Tag Archives: e-book

Pirate Site Admins Receive Suspended Sentences, Still Face €60m Damages Claim

Post Syndicated from Andy original https://torrentfreak.com/pirate-site-admins-receive-suspended-sentences-still-face-e60m-damages-claim-180313/

After being founded in 2009, French site Liberty Land (LL) made its home in Canada. At the time listed among France’s top 200 sites, Liberty Land carried an estimated 30,000 links to a broad range of unlicensed content.

Like many other indexes of its type, LL carried no content itself but hosted links to content hosted elsewhere, on sites like Megaupload and Rapidshare, for example. This didn’t save the operation from an investigation carried out by rightsholder groups SACEM and ALPA, which filed a complaint against Liberty Land with the French authorities in 2010.

Liberty Land

In May 2011 and alongside complaints from police that the people behind Liberty Land had taken extreme measures to hide themselves away, authorities arrested several men linked to the site in Marseille, near Le Havre, and in the Paris suburb of Montreuil.

Despite the men facing a possible five years in jail and fines of up to $700,000, the inquiry dragged on for nearly seven years. The trial of its alleged operators, now aged between 29 and 36-years-old, finally went ahead January 30 in Rennes.

The men faced charges that they unlawfully helped to distribute movies, TV series, games, software, music albums and e-books without permission from rightsholders. In court, one defended the site as being just like Google.

“For me, we had the same role as Google,” he said. “We were an SEO site. There is a difference between what we were doing and the distribution of pirated copies on the street.”

According to the prosecution, the site made considerable revenues from advertising, estimated at more than 300,000 euros between January 2009 and May 2011. The site’s two main administrators reportedly established an offshore company in the British Virgin Islands and a bank account in Latvia where they deposited between 100,000 and 150,000 euros each.

The prosecutor demanded fines for the former site admins and sentences of between six and 12 months in prison. Last week the Rennes Criminal Court rendered its decision, sentencing the four men to suspended sentences of between two and three months. More than 176,000 euros generated by the site was also confiscated by the Court.

While the men will no doubt be relieved that this extremely long case has reached a conclusion of sorts, it’s not over yet. 20minutes reports that the claims for damages filed by copyright groups including SACEM won’t be decided until September and they are significant, totaling 60 million euros.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Multi-National Police Operation Shuts Down Pirate Forums

Post Syndicated from Andy original https://torrentfreak.com/multi-national-police-operation-shuts-down-pirate-forums-171110/

Once upon a time, large-scale raids on pirate operations were a regular occurrence, with news of such events making the headlines every few months. These days things have calmed down somewhat but reports coming out of Germany suggests that the war isn’t over yet.

According to a statement from German authorities, the Attorney General in Dresden and various cybercrime agencies teamed up this week to take down sites dedicated to sharing copyright protected material via the Usenet (newsgroups) system.

Huge amounts of infringing items were said to have been made available on a pair of indexing sites – 400,000 on Town.ag and 1,200,000 on Usenet-Town.com.

“Www.town.ag and www.usenet-town.com were two of the largest online portals that provided access to films, series, music, software, e-books, audiobooks, books, newspapers and magazines through systematic and unlawful copyright infringement,” the statement reads.

Visitors to these URLs are no longer greeted by the usual warez-fest, but by a seizure banner placed there by German authorities.

Seizure banner on Town.ag and Usenet-Town.com (translated)

Following an investigation carried out after complaints from rightsholders, 182 officers of various agencies raided homes and businesses Wednesday, each connected to a reported 26 suspects. In addition to searches of data centers located in Germany, servers in Spain, Netherlands, San Marino, Switzerland, and Canada were also targeted.

According to police the sites generated income from ‘sponsors’, netting their operators millions of euros in revenue. One of those appears to be Usenet reseller SSL-News, which displays the same seizure banner. Rightsholders claim that the Usenet portals have cost them many millions of euros in lost sales.

Arrest warrants were issued in Spain and Saxony against two German nationals, 39 and 31-years-old respectively. The man arrested in Spain is believed to be a ringleader and authorities there have been asked to extradite him to Germany.

At least 1,000 gigabytes of data were seized, with police scooping up numerous computers and other hardware for evidence. The true scale of material indexed is likely to be much larger, however.

Online chatter suggests that several other Usenet-related sites have also disappeared during the past day but whether that’s a direct result of the raids or down to precautionary measures taken by their operators isn’t yet clear.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Many of My E-Books for Cheap

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/07/many_of_my_e-bo.html

Humble Bundle is selling a bunch of cybersecurity books very cheaply. You can get copies of Applied Cryptography, Secrets and Lies, and Cryptography Engineering — and also Ross Anderson’s Security Engineering, Adam Shostack’s Threat Modeling, and many others.

This is the cheapest you’ll ever see these books. And they’re all DRM-free.

Cybercrime Officials Shutdown Large eBook Portal, Three Arrested

Post Syndicated from Andy original https://torrentfreak.com/cybercrime-officials-shutdown-large-ebook-portal-three-arrested-170626/

Back in February 2015, German anti-piracy outfit GVU filed a complaint against the operators of large eBook portal Lul.to.

Targeted mainly at the German audience, the site carried around 160,000 eBooks, 28,000 audiobooks, plus newspapers and periodicals. Its motto was “Read and Listen” and claimed to be both the largest German eBook portal and the largest DRM-free platform in the world.

Unlike most file-sharing sites, Lul.to charged around 30,000 customers a small fee to access content, around $0.23 per download. However, all that came to end last week when authorities moved to shut the platform down.

According to the General Prosecutor’s Office, searches in several locations led to the discovery of around 55,000 euros in bitcoin, 100,000 euros in bank deposits, 10,000 euros in cash, plus a “high-quality” motorcycle.

As is often the case following significant action, the site has been completely taken down and now displays the following seizure notice.

Lul.to seized (translated from German)

Authorities report that three people were arrested and are being detained while investigations continue.

It is not yet clear how many times the site’s books were downloaded by users but investigators believe that the retail value of the content offered on the site was around 392,000 euros. By volume, investigators seized more than 11 terabytes of data.

The German Publishers & Booksellers Association welcomed the shutdown of the platform.

“Intervening against lul.to is an important success in the fight against Internet piracy. By blocking one of the largest illegal providers for e-books and audiobooks, many publishers and retailers can breathe,” said CEO Alexander Skipis.

