Tag Archives: det

How Effective is The UK Pirate Bay Blockade?

Post Syndicated from Ernesto original https://torrentfreak.com/how-effective-is-the-uk-pirate-bay-blockade-180527/

blocked-censorWebsite blocking is without a doubt one of the favorite anti-piracy tools of the entertainment industries.

The UK is a leader on this front after the High Court ordered the largest ISPs to block access to popular file-sharing sites. Over time the number of blocked URLs in the UK has grown to well over 1,000, including many popular torrent, streaming, and direct download sites.

The Pirate Bay is arguably the biggest target of all. Not only is the site itself blocked by major ISPs, many proxy sites and proxy linking sites are blacklisted as well. The goal of these efforts is to prevent people from accessing the notorious torrent site, but that’s easier said than done.

This week, we decided to take a look at the most visited ‘pirate’ sites in the UK. For this quest, we used data from the traffic monitoring company Alexa, which is often cited by copyright holders as well. Despite the blocking efforts, we spotted quite a few pirate sources among the UK’s top sites.

As it stands, Pirateproxy.sh tops the list. This Pirate Bay proxy is the 115th most-visited site in the UK, which is good for an estimated fifteen million visits per month.

Looking at the list of the 500 most-visited sites in the UK, Pirateproxy.sh is just one of the many Pirate Bay oriented sites. The proxy indexer Unblocked.mx is ranked 227th, for example, while Piratebays.be, Proxybay.bz, Unblocked.lat, Piratebayproxylist.net and Proxyof.com all make an appearance as well.

Most surprising, perhaps, is that the regular ThePirateBay.org still gets a decent amount of traffic too, as it’s currently ranked 319th. That’s more popular than in some other countries where there are no ISP restrictions. This traffic comes in part from VPNs.

Pirateproxy.sh

Does this mean that the blockades have no effect at all? No, that’s impossible to conclude based on these observations. What it does show, however, is that there is still plenty of Pirate Bay traffic in the UK, even to the original site.

Pirateproxy.sh, for example, is part of the ‘Unblocked‘ team which operates a series of proxies and proxy indexes. Since 2013, they’ve been actively providing people with workarounds for blocked sites and continuously launch new domains when theirs are added to the blocklists.

The Unblocked operator believes that while some people may be deterred by the ISP blocks, many are not.

“Although the blocks have had the intended effect of blocking popular file-sharing sites, I don’t believe they are effective since users have access to many workarounds to access these sites,” he explains.

“For any given blocked site, there will be countless proxy sites available with new domains constantly being created.”

Unblocked regularly updates its domains after they are added to the blocklist, which is usually once a month. Just a few weeks ago the main proxy index moved from Unblocked.mx to Unblocked.lat, and that’s probably not the last change.

The new domains are accessible for a few weeks, or sometimes months, and if they are blocked, other ones will simply replace them.

This is not limited to The Pirate Bay and its proxies either. Looking more closely at the most-visited sites in the UK we see more ‘pirate’ sites, some of which are supposed to be blocked.

An overview of the ten most-used pirate sites in the UK is presented below. Some of these will likely be added to the ISP blocklists in the near future, if they aren’t already.

However, similar to regular takedown notices and domain seizures, ISPs blockades have also turned into a game of whack-a-mole.

The label “pirate site” applies to sites that have been classified as such by entertainment industry groups. Unblocked.mx already started redirecting to a new domain name.

Site Alexa rank Type Original site blocked?
torrentfreak.com
Pirateproxy.sh 115 Torrent proxy No
Openload.co 194 Cyberlocker Yes
0123movies.com 215 Streaming Yes
Rutracker.org 222 Torrents No
Unblocked.mx 227 Proxy links Yes
Piratebays.be 255 Torrent proxy No
Kissanime.ru 310 Streaming No
Thepiratebay.org 319 Torrents Yes
Solarmoviez.ru 327 Streaming No
Proxybay.bz 338 Proxy links No

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Social Media Sites Are Full of Pirate Champions League Streamers

Post Syndicated from Ernesto original https://torrentfreak.com/social-media-sites-are-full-of-pirate-champions-league-streamers-180526/

This evening, Liverpool and Real Madrid will go head to head in the Champions League final, one of the biggest sports events of the year.

Hundreds of millions of football fans from around the world will be glued to their televisions to follow the spectacle, while the hashtags #RMALIV and #UCLfinal are trending on social media.

While Twitter, Facebook and other social media are great ways to keep fans engaged and generate traction, they also present a threat. According to data released by the global anti-piracy outfit Irdeto, social media rivals traditional pirate streaming sites.

The company analyzed the number of pirated streams it ran into during the knockout stages of the Champions League and found 5,100 unique illegal streams that were rebroadcasting the matches.

Roughly 40 percent of these unauthorized broadcasts came from ‘social’ platforms including Periscope, Facebook and Twitch. Irdeto found 2,093 streams on these sites with an estimated 4,893,902 viewers.

Regular web-based streams on traditional sports pirate sites were the most popular (2,121), followed by ones found through Kodi-addons (886).

“These viewing figures combined with the number of UEFA Champions League streams detected across a variety of channels suggests that more needs to be done to stop the illegal distribution of high profile live European football matches,” the company writes.

Red card…

Rory O’Connor, Irdeto’s Senior Vice President of Cybersecurity Services, notes that criminals are “earning a fortune” from these activities. At the same time, he stresses that people who stream the matches on social media could face criminal action.

“The criminals who profit from these illegal streams have little regard for their viewers and are exposing them to cybercrime, inappropriate content and malware infection. Also, viewers of illegal content can face criminal penalties if they decide to share content with friends on social media,” O’Connor says.

Besides sharing infographics and reporting interesting statistics, including that Real Madrid was the most viewed team with 2,856,011 viewers of illegal social media streams during the knock out stage, Irdeto can also take action.

