedom of speech and expressly forbids censorship.

    “Freedom of assembly and association as well as speech, press and all other forms of expression are guaranteed,” Article 21 reads.

    “No censorship shall be maintained, nor shall the secrecy of any means of communication be violated,” the constitution adds.

    Nevertheless, the government appears determined to do something about the piracy threat. As detailed last month, that looks like manifesting itself in a site-blocking regime. But how will this be achieved?

    Mainichi reports that the government will argue there are grounds for “averting present danger”, a phrase that’s detailed in Article 37 of Japan’s Penal Code.

    “An act unavoidably performed to avert a present danger to the life, body, liberty
    or property of oneself or any other person is not punishable only when the harm
    produced by such act does not exceed the harm to be averted,” the Article (pdf) begins.

    It’s fairly clear that this branch of Japanese law was never designed for use against pirate sites. Furthermore, there is also a clause noting that where an act (in this case blocking) causes excessive harm it may lead “to the punishment being reduced or may exculpate the offender in light of the circumstances.”

    How, when, or if that ever comes into play will remain to be seen but in common with most legal processes against pirate site operators elsewhere, few turn up to argue in their defense. A contested process is therefore unlikely.

    It appears that rather than forcing Internet providers into compliance, the government will ask for their “understanding” on the basis that damage is being done to the anime and manga industries. ISPs reportedly already cooperate to censor child abuse sites so it’s hoped a similar agreement can be reached on piracy.

    Initially, the blocking requests will relate to just three as-yet-unnamed platforms, one local and two based outside the country. Of course, this is just the tip of the iceberg and if ISPs agree to block this trio, more demands are sure to follow.

    Meanwhile, the government is also working towards tightening up the law to deal with an estimated 200 local sites that link, but do not host pirated content. Under current legislation, linking isn’t considered illegal, which is a major problem given the manner in which most file-sharing and streaming is carried out these days.

    However, there are also concerns that any amendments to tackle linking could fall foul of the constitutional right to freedom of expression. It’s a problem that has been tackled elsewhere, notably in Europe, but in most cases the latter has been trumped by the former. In any event, the government will need to tread carefully.

    The proposals are expected to be formally approved at a Cabinet meeting on crime prevention policy later this month, Mainichi reports.

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

    New – Encryption of Data in Transit for Amazon EFS

    Post Syndicated from Jeff Barr original https://aws.amazon.com/blogs/aws/new-encryption-of-data-in-transit-for-amazon-efs/

    Amazon Elastic File System was designed to be the file system of choice for cloud-native applications that require shared access to file-based storage. We launched EFS in mid-2016 and have added several important features since then including on-premises access via Direct Connect and encryption of data at rest. We have also made EFS available in additional AWS Regions, most recently US West (Northern California). As was the case with EFS itself, these enhancements were made in response to customer feedback, and reflect our desire to serve an ever-widening customer base.

    Encryption in Transit
    Today we are making EFS even more useful with the addition of support for encryption of data in transit. When used in conjunction with the existing support for encryption of data at rest, you now have the ability to protect your stored files using a defense-in-depth security strategy.

    In order to make it easy for you to implement encryption in transit, we are also releasing an EFS mount helper. The helper (available in source code and RPM form) takes care of setting up a TLS tunnel to EFS, and also allows you to mount file systems by ID. The two features are independent; you can use the helper to mount file systems by ID even if you don’t make use of encryption in transit. The helper also supplies a recommended set of default options to the actual mount command.

    Setting up Encryption
    I start by installing the EFS mount helper on my Amazon Linux instance:

    $ sudo yum install -y amazon-efs-utils

    Next, I visit the EFS Console and capture the file system ID:

    Then I specify the ID (and the TLS option) to mount the file system:

    $ sudo mount -t efs fs-92758f7b -o tls /mnt/efs

    And that’s it! The encryption is transparent and has an almost negligible impact on data transfer speed.

    Available Now
    You can start using encryption in transit today in all AWS Regions where EFS is available.

    The mount helper is available for Amazon Linux. If you are running another distribution of Linux you will need to clone the GitHub repo and build your own RPM, as described in the README.

    Jeff;

    GoDaddy Ordered to Suspend Four Music Piracy Domains

    Post Syndicated from Andy original https://torrentfreak.com/godaddy-ordered-to-suspend-four-music-piracy-domains-180327/

    There are many methods used by copyright holders and the authorities in their quest to disable access to pirate sites.

    Site blocking is one of the most popular but pressure can also be placed on web hosts to prevent them from doing business with questionable resources. A skip from one host to another usually solves the problem, however.

    Another option is to target sites’ domains directly, by putting pressure on their registrars. It’s a practice that has famously seen The Pirate Bay burn through numerous domains in recent years, only for it to end up back on its original domain, apparently unscathed. Other sites, it appears, aren’t always so lucky.

    As a full member of IFPI, the Peruvian Union of Phonographic Producers (UNIMPRO) protects the rights of record labels and musicians. Like its counterparts all over the world, UNIMPRO has a piracy problem and a complaint filed against four ‘pirate’ sites will now force the world’s largest domain registrar into action.

    Mp3Juices-Download-Free.com, Melodiavip.net, Foxmusica.site and Fulltono.me were all music sites offering MP3 content without the copyright holders’ permission. None are currently available but the screenshot below shows how the first platform appeared before it was taken offline.

    MP3 Juices Downnload Free

    Following a complaint against the sites by UNIMPRO, the Copyright Commission (Comisión de Derecho de Autor) conducted an investigation into the platforms’ activities. The Commission found that the works they facilitated access to infringed copyright. It was also determined that each site generated revenue from advertising.

    Given the illegal nature of the sites and the high volume of visitors they attract, the Commission determined that they were causing “irreparable damage” to legitimate copyright holders. Something, therefore, needed to be done.

    The action against the sites involved the National Institute for the Defense of Competition and the Protection of Intellectual Property (Indecopi), an autonomous public body of the Peruvian state tasked with handling anti-competitive behavior, unfair competition, and intellectual property matters.

    Indecopi HQ

    After assessing the evidence, Indecopi, through the Copyright Commission, issued precautionary (interim) measures compelling US-based GoDaddy, the world’s largest domain registrar which handles the domains for all four sites, to suspend them with immediate effect.

    “The Copyright Commission of INDECOPI issued four precautionary measures in order that the US company Godaddy.com, LLC (in its capacity as registrar of domain names) suspend the domains of four websites, through which it would have infringed the legislation on Copyright and Related Rights, by making available a large number of musical phonograms without the corresponding authorization, to the detriment of its legitimate owners,” Indecopi said in a statement.

    “The suspension was based on the great evidence that was provided by the Commission, on the four websites that infringe copyright, and in the framework of the policy of support for the protection of intellectual property.”

    Indecopi says that GoDaddy can file an appeal against the decision. At the time of writing, none of the four domains currently returns a working website.

    TorrentFreak has requested a comment from GoDaddy but at the time of publication, we were yet to receive a response.

    Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.