“Piracy is not an excusable offense, it’s the theft of intellectual property, which is the basis for the work of authors, publishers, and bookshops. Portals like lul.to harm the media market massively. The success of the investigation is another example of the fact that such illegal models ultimately can not hold up.”

Last week in a separate case in Denmark, three men aged between 26 and 71-years-old were handed suspended sentences for offering subscription access to around 198 pirate textbooks.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Reading Analytics and Privacy

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/04/reading_analyti.html

Interesting paper: “The rise of reading analytics and the emerging calculus of reading privacy in the digital world,” by Clifford Lynch:

Abstract: This paper studies emerging technologies for tracking reading behaviors (“reading analytics”) and their implications for reader privacy, attempting to place them in a historical context. It discusses what data is being collected, to whom it is available, and how it might be used by various interested parties (including authors). I explore means of tracking what’s being read, who is doing the reading, and how readers discover what they read. The paper includes two case studies: mass-market e-books (both directly acquired by readers and mediated by libraries) and scholarly journals (usually mediated by academic libraries); in the latter case I also provide examples of the implications of various authentication, authorization and access management practices on reader privacy. While legal issues are touched upon, the focus is generally pragmatic, emphasizing technology and marketplace practices. The article illustrates the way reader privacy concerns are shifting from government to commercial surveillance, and the interactions between government and the private sector in this area. The paper emphasizes U.S.-based developments.

Sense HAT Emulator Upgrade

Post Syndicated from David Honess original https://www.raspberrypi.org/blog/sense-hat-emulator-upgrade/

Last year, we partnered with Trinket to develop a web-based emulator for the Sense HAT, the multipurpose add-on board for the Raspberry Pi. Today, we are proud to announce an exciting new upgrade to the emulator. We hope this will make it even easier for you to design amazing experiments with the Sense HAT!

What’s new?

The original release of the emulator didn’t fully support all of the Sense HAT features. Specifically, the movement sensors were not emulated. Thanks to funding from the UK Space Agency, we are delighted to announce that a new round of development has just been completed. From today, the movement sensors are fully supported. The emulator also comes with a shiny new 3D interface, Astro Pi skin mode, and Pygame event handling. Click the ▶︎ button below to see what’s new!

Upgraded sensors

On a physical Sense HAT, real sensors react to changes in environmental conditions like fluctuations in temperature or humidity. The emulator has sliders which are designed to simulate this. However, emulating the movement sensor is a bit more complicated. The upgrade introduces a 3D slider, which is essentially a model of the Sense HAT that you can move with your mouse. Moving the model affects the readings provided by the accelerometer, gyroscope, and magnetometer sensors.

Code written in this emulator is directly portable to a physical Raspberry Pi and Sense HAT without modification. This means you can now develop and test programs using the movement sensors from any internet-connected computer, anywhere in the world.

Astro Pi mode

Astro Pi is our series of competitions offering students the chance to have their code run in space! The code is run on two space-hardened Raspberry Pi units, with attached Sense HATs, on the International Space Station.

Image of Astro Pi unit Sense HAT emulator upgrade

Astro Pi skin mode

There are a number of practical things that can catch you out when you are porting your Sense HAT code to an Astro Pi unit, though, such as the orientation of the screen and joystick. Just as having a 3D-printed Astro Pi case enables you to discover and overcome these, so does the Astro Pi skin mode in this emulator. In the bottom right-hand panel, there is an Astro Pi button which enables the mode: click it again to go back to the Sense HAT.

The joystick and push buttons are operated by pressing your keyboard keys: use the cursor keys and Enter for the joystick, and U, D, L, R, A, and B for the buttons.

Sense Hat resources for Code Clubs

Image of gallery of Code Club Sense HAT projects Sense HAT emulator upgrade

Click the image to visit the Code Club projects page

We also have a new range of Code Club resources which are based on the emulator. Of these, three use the environmental sensors and two use the movement sensors. The resources are an ideal way for any Code Club to get into physical computing.

The technology

The 3D models in the emulator are represented entirely with HTML and CSS. “This project pushed the Trinket team, and the 3D web, to its limit,” says Elliott Hauser, CEO of Trinket. “Our first step was to test whether pure 3D HTML/CSS was feasible, using Julian Garnier’s Tridiv.”

Sense HAT 3D image mockup Sense HAT emulator upgrade

The Trinket team’s preliminary 3D model of the Sense HAT

“We added JavaScript rotation logic and the proof of concept worked!” Elliot continues. “Countless iterations, SVG textures, and pixel-pushing tweaks later, the finished emulator is far more than the sum of its parts.”

Sense HAT emulator 3d image final version Sense HAT emulator upgrade

The finished Sense HAT model: doesn’t it look amazing?

Check out this blog post from Trinket for more on the technology and mathematics behind the models.

One of the compromises we’ve had to make is browser support. Unfortunately, browsers like Firefox and Microsoft Edge don’t fully support this technology yet. Instead, we recommend that you use Chrome, Safari, or Opera to access the emulator.

Where do I start?

If you’re new to the Sense HAT, you can simply copy and paste many of the code examples from our educational resources, like this one. Alternatively, you can check out our Sense HAT Essentials e-book. For a complete list of all the functions you can use, have a look at the Sense HAT API reference here.

The post Sense HAT Emulator Upgrade appeared first on Raspberry Pi.

Community Profile: Alex Eames

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/community-profile-alex-eames/

This column is from The MagPi issue 52. You can download a PDF of the full issue for free, or subscribe to receive the print edition in your mailbox or the digital edition on your tablet. All proceeds from the print and digital editions help the Raspberry Pi Foundation achieve its charitable goals.

Alex purchased his first Raspberry Pi in May 2012, after a BBC article caught his eye. Already teaching ICT at his son’s school, he was drawn to the idea of a $35 computer to aid the education of his ten-year-old students.

Alex Eames

Alex is truly a member of the Raspberry Pi community, providing support and resources to those new to, and experienced in, the world of the Pi

Less than a month later, Alex started his website, RasPi.TV. The website allowed him to document his progress with the Raspberry Pi, and to curate an easy-to-use reference library for others.

“I found that when I wanted to learn something new, generally the ‘instructions’ on other Linux sites were either out of date or incomplete. I wanted a place where I could record procedures that I could use again, but that would also be available to others.”