Whether they already work for UEFA or if this is an unsolicited application is not known to us, but they do work for other rightsholders.

So instead of tuning into the final tonight, they will probably be busy tracking down pirate broadcasts on social media and elsewhere, hoping to shut them down as soon as possible.

The game is on.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

TRON Cryptocurrency Founder Plans to Buy BitTorrent Inc

Post Syndicated from Ernesto original https://torrentfreak.com/tron-founder-plans-to-buy-bittorrent-inc-180525/

Founded by BitTorrent inventor Bram Cohen, BitTorrent Inc. is best known for its torrent client uTorrent, which has more than 100 million users.

Despite this massive userbase, however, the company never transformed into the next billion-dollar tech giant, as some as the early investors had hoped.

In fact, it has only gone downhill in recent years, in part due to questionable management practices. Things have calmed down since, but according to new information gathered by TorrentFreak, there is a major change afoot.

A few weeks ago we reported that BitTorrent Inc. quietly renamed its company to “Rainberry” last year. The company informed us that this was “purely a corporate decision.” While that may be the case, it could also be related to the company’s plans to be acquired.

Legal paperwork filed earlier this year reveals that Rainberry was sued because it allegedly violated a “No Shop” clause in an agreement with a potential buyer. This potential buyer, who signed a letter of intent, is none other than TRON founder Justin Sun.

TRON is one of the hottest and controversial cryptocurrencies. After a successful ICO, it now has a market cap of more than $4 billion, only surpassed by a few others. And with Sun at the helm, it makes headlines nearly every day.

The TRON mainnet, which will go live in a few days, has the ultimate goal to “decentralize the web.” BitTorrent would fit well in this picture, and the TRON whitepaper mentions torrents as one of the pillars.

TRON

Sun first began pursuing the acquisition of BitTorrent Inc.’s assets in September last year. In January 2018, both parties finalized a letter of intent for the acquisition, of which Sun returned a signed copy.

While it appeared that things were moving along nicely, BitTorrent Inc. CEO Ro Choy came back with a surprising reply.

“Within literally hours after the parties agreed to the Letter of Intent, and after Ro Choy began performing the terms of the Letter of Intent, Defendant claims it received three ‘superior’ bids from companies that David Chao admitted they had been communicating with,” Sun claims in the lawsuit.

Sun asked the court for a restraining order to prevent BitTorrent from talking to other potential buyers, as was agreed in the letter of intent. The case was swiftly dismissed by the court, but not without leaving a paper trail.

While it is clear that TRON’s founder is eager to acquire BitTorrent, less is known about what happened afterward. Did both parties throw their letter of intent in the trash mid-February, or was the deal still on?

Then, our research pointed out another interesting fact which suggests that the deal is going forward. At the end of February, right when the exclusivity period set in the letter of intent ended, a holding company named “Rainberry Acquisition” was registered in California.

This company is registered to none other than TRON founder Justin Sun, who completed the statement of information last month, as can be seen below.

Rainberry Acquisition paperwork

TorrentFreak reached out to Justin Sun, but TRON’s founder did not immediately reply to our request for comment.

When we confronted BitTorrent Inc. with the information, the company confirmed our findings and the interest from Sun, but it noted that the acquisition is not 100% finalized yet. More information will likely be released at a later stage, if all goes well.

At this point, Sun’s plans for BitTorrent Inc. remain unclear. He has not spoken about the acquisition in public, obviously, but it’s likely that it will be used to the advantage of TRON.

Interestingly, BitTorrent Inc. founder Bram Cohen has also taken an interest in cryptocurrencies, with the goal of creating a superior one called Chia. As far as we know, he is not part of TRON’s future in any way.

A copy of Sun’s complaint against Rainberry (f/k/a BitTorrent) is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Detecting Lies through Mouse Movements

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/05/detecting_lies_.html

Interesting research: “The detection of faked identity using unexpected questions and mouse dynamics,” by Merulin Monaro, Luciano Gamberini, and Guiseppe Sartori.

Abstract: The detection of faked identities is a major problem in security. Current memory-detection techniques cannot be used as they require prior knowledge of the respondent’s true identity. Here, we report a novel technique for detecting faked identities based on the use of unexpected questions that may be used to check the respondent identity without any prior autobiographical information. While truth-tellers respond automatically to unexpected questions, liars have to “build” and verify their responses. This lack of automaticity is reflected in the mouse movements used to record the responses as well as in the number of errors. Responses to unexpected questions are compared to responses to expected and control questions (i.e., questions to which a liar also must respond truthfully). Parameters that encode mouse movement were analyzed using machine learning classifiers and the results indicate that the mouse trajectories and errors on unexpected questions efficiently distinguish liars from truth-tellers. Furthermore, we showed that liars may be identified also when they are responding truthfully. Unexpected questions combined with the analysis of mouse movement may efficiently spot participants with faked identities without the need for any prior information on the examinee.

Boing Boing post.

Legal Blackmail: Zero Cases Brought Against Alleged Pirates in Sweden

Post Syndicated from Andy original https://torrentfreak.com/legal-blackmail-zero-cases-brought-against-alleged-pirates-in-sweden-180525/

While several countries in Europe have wilted under sustained pressure from copyright trolls for more than ten years, Sweden managed to avoid their controversial attacks until fairly recently.

With Germany a decade-old pit of misery, with many hundreds of thousands of letters – by now probably millions – sent out to Internet users demanding cash, Sweden avoided the ranks of its European partners until two years ago

In September 2016 it was revealed that an organization calling itself Spridningskollen (Distribution Check) headed up by law firm Gothia Law, would begin targeting the public.

Its spokesperson described its letters as “speeding tickets” for pirates, in that they would only target the guilty. But there was a huge backlash and just a couple of months later Spridningskollen headed for the hills, without a single collection letter being sent out.

That was the calm before the storm.