Alex was determined to provide tutorials that worked first time, understanding the frustration for newcomers when their hard work didn’t always pay off. “It’s off-putting for people to follow a list of instructions, get it all right, and then find the process fails,” he says. RasPi.TV was all about “instructions that work first time – even if you’ve never done it before.”

Alex Eames Community Profile

The RasPi.TV website is packed full of tutorials, reviews, and videos, all of which have the aim of helping newcomers and seasoned Raspberry Pi users to expand their skill set and interests. Alex’s YouTube channel boasts more than 8,000 subscribers, with viewing figures of well over 1.5 million across his 121 videos.

In 2012, Alex began to build his own RasPiO boards, with the first releases making an appearance in March 2014. The GPIO labeller, Breakout, and Breakout Pro were successful across the community, earning an honourable mention on the official Raspberry Pi blog. The Pro has since been upgraded to the Pro HAT, while the labeller has been replaced with a newer 40-pin version. The RasPiO collection has now increased to ten different units, each available for direct purchase from the website. A few originally found their feet via successful crowdfunding campaigns.

Alex Eames Community Profile

The RasPiO family is a series of add-on boards, port labellers, GPIO rulers, and tools to aid makers in building with the Raspberry Pi. The ruler, for example, offers GPIO pin reference for easy identification, along with a code reference for using the GPIO Zero library.

Even if you’ve yet to visit either RasPi.TV or Alex’s YouTube channel, the chances are that you’ve seen one aspect of his online contribution to the Raspberry Pi Community. Alex maintains a Raspberry Pi ‘family photo’ on his website, showcasing every model built across the years. It’s a picture that often does the rounds of blogs, news articles, and social media.

Raspberry Pi Family Photo 2017

Updated 28th Feb 2017 to include the newly released Raspberry Pi Zero W

Outside of his life of Pi, Alex has a background in analytical chemistry, a profession that certainly explains his desire for the clean, precise, and well-tested tutorials that brought about the creation of RasPi.TV. From working as a translator to writing his own e-books, Alex is definitely well suited to the maker life, moving on from his past life of pharmaceutical development.

Duinocam designed by Alex Eames

The Duinocam is set up in Alex’s home in Poland. During daylight hours, it emails him photos and temperature data while also responding to tweeted commands
such as video capture and upload. Using a Pi Model B, a RasPiO Duino, a Camera Module, and two servos, the unit can pan and tilt to survey the area.

His tutorial and review videos on YouTube reach viewing figures in the thousands, with his popular Raspberry Pi DSI Display Launch video garnering close to 300,000 views at the time of writing of this article. While Alex has updated us on his newest unreleased projects and plans, we’ll keep them quiet for now. You’ll have to watch the RasPi.TV website for details.

Note – Since writing this article, Alex has continued his work, producing new content to support the Raspberry Pi Zero W, while also releasing his newest crowdfunding campaign, RasPiO InsPiRing.

The post Community Profile: Alex Eames appeared first on Raspberry Pi.

eBook Pirates Are Relatively Old and Wealthy, Study Finds

Post Syndicated from Andy original https://torrentfreak.com/wealthy-older-people-more-likely-to-pirate-ebooks-study-finds-170316/

In 2017, people can download any digital content they like from the Internet, but that’s still most likely to be movies, TV shows and music. Bubbling underneath, however, is a steady demand for pirated eBooks.

Ebooks are relatively cheap when compared to other digital content, but their handy file size and ubiquity ensures that millions of titles are just a few convenient clicks away.

A new study, commissioned by anti-piracy company Digimarc and conducted by Nielsen, aims to shine light on eBook piracy. It was presented yesterday at The London Book Fair and aims to better understand how eBook piracy affects revenue and how publishers can prevent it.

In previous studies, it has been younger downloaders that have grabbed much of the attention, and this one is no different. Digimarc reveals that 41% of all adult pirates are aged between 18 and 29 but perhaps surprisingly, 47% fall into the 30 to 44-year-old bracket. At this point, things tail off very quickly, as the remaining ~13% are aged 45 or up.

There are also some surprises when it comes to pirates’ income. Cost is often cited as a factor when justifying downloading for free, and this study has similar findings. In this case, however, richer persons are generally more likely they are to download.

Around 13% of pirates have an annual household income of under $30k, with those earning between $30k and $59k making up 19% of the total. At this point there is a sizeable leap, with 36% of pirates claiming to earn between $60k and $99k per annum. Around 29% make more than $100k a year.

Overall, the majority of illegal downloaders are relatively well-educated, with more than 70% having either graduated from college or in possession of a post graduate degree.

Taken together, this means that e-book pirates are often older wealthy people with a good education, which is probably close to the profile of the average ebook reader.

Also of interest are the methods used by pirates to obtain their eBook fix. Sharing joint top position with 31% are public torrent sites (such as The Pirate Bay) and cyberlocker sources such as 4shared or Uploaded.

These relatively high-tech solutions are closely followed by 30% who swap eBooks with friends using instant messaging, email or even flash drives. Just over a quarter acquire eBooks from places such as eBay, with an equal 27% obtaining from friends using services such as Dropbox.

Given the majority of pirates’ ability to pay, it comes as no surprise that convenience is the number one driver for people obtaining content from torrent sites. Cost still takes the number two position but a not inconsiderable four out of ten still believe that online retailers are lacking when it comes to content availability.

Nevertheless, plenty of pirates still frequent legal resources.

42% said that they buy eBooks from online platforms including Amazon and iTunes, with 32% going directly to the publishers’ own websites. Just shy of 30% access eBooks using a monthly subscription account such as Amazon Unlimited, while around a quarter frequent out-of-copyright resources including Gutenberg.org.

Part of Digimarc’s job is to help clients reduce the prevalence of illegal downloading and the study provides some pointers in that area too. The main takeaway is that if pirates can be convinced that their equipment is at risk from piracy (a common strategy lately), then a majority would reconsider to some degree.

A total of 49% said they would be ‘much less’ likely to download if that was the case, with 34% indicating they would be ‘somewhat’ less likely to do so. 18% indicated they wouldn’t change their habits at all. Similar numbers said the same about the risk of being caught, figures that drop only slightly when pirates are confronted with potential harm done to authors.

Finally, Digimarc has a stab at some market estimates. The company concludes that around 22% of eBook consumers pirate, taking away around 33% of the market at a cost of $315m.