In February 2017, Danish law firm Njord Law was found to be at the center of a new troll operation targeting the subscribers of several ISPs, including Telia, Tele2 and Bredbandsbolaget. Court documents revealed that thousands of IP addresses had been harvested by the law firm’s partners who were determined to link them with real-life people.

Indeed, in a single batch, Njord Law was granted permission from the court to obtain the identities of citizens behind 25,000 IP addresses, from whom it hoped to obtain cash settlements of around US$550. But it didn’t stop there.

Time and again the trolls headed back to court in an effort to reach more people although until now the true scale of their operations has been open to question. However, a new investigation carried out by SVT has revealed that the promised copyright troll invasion of Sweden is well underway with a huge level of momentum.

Data collated by the publication reveals that since 2017, the personal details behind more than 50,000 IP addresses have been handed over by Swedish Internet service providers to law firms representing copyright trolls and their partners. By the end of this year, Njord Law alone will have sent out 35,000 letters to Swede’s whose IP addresses have been flagged as allegedly infringing copyright.

Even if one is extremely conservative with the figures, the levels of cash involved are significant. Taking a settlement amount of just $300 per letter, very quickly the copyright trolls are looking at $15,000,000 in revenues. On the perimeter, assuming $550 will make a supposed lawsuit go away, we’re looking at a potential $27,500,000 in takings.

But of course, this dragnet approach doesn’t have the desired effect on all recipients.

In 2017, Njord Law said that only 60% of its letters received any kind of response, meaning that even fewer would be settling with the company. So what happens when the public ignores the threatening letters?

“Yes, we will [go to court],” said lawyer Jeppe Brogaard Clausen last year.

“We wish to resolve matters as much as possible through education and dialogue without the assistance of the court though. It is very expensive both for the rights holders and for plaintiffs if we go to court.”

But despite the tough-talking, SVT’s investigation has turned up an interesting fact. The nuclear option, of taking people to court and winning a case when they refuse to pay, has never happened.

After trawling records held by the Patent and Market Court and all those held by the District Courts dating back five years, SVT did not find a single case of a troll taking a citizen to court and winning a case. Furthermore, no law firm contacted by the publication could show that such a thing had happened.

“In Sweden, we have not yet taken someone to court, but we are planning to file for the right in 2018,” Emelie Svensson, lawyer at Njord Law, told SVT.

While a case may yet reach the courts, when it does it is guaranteed to be a cut-and-dried one. Letter recipients can often say things to damage their case, even when they’re only getting a letter due to their name being on the Internet bill. These are the people who find themselves under the most pressure to pay, whether they’re guilty or not.

“There is a risk of what is known in English as ‘legal blackmailing’,” says Mårten Schultz, professor of civil law at Stockholm University.

“With [the copyright holders’] legal and economic muscles, small citizens are scared into paying claims that they do not legally have to pay.”

It’s a position shared by Marianne Levine, Professor of Intellectual Property Law at Stockholm University.

“One can only show that an IP address appears in some context, but there is no point in the evidence. Namely, that it is the subscriber who also downloaded illegitimate material,” she told SVT.

Njord Law, on the other hand, sees things differently.

“In Sweden, we have no legal case saying that you are not responsible for your IP address,” Emelie Svensson says.

Whether Njord Law will carry through with its threats will remain to be seen but there can be little doubt that while significant numbers of people keep paying up, this practice will continue and escalate. The trolls have come too far to give up now.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Use Slack ChatOps to Deploy Your Code – How to Integrate Your Pipeline in AWS CodePipeline with Your Slack Channel

Post Syndicated from Rumi Olsen original https://aws.amazon.com/blogs/devops/use-slack-chatops-to-deploy-your-code-how-to-integrate-your-pipeline-in-aws-codepipeline-with-your-slack-channel/

Slack is widely used by DevOps and development teams to communicate status. Typically, when a build has been tested and is ready to be promoted to a staging environment, a QA engineer or DevOps engineer kicks off the deployment. Using Slack in a ChatOps collaboration model, the promotion can be done in a single click from a Slack channel. And because the promotion happens through a Slack channel, the whole development team knows what’s happening without checking email.

In this blog post, I will show you how to integrate AWS services with a Slack application. I use an interactive message button and incoming webhook to promote a stage with a single click.

To follow along with the steps in this post, you’ll need a pipeline in AWS CodePipeline. If you don’t have a pipeline, the fastest way to create one for this use case is to use AWS CodeStar. Go to the AWS CodeStar console and select the Static Website template (shown in the screenshot). AWS CodeStar will create a pipeline with an AWS CodeCommit repository and an AWS CodeDeploy deployment for you. After the pipeline is created, you will need to add a manual approval stage.

You’ll also need to build a Slack app with webhooks and interactive components, write two Lambda functions, and create an API Gateway API and a SNS topic.

As you’ll see in the following diagram, when I make a change and merge a new feature into the master branch in AWS CodeCommit, the check-in kicks off my CI/CD pipeline in AWS CodePipeline. When CodePipeline reaches the approval stage, it sends a notification to Amazon SNS, which triggers an AWS Lambda function (ApprovalRequester).

The Slack channel receives a prompt that looks like the following screenshot. When I click Yes to approve the build promotion, the approval result is sent to CodePipeline through API Gateway and Lambda (ApprovalHandler). The pipeline continues on to deploy the build to the next environment.

Create a Slack app

For App Name, type a name for your app. For Development Slack Workspace, choose the name of your workspace. You’ll see in the following screenshot that my workspace is AWS ChatOps.

After the Slack application has been created, you will see the Basic Information page, where you can create incoming webhooks and enable interactive components.

To add incoming webhooks:

  1. Under Add features and functionality, choose Incoming Webhooks. Turn the feature on by selecting Off, as shown in the following screenshot.
  2. Now that the feature is turned on, choose Add New Webhook to Workspace. In the process of creating the webhook, Slack lets you choose the channel where messages will be posted.
  3. After the webhook has been created, you’ll see its URL. You will use this URL when you create the Lambda function.

If you followed the steps in the post, the pipeline should look like the following.

Write the Lambda function for approval requests

This Lambda function is invoked by the SNS notification. It sends a request that consists of an interactive message button to the incoming webhook you created earlier.  The following sample code sends the request to the incoming webhook. WEBHOOK_URL and SLACK_CHANNEL are the environment variables that hold values of the webhook URL that you created and the Slack channel where you want the interactive message button to appear.

# This function is invoked via SNS when the CodePipeline manual approval action starts.
# It will take the details from this approval notification and sent an interactive message to Slack that allows users to approve or cancel the deployment.

import os
import json
import logging
import urllib.parse

from base64 import b64decode
from urllib.request import Request, urlopen
from urllib.error import URLError, HTTPError

# This is passed as a plain-text environment variable for ease of demonstration.
# Consider encrypting the value with KMS or use an encrypted parameter in Parameter Store for production deployments.
SLACK_WEBHOOK_URL = os.environ['SLACK_WEBHOOK_URL']
SLACK_CHANNEL = os.environ['SLACK_CHANNEL']

logger = logging.getLogger()
logger.setLevel(logging.INFO)

def lambda_handler(event, context):
    print("Received event: " + json.dumps(event, indent=2))
    message = event["Records"][0]["Sns"]["Message"]
    
    data = json.loads(message) 
    token = data["approval"]["token"]
    codepipeline_name = data["approval"]["pipelineName"]
    
    slack_message = {
        "channel": SLACK_CHANNEL,
        "text": "Would you like to promote the build to production?",
        "attachments": [
            {
                "text": "Yes to deploy your build to production",
                "fallback": "You are unable to promote a build",
                "callback_id": "wopr_game",
                "color": "#3AA3E3",
                "attachment_type": "default",
                "actions": [
                    {
                        "name": "deployment",
                        "text": "Yes",
                        "style": "danger",
                        "type": "button",
                        "value": json.dumps({"approve": True, "codePipelineToken": token, "codePipelineName": codepipeline_name}),
                        "confirm": {
                            "title": "Are you sure?",
                            "text": "This will deploy the build to production",
                            "ok_text": "Yes",
                            "dismiss_text": "No"
                        }
                    },
                    {
                        "name": "deployment",
                        "text": "No",
                        "type": "button",
                        "value": json.dumps({"approve": False, "codePipelineToken": token, "codePipelineName": codepipeline_name})
                    }  
                ]
            }
        ]
    }

    req = Request(SLACK_WEBHOOK_URL, json.dumps(slack_message).encode('utf-8'))

    response = urlopen(req)
    response.read()
    
    return None

 

Create a SNS topic

Create a topic and then create a subscription that invokes the ApprovalRequester Lambda function. You can configure the manual approval action in the pipeline to send a message to this SNS topic when an approval action is required. When the pipeline reaches the approval stage, it sends a notification to this SNS topic. SNS publishes a notification to all of the subscribed endpoints. In this case, the Lambda function is the endpoint. Therefore, it invokes and executes the Lambda function. For information about how to create a SNS topic, see Create a Topic in the Amazon SNS Developer Guide.

Write the Lambda function for handling the interactive message button

This Lambda function is invoked by API Gateway. It receives the result of the interactive message button whether or not the build promotion was approved. If approved, an API call is made to CodePipeline to promote the build to the next environment. If not approved, the pipeline stops and does not move to the next stage.

The Lambda function code might look like the following. SLACK_VERIFICATION_TOKEN is the environment variable that contains your Slack verification token. You can find your verification token under Basic Information on Slack manage app page. When you scroll down, you will see App Credential. Verification token is found under the section.

# This function is triggered via API Gateway when a user acts on the Slack interactive message sent by approval_requester.py.

from urllib.parse import parse_qs
import json
import os
import boto3

SLACK_VERIFICATION_TOKEN = os.environ['SLACK_VERIFICATION_TOKEN']

#Triggered by API Gateway
#It kicks off a particular CodePipeline project
def lambda_handler(event, context):
	#print("Received event: " + json.dumps(event, indent=2))
	body = parse_qs(event['body'])
	payload = json.loads(body['payload'][0])

	# Validate Slack token
	if SLACK_VERIFICATION_TOKEN == payload['token']:
		send_slack_message(json.loads(payload['actions'][0]['value']))
		
		# This will replace the interactive message with a simple text response.
		# You can implement a more complex message update if you would like.
		return  {
			"isBase64Encoded": "false",
			"statusCode": 200,
			"body": "{\"text\": \"The approval has been processed\"}"
		}
	else:
		return  {
			"isBase64Encoded": "false",
			"statusCode": 403,
			"body": "{\"error\": \"This request does not include a vailid verification token.\"}"
		}


def send_slack_message(action_details):
	codepipeline_status = "Approved" if action_details["approve"] else "Rejected"
	codepipeline_name = action_details["codePipelineName"]
	token = action_details["codePipelineToken"] 

	client = boto3.client('codepipeline')
	response_approval = client.put_approval_result(
							pipelineName=codepipeline_name,
							stageName='Approval',
							actionName='ApprovalOrDeny',
							result={'summary':'','status':codepipeline_status},
							token=token)
	print(response_approval)

 

Create the API Gateway API

  1. In the Amazon API Gateway console, create a resource called InteractiveMessageHandler.
  2. Create a POST method.
    • For Integration type, choose Lambda Function.
    • Select Use Lambda Proxy integration.
    • From Lambda Region, choose a region.
    • In Lambda Function, type a name for your function.
  3.  Deploy to a stage.

For more information, see Getting Started with Amazon API Gateway in the Amazon API Developer Guide.

Now go back to your Slack application and enable interactive components.