“When it comes to book piracy, you can’t prevent what you can’t predict. This is the challenge for publishers as they grapple with preventing illegal piracy,” says Devon Weston, director, market development, Digimarc Guardian.

“Our new Nielsen data makes it clear these pirates don’t fit a typical criminal profile. They access digital content from a vast universe of web pages, social platforms and file sharing portals. Our aim is to break down the problem for publishers and help them develop an effective prevention strategy.”

The full study can be downloaded here or here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Australian Govt Advisory Body Digs in Over Fair Use & Geo-Unblocking

Post Syndicated from Andy original https://torrentfreak.com/australian-govt-agency-digs-in-over-fair-use-geo-unblocking-161222/

copyright-bloodEarlier this year, Australia’s Productivity Commission released a draft report covering various aspects of the country’s intellectual property system.

Among the Commission’s recommendations was advice to the government that it should allow citizens to access geo-blocked content in order for them to obtain the best deals on international content.

“Geoblocking results in Australians paying higher prices (often for a lesser or later service) than consumers overseas,” the draft read.

The report also urged the introduction of fair use provisions into local copyright law instead of the current “fair dealing” arrangement.

“Australia’s copyright system has expanded over time, often with no transparent, evidence-based policy analysis demonstrating the need for, or quantum of, new rights. A new system of user rights, including the introduction of a broad, principles-based fair use exception, is needed to help address this imbalance,” the report said.

During the summer, copyright holders fought back, claiming that fair use would have a negative effect on creation. Music group IFPI, for example, warned that fair use would threaten innovation and disadvantage creators while creating legal uncertainty.

“Licensing, not exceptions to copyright, drives innovation. Innovation is best achieved through licensing agreements between content owners and users, including technological innovators,” IFPI said. In December, similar arguments were presented in a new campaign championed by local celebrities.

But in a final inquiry report sent to the government in September and published this week, the Commission’s position remains unmoved.

“Rights holders have argued against the adoption of fair use in Australia. They claim that by design, fair use is imprecise and would create significant legal uncertainty for both rightsholders and users. Initial uncertainty is not a compelling reason to eschew a fair use exception, especially if it serves to preserve poor policy outcomes,” the Commission writes.

“Australia’s current exceptions are themselves subject to legal uncertainty, and evidence suggests that fair use cases, as shown in the US, are more predictable than rights holders argue. Moreover, courts routinely apply principles-based law to new cases, such as in consumer and employment law, updating case law when the circumstances warrant doing so.”

The Commission says that over time, both rightsholders and users will become “increasingly comfortable” when making judgments over what is and is not fair use. In the event that Courts are called on to decide, four factors should be considered.

• the purpose and character of the use
• the nature of the copyright material
• the amount and substantiality of the part used
• the effect of the use upon the potential market for, or value of, the copyright material.

“Rights holders also argued fair use would significantly reduce their incentives to create and invest in new works, holding up Canada as an example. Some have proclaimed that fair use will equate with ‘free use’, particularly by the education sector. But these concerns are ill-founded and premised on flawed (and self-interested) assumptions,” the Commission writes.

“Indeed, rather than ignore the interests of rights holders, under fair use the effect on the rights holder is one of the factors to be considered. Where a use of copyright material harms a rights holder, the use is less likely to be considered fair. In the US, where fair use is long established, creative industries thrive.”

Fair Use recommedation from the Commissionrecco-51

And when it comes to allowing Australians unfettered access to legitimate content, the Commission remains equally unmoved. It notes that prompt access to reasonably priced content is vital in the fight against piracy and the government should change the law to make it clear to consumers that they have the right to obtain content from overseas, should that mean getting a better deal.

“Research consistently demonstrates that timely and cost effective access to
copyright-protected works is the best way for industry to reduce online copyright
infringement. Therefore, in addition to implementing a new exception for fair use, the Commission is recommending making it easier for users to access legitimate copyright-protected content,” the inquiry report reads.

“Studies show Australian consumers systematically pay higher prices for professional software, music, games and e-books than consumers in comparable overseas markets. While some digital savvy consumers are able to avoid these costs (such as through the use of proxy servers and Virtual Private Networks), most pay inflated prices for lower standard services and some will ultimately infringe.

“The Australian Government should make clear that it is not an infringement of Australia’s copyright system for consumers to circumvent geoblocking technology and should avoid international obligations that would preclude such practices,” it adds.

Anti-Geoblocking recommendation from the Commissionrecco-52

The Intellectual Property Arrangements final inquiry report is available here.

Note: An earlier version of this article referred to the Productivity Commission as an “agency”. That has been corrected to “advisory body”.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

In Case You Missed These: AWS Security Blog Posts from September and October

Post Syndicated from Craig Liebendorfer original https://aws.amazon.com/blogs/security/in-case-you-missed-these-aws-security-blog-posts-from-september-and-october/

In case you missed any AWS Security Blog posts from September and October, they are summarized and linked to below. The posts are shown in reverse chronological order (most recent first), and the subject matter ranges from enabling multi-factor authentication on your AWS API calls to using Amazon CloudWatch Events to monitor application health.


October 30: Register for and Attend This November 10 Webinar—Introduction to Three AWS Security Services
As part of the AWS Webinar Series, AWS will present Introduction to Three AWS Security Services on Thursday, November 10. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time. AWS Solutions Architect Pierre Liddle shows how AWS Identity and Access Management (IAM), AWS Config Rules, and AWS Cloud Trail can help you maintain control of your environment. In a live demo, Pierre shows you how to track changes, monitor compliance, and keep an audit record of API requests.

October 26: How to Enable MFA Protection on Your AWS API Calls
Multi-factor authentication (MFA) provides an additional layer of security for sensitive API calls, such as terminating Amazon EC2 instances or deleting important objects stored in an Amazon S3 bucket. In some cases, you may want to require users to authenticate with an MFA code before performing specific API requests, and by using AWS Identity and Access Management (IAM) policies, you can specify which API actions a user is allowed to access. In this blog post, I show how to enable an MFA device for an IAM user and author IAM policies that require MFA to perform certain API actions such as EC2’s TerminateInstances.