To enable interactive components for the interactive message (Yes) button:

  1. Under Features, choose Interactive Components.
  2. Choose Enable Interactive Components.
  3. Type a request URL in the text box. Use the invoke URL in Amazon API Gateway that will be called when the approval button is clicked.

Now that all the pieces have been created, run the solution by checking in a code change to your CodeCommit repo. That will release the change through CodePipeline. When the CodePipeline comes to the approval stage, it will prompt to your Slack channel to see if you want to promote the build to your staging or production environment. Choose Yes and then see if your change was deployed to the environment.

Conclusion

That is it! You have now created a Slack ChatOps solution using AWS CodeCommit, AWS CodePipeline, AWS Lambda, Amazon API Gateway, and Amazon Simple Notification Service.

Now that you know how to do this Slack and CodePipeline integration, you can use the same method to interact with other AWS services using API Gateway and Lambda. You can also use Slack’s slash command to initiate an action from a Slack channel, rather than responding in the way demonstrated in this post.

[$] What’s coming in OpenLDAP 2.5

Post Syndicated from corbet original https://lwn.net/Articles/755207/rss

If pressed, I will admit to thinking that, if
NIS
was good enough for Charles Babbage, it’s
good enough for me. I am therefore not a huge fan of
LDAP
; I feel I can detect in it the heavy hand of the ITU,
which seems to
wish to apply X.500 to
everything. Nevertheless, for secure, distributed, multi-platform identity
management it’s quite hard to beat. If you decide to run an LDAP server
on Unix, one of the major free implementations is slapd, the core
engine of the OpenLDAP project.
Howard Chu is the chief architect of the project,
and spoke at FLOSS 2018 about the upcoming 2.5 release. Any rumors
that he might have passed the time while the room filled up by giving
a short but nicely rendered fiddle recital are completely true.

Japan’s Directorate for Signals Intelligence

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/05/japans_director.html

The Intercept has a long article on Japan’s equivalent of the NSA: the Directorate for Signals Intelligence. Interesting, but nothing really surprising.

The directorate has a history that dates back to the 1950s; its role is to eavesdrop on communications. But its operations remain so highly classified that the Japanese government has disclosed little about its work ­ even the location of its headquarters. Most Japanese officials, except for a select few of the prime minister’s inner circle, are kept in the dark about the directorate’s activities, which are regulated by a limited legal framework and not subject to any independent oversight.

Now, a new investigation by the Japanese broadcaster NHK — produced in collaboration with The Intercept — reveals for the first time details about the inner workings of Japan’s opaque spy community. Based on classified documents and interviews with current and former officials familiar with the agency’s intelligence work, the investigation shines light on a previously undisclosed internet surveillance program and a spy hub in the south of Japan that is used to monitor phone calls and emails passing across communications satellites.

The article includes some new documents from the Snowden archive.

Fairplay Canada Discredits “Pro-Piracy” TorrentFreak News, Then Cites Us

Post Syndicated from Ernesto original https://torrentfreak.com/fairplay-canada-discredits-pro-piracy-torrentfreak-news-then-cites-us-180520/

At TorrentFreak we do our best to keep readers updated on the latest copyright and piracy news, highlighting issues from different points of view.

We report on the opinions and efforts of copyright holders when it comes to online piracy and we also make room for those who oppose them. That’s how balanced reporting works in our view.

There is probably no site on the Internet who reports on the negative consequences of piracy as much as we do, but for some reason, the term “pro-piracy” is sometimes attached to our reporting. This also happened in the recent reply Fairplay Canada sent to the CRTC.

The coalition of media companies and ISPs is trying to get a pirate site blocking regime implemented in Canada. As part of this effort, it’s countering numerous responses from the public, including one from law professor Michael Geist.

In his submission, Geist pointed out that the Mexican Supreme Court ruled that site blocking is disproportional, referring to our article on the matter. This article was entirely correct at the time it was written, but it appears that the Court later clarified its stance.

Instead of pointing that out to us, or perhaps Geist, Fairplay frames it in a different light.

“Professor Geist dismisses Mexico because, relying on a third party source (the pro-piracy news site TorrentFreak), he believes its Supreme Court has ruled that the regime is disproportionate,” it writes.

Fairplay does not dispute that the Supreme Court initially ruled that a site blockade should target specific content. However, it adds that the court later clarified that blockades are also allowed if a substantial majority of content on a site is infringing.

The bottom line is that, later developments aside, our original article was correct. What bothers us, however, is that the Fairplay coalition is branding us as a “pro-piracy” site. That’s done for a reason, most likely to discredit the accuracy of our reporting.

Pro piracy news site

Luckily we have pretty thick skin, so we’ll get over it. If Fairplay Canada doesn’t trust us, then so be it.

Amusingly, however, this was not the only TorrentFreak article the coalition referenced. In fact, our reporting is cited twice more in the same report but without the pro-piracy branding.

A few pages down from the Geist reference, Fairplay mentions how pirate site blockades do not violate net neutrality in India, referring to our thorough article that explains how the process works.

No pro piracy?

Similarly, we’re also pretty reliable when it comes to reporting on MUSO’s latest piracy data, as Fairplay cites us for that as well. These are the data that play a central role in the coalition’s argumentation and analysis.

We’re not entirely sure how it works, but apparently, we are a “pro-piracy” news site when Fairplay Canada doesn’t like our reporting, and a reliable source when it suits their message.

In any case, we would like to point out that this entire opinion article is written without any pro-piracy messaging. But it appears that every sentence that deviates from the agenda of certain groups, may be interpreted as such.

Not sure if you could call that fair play?

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

ISP Telenor Will Block The Pirate Bay in Sweden Without a Shot Fired

Post Syndicated from Andy original https://torrentfreak.com/isp-telenor-will-block-the-pirate-bay-in-sweden-without-a-shot-fired-180520/

Back in 2014, Universal Music, Sony Music, Warner Music, Nordisk Film and the Swedish Film Industry filed a lawsuit against Bredbandsbolaget, one of Sweden’s largest ISPs.