October 19: Reserved Seating Now Open for AWS re:Invent 2016 Sessions
Reserved seating is new to re:Invent this year and is now open! Some important things you should know about reserved seating:

  1. All sessions have a predetermined number of seats available and must be reserved ahead of time.
  2. If a session is full, you can join a waitlist.
  3. Waitlisted attendees will receive a seat in the order in which they were added to the waitlist and will be notified via email if and when a seat is reserved.
  4. Only one session can be reserved for any given time slot (in other words, you cannot double-book a time slot on your re:Invent calendar).
  5. Don’t be late! The minute the session begins, if you have not badged in, attendees waiting in line at the door might receive your seat.
  6. Waitlisting will not be supported onsite and will be turned off 7-14 days before the beginning of the conference.

October 17: How to Help Achieve Mobile App Transport Security (ATS) Compliance by Using Amazon CloudFront and AWS Certificate Manager
Web and application users and organizations have expressed a growing desire to conduct most of their HTTP communication securely by using HTTPS. At its 2016 Worldwide Developers Conference, Apple announced that starting in January 2017, apps submitted to its App Store will be required to support App Transport Security (ATS). ATS requires all connections to web services to use HTTPS and TLS version 1.2. In addition, Google has announced that starting in January 2017, new versions of its Chrome web browser will mark HTTP websites as being “not secure.” In this post, I show how you can generate Secure Sockets Layer (SSL) or Transport Layer Security (TLS) certificates by using AWS Certificate Manager (ACM), apply the certificates to your Amazon CloudFront distributions, and deliver your websites and APIs over HTTPS.

October 5: Meet AWS Security Team Members at Grace Hopper 2016
For those of you joining this year’s Grace Hopper Celebration of Women in Computing in Houston, you may already know the conference will have a number of security-specific sessions. A group of women from AWS Security will be at the conference, and we would love to meet you to talk about your cloud security and compliance questions. Are you a student, an IT security veteran, or an experienced techie looking to move into security? Make sure to find us to talk about career opportunities.


September 29: How to Create a Custom AMI with Encrypted Amazon EBS Snapshots and Share It with Other Accounts and Regions
An Amazon Machine Image (AMI) provides the information required to launch an instance (a virtual server) in your AWS environment. You can launch an instance from a public AMI, customize the instance to meet your security and business needs, and save configurations as a custom AMI. With the recent release of the ability to copy encrypted Amazon Elastic Block Store (Amazon EBS) snapshots between accounts, you now can create AMIs with encrypted snapshots by using AWS Key Management Service (KMS) and make your AMIs available to users across accounts and regions. This allows you to create your AMIs with required hardening and configurations, launch consistent instances globally based on the custom AMI, and increase performance and availability by distributing your workload while meeting your security and compliance requirements to protect your data.

September 19: 32 Security and Compliance Sessions Now Live in the re:Invent 2016 Session Catalog
AWS re:Invent 2016 begins November 28, and now, the live session catalog includes 32 security and compliance sessions. 19 of these sessions are in the Security & Compliance track and 13 are in the re:Source Mini Con for Security Services. All 32se titles and abstracts are included below.

September 8: Automated Reasoning and Amazon s2n
In June 2015, AWS Chief Information Security Officer Stephen Schmidt introduced AWS’s new Open Source implementation of the SSL/TLS network encryption protocols, Amazon s2n. s2n is a library that has been designed to be small and fast, with the goal of providing you with network encryption that is more easily understood and fully auditable. In the 14 months since that announcement, development on s2n has continued, and we have merged more than 100 pull requests from 15 contributors on GitHub. Those active contributors include members of the Amazon S3, Amazon CloudFront, Elastic Load Balancing, AWS Cryptography Engineering, Kernel and OS, and Automated Reasoning teams, as well as 8 external, non-Amazon Open Source contributors.

September 6: IAM Service Last Accessed Data Now Available for the Asia Pacific (Mumbai) Region
In December, AWS Identity and Access Management (IAM) released service last accessed data, which helps you identify overly permissive policies attached to an IAM entity (a user, group, or role). Today, we have extended service last accessed data to support the recently launched Asia Pacific (Mumbai) Region. With this release, you can now view the date when an IAM entity last accessed an AWS service in this region. You can use this information to identify unnecessary permissions and update policies to remove access to unused services.

If you have questions about or issues with implementing the solutions in any of these posts, please start a new thread on the AWS IAM forum.

– Craig

Reserved Seating Now Open for AWS re:Invent 2016 Sessions

Post Syndicated from Craig Liebendorfer original https://aws.amazon.com/blogs/security/reserved-seating-now-open-for-reinvent-2016-sessions/

re:Invent 2016 logo

Reserved seating is new to re:Invent this year and is now open! Some important things you should know about reserved seating:

  1. All sessions have a predetermined number of seats available and must be reserved ahead of time.
  2. If a session is full, you can join a waitlist.
  3. Waitlisted attendees will receive a seat in the order in which they were added to the waitlist and will be notified via email if and when a seat is reserved.
  4. Only one session can be reserved for any given time slot (in other words, you cannot double-book a time slot on your re:Invent calendar).
  5. Don’t be late! The minute the session begins, if you have not badged in, attendees waiting in line at the door might receive your seat.
  6. Waitlisting will not be supported onsite and will be turned off 7-14 days before the beginning of the conference.

You can watch a 23-minute video that explains reserved seating and how to start reserving your seats today.

Or you can log in and start reserving seats now. That login page is also available from the AWS re:Invent 2016 home page.

– Craig

AWS Hot Startups – September 2016

Post Syndicated from Jeff Barr original https://aws.amazon.com/blogs/aws/aws-hot-startups-september-2016/

Tina Barr is back with this month’s hot startups on AWS!


It’s officially fall so warm up that hot cider and check out this month’s great AWS-powered startups:

  • Funding Circle – The leading online marketplace for business loans.
  • Karhoo – A ride comparison app.
  • nearbuy – Connecting customers and local merchants across India.

Funding Circle (UK)
Funding Circle is one of the world’s leading direct lending platforms for business loans, where people and organizations can invest in successful small businesses. The platform was established in 2010 by co-founders Samir Desai, James Meekings, and Andrew Mullinger as a direct response to the noncompetitive lending market that exists in the UK. Funding Circle’s goal was to create the infrastructure – similar to a stock exchange or bond market – where any investor could lend to small businesses. With Funding Circle, individuals, financial institutions, and even governments can lend to creditworthy small businesses using an online direct lending platform. Since its inception, Funding Circle has raised $300M in equity capital from the same investors that backed Facebook, Twitter, and Sky. The platform expanded to the US market in October 2013 and launched across Continental Europe in October 2015.

Funding Circle has given businesses the ability to apply online for loans much faster than they could through traditional routes due in part to the absence of high overhead branch costs and legacy IT issues. Their investors include more than 50,000 individuals, the Government-backed British Business Bank, the European Investment Bank, and many local councils and large financial institutions. To date, more than £1.4 billion has been lent through the platform to nearly 16,000 small businesses in the UK alone. Funding Circle’s growth has led independent experts to predict that it will see strong growth in the UK business lending market within a decade. The platform has also made a huge impact in the UK economy – boosting it by £2.7 billion, creating up to 40,000 new jobs, and helping to build more than 2,000 new homes.

As a regulated business, Funding Circle needs separate infrastructure in multiple geographies. AWS provides similar services across all of Funding Circle’s territories. They use the full AWS stack from the top, with Amazon Route 53 directing traffic across global Amazon EC2 instances, to data analytics with Amazon Redshift.

Check out this short video to learn more about how Funding Circle works!

Karhoo (New York)
Daniel Ishag, founder and CEO of Karhoo, found himself in a situation many of us have probably been in. He was in a hotel in California using an app to call a cab from one of the big on-demand services. The driver cancelled. Daniel tried three or four different companies and again, they all cancelled. The very next day he was booking a flight when he saw all of the ways in which travel companies clearly presented airline choices for travelers. Daniel realized that there was great potential to translate this to ground transportation – specifically with taxis and licensed private hire. Within 48 hours of this realization, he was on his way to Bombay to prototype the product.

Karhoo is the global cab comparison and booking app that provides passengers with more choices each time they book a ride. By connecting directly to the fleet dispatch system of established black cab, minicab, and executive car operators, the app allows passengers to choose the ride they want, at the right price with no surge pricing. The vendor-neutral platform also gives passengers the ability to pre-book their rides days or months in advance. With over 500,000 cars on the platform, Karhoo is changing the landscape of the on-demand transport industry.

In order to build a scalable business, Karhoo uses AWS to implement many independent integration projects, run an operation that is data-driven, and experiment with tools and technologies without committing to heavy costs. They utilize Amazon S3 for storage and Amazon EC2, Amazon Redshift, and Amazon RDS for operation. Karhoo also uses Amazon EMR, Amazon ElastiCache, and Amazon SES and is looking into future products such as a mobile device testing farm.

Check out Karhoo’s blog to keep up with their latest news!

nearbuy (India)
nearbuy is India’s first hyper-local online platform that gives consumers and local merchants a place to discover and interact with each other. They help consumers find some of the best deals in food, beauty, health, hotels, and more in over 30 cities in India. Here’s how to use them:

  • Explore options and deals at restaurants, spas, gyms, movies, hotels and more around you.
  • Buy easily and securely, using credit/debit cards, net-banking, or wallets.
  • Enjoy the service by simply showing your voucher on the nearbuy app (iOS and Android).

After continuously observing the amount of time people were spending on their mobile phones, six passionate individuals decided to build a product that allowed for all goods and services in India to be purchased online. nearbuy has been able to make the time gap between purchase and consumption almost instant, make experiences more relevant by offering them at the user’s current location, and allow services such as appointments and payments to be made from the app itself. The nearbuy team is currently charting a path to define how services can and will be bought online in India.

nearbuy chose AWS in order to reduce its time to market while aggressively scaling their operations. They leverage Amazon EC2 heavily and were one of the few companies in the region running their  entire production load on EC2. The container-based approach has not only helped nearbuy significantly reduce its infrastructure cost, but has also enabled them to implement CI+CD (Continuous Integration / Continuous Deployment), which has reduced time to ship exponentially.

Stay connected to nearbuy by following them at https://medium.com/@nearbuy.

Tina Barr

Desktop Sense HAT emulator

Post Syndicated from David Honess original https://www.raspberrypi.org/blog/desktop-sense-hat-emulator/

If this post gives you a sense of déjà-vu it’s because, last month, we announced a web-based Sense HAT emulator in partnership with US-based startup Trinket.

Today, we’re announcing another Sense HAT emulator designed to run natively on your Raspberry Pi desktop, instead of inside a browser. Developed by Dave Jones, it’s intended for people who own a Raspberry Pi but not a Sense HAT. In the picture below, the sliders are used to change the values reported by the sensors while your code is running.


So, why do we need two versions?

  • For offline use, possibly the most common way Raspberry Pis are used in the classroom.
  • To accommodate the oldest 256 MB models of Raspberry Pi which cannot run the web version.
  • To allow you to integrate your Sense HAT program with any available Python modules, or other Raspberry Pi features such as the Camera Module.

The emulator will come pre-installed in the next Raspbian release but, for now, you can just install it by typing the commands below into a terminal window:

sudo apt-get update
sudo apt-get install python-sense-emu python3-sense-emu python-sense-emu-doc sense-emu-tools -y

You can then access it from the Desktop menu, under Programming.

The emulator closely simulates the Sense HAT hardware being attached to your Pi. You can read from the sensors or write to the LED matrix using multiple Python processes, for example.


Write your code in IDLE as before; there are also a number of examples that can be opened from the emulator’s built-in menu. If you then want to port your code to a physical Sense HAT, you just need to change




at the top of your program. Reverse this if you’re porting a physical Sense HAT program to the emulator, perhaps from one of our educational resources; this step isn’t required in the web version of the emulator.


There are a number of preferences that you can adjust to change the behaviour of the emulator, most notably sensor simulation, otherwise known as jitter. This costs some CPU time, and is disabled by default on the low-end Raspberry Pis, but it provides a realistic experience of how the hardware sensors would behave. You’ll see that the values being returned in your code drift according to the known error tolerances of the physical sensors used on the Sense HAT.

This emulator will allow more Raspberry Pi users to participate in future Astro Pi competitions without having to buy a Sense HAT: ideal for the classroom where 15 Sense HATs may be beyond the budget.

So, where do you start? If you’re new to the Sense HAT, you can just copy and paste many of the code examples from our educational resources, like this one. You can also check out our e-book Sense HAT Essentials. For a complete list of all the functions you can use, have a look at the Sense HAT API reference here.