The copyright holders asked the Stockholm District Court to order the ISP to block The Pirate Bay and streaming site Swefilmer, claiming that the provider knowingly facilitated access to the pirate platforms and assisted their pirating users.

Soon after the ISP fought back, refusing to block the sites in a determined response to the Court.

“Bredbandsbolaget’s role is to provide its subscribers with access to the Internet, thereby contributing to the free flow of information and the ability for people to reach each other and communicate,” the company said in a statement.

“Bredbandsbolaget does not block content or services based on individual organizations’ requests. There is no legal obligation for operators to block either The Pirate Bay or Swefilmer.”

In February 2015 the parties met in court, with Bredbandsbolaget arguing in favor of the “important principle” that ISPs should not be held responsible for content exchanged over the Internet, in the same way the postal service isn’t responsible for the contents of an envelope.

But with TV companies SVT, TV4 Group, MTG TV, SBS Discovery and C More teaming up with the IFPI alongside Paramount, Disney, Warner and Sony in the case, Bredbandsbolaget would need to pull out all the stops to obtain victory. The company worked hard and initially the news was good.

In November 2015, the Stockholm District Court decided that the copyright holders could not force Bredbandsbolaget to block the pirate sites, ruling that the ISP’s operations did not amount to participation in the copyright infringement offenses carried out by some of its ‘pirate’ subscribers.

However, the case subsequently went to appeal, with the brand new Patent and Market Court of Appeal hearing arguments. In February 2017 it handed down its decision, which overruled the earlier ruling of the District Court and ordered Bredbandsbolaget to implement “technical measures” to prevent its customers accessing the ‘pirate’ sites through a number of domain names and URLs.

With nowhere left to go, Bredbandsbolaget and owner Telenor were left hanging onto their original statement which vehemently opposed site-blocking.

“It is a dangerous path to go down, which forces Internet providers to monitor and evaluate content on the Internet and block websites with illegal content in order to avoid becoming accomplices,” they said.

In March 2017, Bredbandsbolaget blocked The Pirate Bay but said it would not give up the fight.

“We are now forced to contest any future blocking demands. It is the only way for us and other Internet operators to ensure that private players should not have the last word regarding the content that should be accessible on the Internet,” Bredbandsbolaget said.

While it’s not clear whether any additional blocking demands have been filed with the ISP, this week an announcement by Bredbandsbolaget parent company Telenor revealed an unexpected knock-on effect. Seemingly without a single shot being fired, The Pirate Bay will now be blocked by Telenor too.

The background lies in Telenor’s acquisition of Bredbandsbolaget back in 2005. Until this week the companies operated under separate brands but will now merge into one entity.

“Telenor Sweden and Bredbandsbolaget today take the final step on their joint trip and become the same company with the same name. As a result, Telenor becomes a comprehensive provider of broadband, TV and mobile communications,” the company said in a statement this week.

“Telenor Sweden and Bredbandsbolaget have shared both logo and organization for the last 13 years. Today, we take the last step in the relationship and consolidate the companies under the same name.”

Up until this final merger, 600,000 Bredbandsbolaget broadband customers were denied access to The Pirate Bay. Now it appears that Telenor’s 700,000 fiber and broadband customers will be affected too. The new single-brand company says it has decided to block the notorious torrent site across its entire network.

“We have not discontinued Bredbandsbolaget, but we have merged Telenor and Bredbandsbolaget and become one,” the company said.

“When we share the same network, The Pirate Bay is blocked by both Telenor and Bredbandsbolaget and there is nothing we plan to change in the future.”

TorrentFreak contacted the PR departments of both Telenor and Bredbandsbolaget requesting information on why a court order aimed at only the latter’s customers would now affect those of the former too, more than doubling the blockade’s reach. Neither company responded which leaves only speculation as to its motives.

On the one hand, the decision to voluntarily implement an expanded blockade could perhaps be viewed as a little unusual given how much time, effort and money has been invested in fighting web-blockades in Sweden.

On the other, the merger of the companies may present legal difficulties as far as the court order goes and it could certainly cause friction among the customer base of Telenor if some customers could access TPB, and others could not.

In any event, the legal basis for web-blocking on copyright infringement grounds was firmly established last year at the EU level, which means that Telenor would lose any future legal battle, should it decide to dig in its heels. On that basis alone, the decision to block all customers probably makes perfect commercial sense.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

TVAddons Denies Copyright Infringement Claims in Court

Post Syndicated from Ernesto original https://torrentfreak.com/tvaddons-denies-copyright-infringement-claims-in-court-180518/

Last year, American satellite and broadcast provider Dish Network targeted two well-known players in the third-party Kodi add-on ecosystem.

In a complaint filed in a federal court in Texas, add-on ZemTV and the TVAddons library were accused of copyright infringement. As a result, both are facing up to $150,000 in damages for each offense.

The owner and operator of TVAddons, Adam Lackman, and ZemTV developer, Shahjahan Durrani, previously asked the court to dismiss the case, because neither reside in the United States.

The request was recently denied and the case continues. This means that the defendants must respond to the allegations at the Texas District Court. Yesterday, TVAddons’ lawyer Jason Sweet submitted the answers of defendant Adam Lackman, who denies many of the claims put forward by Dish.

TVAddons’ operator denies that he had the “ability to supervise and control” the alleged infringing activity of ZemTV, as Dish stated, and also refutes the claims that he received a “direct financial benefit” and “refused to take any action” to stop the infringement.

Lackman does confirm that ZemTV was available for download through TVAddons and that Dish sent a takedown notice to have it removed. TVAddons received this notice and forwarded it to the developer of the addon.