You can even install this emulator on other types of Linux desktop, such as Ubuntu! For more information on how to do this, please visit the emulator documentation pages here.

The post Desktop Sense HAT emulator appeared first on Raspberry Pi.

Court: Uploaded.net Failed to Prevent Piracy, Faces Damages

Post Syndicated from Ernesto original https://torrentfreak.com/court-uploaded-net-failed-to-prevent-piracy-faces-damages-160812/

uploadedlogoWith millions of visitors per month, Uploaded is one of the largest file-hosting services on the Internet.

Like many of its ‘cloud hosting’ competitors, the service is also used to share copyright infringing material, which is a thorn in the side of various copyright holder groups.

In Germany this prompted music rights group GEMA, which represents roughly 70,000 artists, to address the matter in court.

This week the Regional Court of Munich ruled that Uploaded must take a more proactive stance when it comes to online piracy. In its current form the site can be held liable for the infringements of its users, which means that it faces damages.

According to the court order, Uploaded is not only obliged to remove infringing files when they are reported. It must also take additional measures, such as preventing the same files from being uploaded again.

This is similar to the “take-down and stay-down” principle copyright holder worldwide are lobbying for.

Overall, the court found that Uploaded’s business model is “risk-inducing” and “dangerous for copyright owners,” highlighting the anonymity of users and the referral program as factors that increase the service’s liability.

Like other file-hosting services, Uploaded allows users to generate revenue by referring new customers to the site.

Uploaded referral program


GEMA CEO Dr. Harald Heker is happy with the outcome and calls for a regulatory framework where site operators are held responsible for the piracy that occurs though their services.

“File-hosting services earn a lot of money though the exploitation of creative content. Copyright infringements are willingly accepted. This imbalance hurts our members and is something we can’t accept,” he says.

Uploaded’s parent company Cyando AG has yet to comment on the ruling.

This is not the first case Uploaded has lost in Germany, Rasch lawyer Mirko Brüß informs TorrentFreak. In April the company lost a similar case against the Association of American Publishers, which dealt with pirated e-books.

“What the judgments have in common is that, according to the court, Uploaded is not only obliged to take down content when they are notified of an infringement. They also have to take proactive measures to prevent the same work from being re-uploaded and made available for download again.”

While Uploaded can be held liable for damages, the court order is not yet legally binding and is likely to be appealed. In any case, a follow-up case is required to establish an exact damages amount.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Sense HAT emulator

Post Syndicated from David Honess original https://www.raspberrypi.org/blog/sense-hat-emulator/

Over the last few months, we’ve been working with US-based startup Trinket to develop a web-based emulator for the Sense HAT, the multipurpose add-on board for the Raspberry Pi which is also the core component of the Astro Pi units on the International Space Station. We wanted to provide a unique, free learning resource that brings the excitement of programming our space-qualified hardware to students, teachers, and others all over the world.

We’re delighted to announce its release today, and you can try it for yourself right now. Click the Run button below and see what happens!


The emulator will allow more people to participate in future Astro Pi competitions – you’ll be able to join in without needing to own a Raspberry Pi computer or a Sense HAT.

British ESA Astronaut Tim Peake with an Astro Pi unit on the International Space Station

British ESA Astronaut Tim Peake with the Astro Pi. Image credit ESA

The new emulator builds on Trinket’s existing Python-in-browser platform, and provides the following features:

  • Virtual Sense HAT with environmental controls and joystick input
  • Full Python syntax highlighting
  • Contextual auto-complete
  • Intuitive error reporting and highlighting
  • Image upload
  • HTML page embedding
  • Social media integration
  • Project sharing via direct URL
  • Project download as zip (for moving to Raspberry Pi)
  • All major browsers supported


The Sense HAT has temperature, pressure and humidity sensors, and can change its behaviour according to the values they report. The Sense HAT emulator has sliders you can move to change these values, so you can test how your code responds to environmental variables.

Part of a screenshot of the Astro Pi emulator, showing three silders with buttons that can be dragged to change the temperature, pressure and humidity that the virtual Sense HAT's sensors are reporting

You can move the sliders to change what the sensors are reporting

Code written in this emulator is directly portable to a physical Raspberry Pi with a Sense HAT without modification. This means any code you write can be run by the Astro Pi units on board the ISS! It is our hope that, within the next 12 months, code that has been written in the emulator will run in space. Look out for news on this, coming soon on the Astro Pi site!

We owe huge thanks to Trinket, who have been wonderful partners in this project. The development work has been completed in just over two months, and has been a huge collaborative effort from the start. The software relies heavily on open-source technology and a global community of developers who are committed to making the power of code more accessible to students.

A closed group of beta testers, made up of previous Astro Pi participants and Code Club champions, has been putting the emulator through its paces over recent weeks. We’re proud to say that we’ve just had a bug-free open beta over the weekend, and now we’re looking forward to seeing it used as widely as possible.

So, where do you start? If you’re new to the Sense HAT, you can just copy and paste a lot of the code examples from our educational resources like this one. You can also check out our e-book Sense HAT Essentials. For a complete list of all the functions you can use, have a look at the Sense HAT API reference here; please note that the IMU (movement-sensing) functions will be supported in a future update. Head over to the main Sense HAT emulator site to see loads of other cool examples of what’s possible. Flappy LED, anyone?

Don’t forget to share your projects!

The post Sense HAT emulator appeared first on Raspberry Pi.

‘Tor and Bitcoin Hinder Anti-Piracy Efforts’

Post Syndicated from Ernesto original https://torrentfreak.com/tor-and-bitcoin-hinder-anti-piracy-efforts-160715/

euipoTo avoid enforcement efforts, pirate sites often go to extremes to hide themselves from rightsholders and authorities.

Increasingly, this also means that they use various encryption technologies to increase their resilience and anonymity.

Several of these techniques are highlighted in a new report published by the European Union Intellectual Property Office (EUIPO).

The report gives a broad overview of the business models that are used to illegally exploit intellectual property. This includes websites dedicated to counterfeit goods, but also online piracy hubs such as torrent sites and file-hosting platforms.

EUIPO hopes that mapping out these business models will help to counter the ongoing threat they face.

“The study will provide enhanced understanding to policymakers, civil society and private businesses. At the same time, it will help to identify and better understand the range of responses necessary to tackle the challenge of large scale online IPR infringements,” EUIPO notes.