The answers are very minimal and mostly deny the complaint’s claims. However, the filing also includes several affirmative defenses, which provide some more insight and detail.

In the complaint, TVAddons’ operator stands accused of “contributory / inducing copyright infringement,” but his lawyer points out that these are two different claims with separate thresholds which can’t be combined.

One requires knowledge of and a material contribution to the infringement, for example, while the other deals with the distribution of a device or product through which the infringing use is promoted.

“Contributory infringement and inducing infringement are two distinct causes of action and cannot be combined when pled. Federal Rule of Civil Procedure 10(b) requires separate counts for separate claims,” Sweet writes.

And there are other points of confusion highlighted by the defense. Dish has stated that the copyrighted works at issue have not been registered, as that is no longer required to file a lawsuit under the Copyright Act.

While that is correct, TVAddons’ lawyer points out that it prevents Dish from seeking statutory damages and attorneys fees or costs, because that does require copyright registration.

“Plaintiff is not entitled to statutory damages, including attorney’s fees and costs because registration is required for foreign works to gain the procedural benefits of a prima facie presumption of the validity of a copyright, statutory damages, and attorney’s fees..,” the defense writes.

Adding to that, TVAddons’ operator denies that he engaged in or contributed to any of the alleged infringements. And if there was any wrongdoing, this was certainly not intended.

“Defendant was not aware and had no reason to believe that any of his acts constituted an infringement of copyright. Any infringement by Defendant was innocent and not willful.”

The response is just the start of the case and both sides are expected to conduct further discovery to back up their respective positions. ZemTV’s operator, whose alleged infringements are central to the TVAddons case, has yet to file his answers.

TVAddons, meanwhile, remains operational through TVAddons.co with a reduced library of addons. After it was decimated last year, the site has started to regain its user base, in the hope that they will support the legal battle.

“If you are tired of seeing big companies act like they own the law, please consider making a donation to help us pay our lawyers. This lawsuit is about more than just us, it’s about the expansion of copyright law and a big bad corporation trying to bully us into submission,” TVAddons wrote last week.

A copy of TVAddons answer to the amended complaint is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

[$] A reworked TCP zero-copy receive API

Post Syndicated from corbet original https://lwn.net/Articles/754681/rss

In April, LWN looked at the new API for
zero-copy reception of TCP data that had been merged into the net-next tree
for the 4.18 development cycle. After that article was written, a couple
of issues came to the fore that required some changes to the API for this
feature. Those changes have been made and merged; read on for the details.

ExtraTorrent Replacement Displays Warning On Predecessor’s Shutdown Anniversary

Post Syndicated from Andy original https://torrentfreak.com/extratorrent-replacement-displays-warning-on-predecessors-shutdown-anniversary-180518/

Exactly one year ago, millions of users in the BitTorrent community went into mourning with the shock depature of one of its major players.

ExtraTorrent was founded in back in November 2006, at a time when classic platforms such as TorrentSpy and Mininova were dominating the torrent site landscape. But with dedication and determination, the site amassed millions of daily visitors, outperforming every other torrent site apart from the mighty Pirate Bay.

Then, on May 17, 2017, everything came crashing down.

“ExtraTorrent has shut down permanently,” a note in the site read. “ExtraTorrent with all mirrors goes offline. We permanently erase all data. Stay away from fake ExtraTorrent websites and clones. Thx to all ET supporters and torrent community. ET was a place to be….”

While ExtraTorrent staff couldn’t be more clear in advising people to stay away from clones, few people listened to their warnings. Within hours, new sites appeared claiming to be official replacements for the much-loved torrent site and people flocked to them in their millions.

One of those was ExtraTorrent.ag, a torrent site connected to the operators of EZTV.ag, which appeared as a replacement in the wake of the official EZTV’s demise. Graphically very similar to the original ExtraTorrent, the .ag ‘replacement’ had none of its namesake’s community or unique content. But that didn’t dent its popularity.

ExtraTorrent.ag

At the start of this week, ExtraTorrent.ag was one of the most popular torrent sites on the Internet. With an Alexa rank of around 2,200, it would’ve clinched ninth position in our Top 10 Torrent Sites report earlier this year. However, after registering the site’s domain a year ago, something seems to have gone wrong.

Yesterday, on the anniversary of ExtraTorrent’s shutdown and exactly a year after the ExtraTorrent.ag domain was registered, ExtraTorrent.ag disappeared only to be replaced by a generic landing page, as shown below.

ExtraTorrent.ag landing page

This morning, however, there appear to be additional complications. Accessing with Firefox produces the page above but attempting to do so with Chrome produces an ominous security warning.

Chrome warning

Indeed, those protected by MalwareBytes won’t be able to access the page at all, since ExtraTorrent.ag redirects to the domain FindBetterResults.com, which the anti-malware app flags as malicious.

The change was reported to TF by the operator of domain unblocking site Unblocked.lol, which offers torrent site proxies as well as access to live TV and sports.

“I noticed when I started receiving emails saying ExtraTorrent was redirecting to some parked domain. When I jumped on the PC and checked myself it was just redirecting to a blank page,” he informs us.

“First I thought they’d blocked our IP address so I used some different ones. But I soon discovered the domain was in fact parked.”

So what has happened to this previously-functioning domain?

Whois records show that ExtraTorrent.ag was created on May 17, 2017 and appears to have been registered for a year. Yesterday, on May 17, 2018, the domain was updated to list what could potentially be a new owner, with an expiry date of May 17, 2019.

Once domains have expired, they usually enter an ‘Auto-Renew Grace Period’ for up to 45 days. This is followed by a 30-day ‘Redemption Grace Period’. At the end of this second period, domains cannot be renewed and are released for third-parties to register. That doesn’t appear to have been the case here.

So, to find out more about the sudden changes we reached out to the email address listed in the WHOIS report but received no response. Should we hear more we’ll update this report but in the meantime the Internet has lost one of its largest torrent sites and gained a rather pointless landing page with potential security risks.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Police Arrest Suspected Member of TheDarkOverlord Hacking Group

Post Syndicated from Andy original https://torrentfreak.com/police-arrest-suspected-member-of-the-dark-overlord-hacking-group-180517/

In April 2017, the first episode of the brand new season of Netflix’s Orange is the New Black was uploaded to The Pirate Bay, months ahead of its official release date.

The leak was the work of a hacking entity calling itself TheDarkOverlord (TDO). One of its members had contacted TorrentFreak months earlier claiming that the content was in its hands but until the public upload, nothing could be confirmed.

TDO told us it had obtained the episodes after hacking the systems of Hollywood-based Larson Studios, an ADR (additional dialogue recorded) studio, back in 2016. TDO had attempted to blackmail the company into paying a bitcoin ransom but when it wasn’t forthcoming, TDO pressed the nuclear button.

Netflix responded by issuing a wave of takedown notices but soon TDO moved onto a new target. In June 2017, TDO followed up on an earlier threat to leak content owned by ABC.

But while TDO was perhaps best known for its video-leaking exploits, the group’s core ‘business’ was hacking what many perceived to be softer targets. TDO ruthlessly slurped confidential data from weakly protected computer systems at medical facilities, private practices, and businesses large and small.

In each case, the group demanded ransoms in exchange for silence and leaked sensitive data to the public if none were paid. With dozens of known targets, TDO found itself at the center of an international investigation, led by the FBI. That now appears to have borne some fruit, with the arrest of an individual in Serbia.

Serbian police say that members of its Ministry of Internal Affairs, Criminal Police Directorate (UCC), in coordination with the Special Prosecution for High-Tech Crime, have taken action against a suspected member of TheDarkOverlord group.

Police say they tracked down a Belgrade resident, who was arrested and taken into custody. Identified only by the initials “S.S”, police say the individual was born in 1980 but have released no further personal details. A search of his apartment and other locations led to the seizure of items of digital equipment.

“According to the order of the Special Prosecutor’s Office for High-Tech Crime, criminal charges will be brought against him because of the suspicion that he committed the criminal offense of unauthorized access to a protected computer, computer networks and electronic processing, and the criminal offense of extortion,” a police statement reads.

In earlier correspondence with TF, the TDO member always gave the impression of working as part of a team but we only had a single contact point which appeared to be the same person. However, Serbian authorities say the larger investigation is aimed at uncovering “a large number of people” who operate under the banner of “TheDarkOverlord”.

Since June 2016, the group is said to have targeted at least 50 victims while demanding bitcoin ransoms to avoid disclosure of their content. Serbian authorities say that on the basis of available data, TDO received payments of more than $275,000.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Internet Association Blasts MPAA’s ‘Crony Politics’

Post Syndicated from Ernesto original https://torrentfreak.com/internet-association-blasts-mpaas-crony-politics-180516/

Last month, MPAA Chairman and CEO Charles Rivkin used the Facebook privacy debacle to voice his concern about the current state of the Internet.

“The Internet is no longer nascent – and people around the world are growing increasingly uncomfortable with what it’s becoming,” Rivkin wrote in his letter to several Senators, linking Internet-related privacy breaches to regulation, immunities, and safe harbors.

“The moment has come for a national dialogue about restoring accountability on the internet. Whether through regulation, recalibration of safe harbors, or the exercise of greater responsibility by online platforms, something must change.”

While it’s good to see that the head of Hollywood’s main lobbying group is concerned about Facebook users, not everyone is convinced of his good intentions. Some suggest that the MPAA is hijacking the scandal to further its own, unrelated, interests.

This is exactly the position taken by the Internet Association, a US-based organization comprised of the country’s leading Internet-based businesses. The organization is comprised of many prominent members including Google, Twitter, Amazon, Reddit, Yahoo, and Facebook.

Several of these companies were the target of the MPAA’s criticism, named or not, which prompted the Internet Association to respond.

In an open letter to House Energy and Commerce Committee Chairman Greg Walden, the group’s president and CEO, Michael Beckerman, lashes out against the MPAA and similar lobbying groups. These groups hijack the regulatory debate with anti-internet lobbying efforts, he says.

“Look no further than the gratuitous letter Motion Picture Association of America, Inc. Chairman & CEO Charles Rivkin submitted to the Energy and Commerce Committee during your recent Zuckerberg hearing,” Beckerman writes.

“The hearing had nothing to do with the Motion Picture industry, but Mr. Rivkin demonstrated shameless rent-seeking by calling for regulation on internet companies simply in an effort to protect his clients’ business interest.”

These rent-seeking efforts are part of the “crony politics” used by “pre-internet” companies to protect their old business models, the Internet Association’s CEO adds.

“This blatant display of crony politics is not unique to the big Hollywood studios, but rather emblematic of a broader anti-consumer lobbying campaign. Many other pre-internet industries —telcos, legacy tech firms, hotels, and others — are looking to defend old business models by regulating a rising competitor to the clear detriment of consumers.”

These harsh words show that the rift between Silicon Valley and Hollywood is still wide open.

It’s clear that the MPAA and other copyright industry groups are still hoping for stricter regulation to ensure that Internet companies are held accountable. Privacy is generally not their main focus though.

They mostly want companies such as Google and Facebook to prevent piracy and compensate rightsholders. Whether using the Facebook privacy scandal was a good way to bring this message to the forefront is a matter of which camp one’s in.

While the Internet Association bashes the MPAA’s efforts, they don’t discount the idea that more can be done to prevent and stop abuse.

“As technology and services evolve to better meet user needs, bad actors will find ways to take advantage. Our members are ever vigilant and work hard to stop them. The task is never done, and we pledge to work harder and do even better,” Beckerman notes.

The Internet Association’s full letter, spotted by Variety, is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.