According to the research, several infringing business models rely on encryption-based technologies. The Tor network and Bitcoin, for example, are repeatedly mentioned as part of this “shadow landscape”.

“It more and more relies on new encrypted technologies like the TOR browser and the Bitcoin virtual currency, which are employed by infringers of IPR to generate income and hide the proceeds of crime from the authorities,” the report reads.

According to the report, Bitcoin’s threat is that the transactions can’t be easily traced to a person or company. This is problematic, since copyright enforcement efforts are often based on a follow-the-money approach.

“There are no public records connecting Bitcoin wallet IDs with personal information of individuals. Because of these Bitcoin transactions are considered semi-anonymous,” EUIPO writes.

Similarly, sites and services that operate on the darknet, such as the Tor network, are harder to take down. Their domain names can’t be seized, for example, and darknet sites are not subject to ISP blockades.

“Through the use of TOR, a user’s Internet traffic is encrypted and routed in specific ways to achieve security and anonymity,” the report notes.

While the report doesn’t list any names, it describes various popular torrent, streaming and file-hosting sites. In one specific case, it mentions an e-book portal that operates exclusively on the darknet, generating revenue from Bitcoin donations.

Most traditional pirate sites still operate on the ‘open’ Internet. However, several sites now allow users to donate Bitcoin and both The Pirate Bay and KickassTorrents both have a dedicated darknet address as well.

EUIPO is clearly worried about these developments, but the group doesn’t advocate a ban of encryption-based services as they also have legitimate purposes.

However, it signals that these and other trends should be followed with interest, as they make it harder to tackle various forms of counterfeiting and piracy online.

As part of the efforts to cut back various forms of copyright infringement, EUIPO also announced a new partnership with Europol this week. The organizations launched the Intellectual Property Crime Coordinated Coalition which aims to strengthen the fight against counterfeiting and piracy.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Learn to code with Scratch with The MagPi’s latest e-book

Post Syndicated from Russell Barnes original https://www.raspberrypi.org/blog/learn-code-scratch-magpis-latest-essentials-e-book/

Scratch is the world-leading visual programming language, created by the boffins at MIT. It’s designed to help kids of all ages learn about computer science within minutes. We think it’s rather cool, and it’s been a core part of Raspberry Pi’s software offering since day one for very obvious reasons.

We’ve been working for a while now to dedicate a new Essentials book to it, and we’re ultra-chuffed to let you know that it’s out now!


Click the cover to download it today!

The book, which you can download as a free PDF, includes chapters built from some of the excellent articles we’ve featured in the magazine, the amazing learning resources from Raspberry Pi, and even the outstanding material created by our chums at Code Club.

It features 13 jam-packed chapters that help you:

  • Master the different block types
  • Create animations and add interactive elements
  • Build your first games and applications
  • Make and control electronic circuits
  • Understand every block
  • and much, much more!

With our help, we think you’ll find that Scratch isn’t just a great way to learn to program, but lots of fun too!

You can buy Learn to Code with Scratch as an in-app purchase on our free Android and iOS app, as well as the usual PDF download.

Excuse us – we’re off to celebrate!

Learn to Code with Scratch is freely licensed under Creative Commons (BY-SA-NC 3.0). You can download the PDF free now and forever, but buying digitally supports the Raspberry Pi Foundation’s charitable mission to democratise computing and educate kids all over the world.

The post Learn to code with Scratch with The MagPi’s latest e-book appeared first on Raspberry Pi.

A Quick Guide to iCloud and iTunes Backups for Your iPhone and iPad

Post Syndicated from Peter Cohen original https://www.backblaze.com/blog/how-to-backup-iphone-and-ipad/

iCloud and iTunes Restores
Backing up your computer is important, and so is backing up your mobile devices. A single drop to your iPhone or your iPad, a spill or a moment of carelessness can destroy the device forever, but if your data is backed up, you won’t lose any of your precious info. It’s also a really good idea to back up your device before you upgrade it to the latest version of iOS.

If you’re using iCloud Backup or iTunes to back up your iPhone, iPad or iPod Touch, you might want to read this to understand how those backups work, and what else you can do to protect your data.

How does iCloud Backup work?

Apple’s tried to make backup less of a chore with iCloud Backup. iCloud Backup, a feature of iOS, lets your iPhone, iPad or iPod touch back up its contents to the cloud.

iCloud Backup happens automatically when your device is getting power, locked, and is connected to Wi-Fi. Once you’ve configured your device for iCloud Backup, you should just be able to rely on the backups to happen periodically when you’re charging.

How to use iCloud Backup on your iPhone, iPad or iPod Touch

  1. Tap Settings.
  2. Tap iCloud.
  3. Tap Backup.
  4. Make sure iCloud Backup is turned on.
  5. You can get a backup started right away by tapping on Back Up Now.


Just make sure to stay on your Wi-Fi network until the backup is done. Here’s how to check your backup’s progress:

  1. Tap Settings.
  2. Tap iCloud.
  3. Tap Storage.
  4. Tap Manage Storage.
  5. Select your device. iOS will show you details about when it was last backed up, and the backup file size.


If you’re looking for the most frictionless way to back up your devices, this is it.
The nice thing about iCloud Backup is that you set it and forget it.

iCloud Backup lets you restore your device from almost anywhere. It also makes upgrading a breeze. When you set up a new iOS device, for example, the system will ask you if you want to restore from an iCloud backup.

I did this the last time I bought an iPhone, and by the time I walked out of the store, my new iPhone was already populated with the same data (and had downloaded the same apps) as my old phone.

There is a downside to iCloud Backup that you need to be aware of. It’s very dependent on a specific set of actions to work:

  1. Your device needs to be connected to a power supply.
  2. Your device needs a Wi-Fi connection (and needs to be connected to the Internet).
  3. Your device needs to be locked.
  4. You have enough space in iCloud to store the backup.

This last item is the killer. Apple only gives you 5 GB of free space with the basic iCloud account. Currently iPhones can have up to 128 GB of storage and iPads can have up to 256 GB of storage. If you have a lot of stuff on your iOS device or in the cloud, it’s trivially easy to exceed your free 5 GB iCloud allowance. Which means your backups won’t happen unless you pay Apple for additional iCloud space.

If you have both an iPhone and an iPad? Forget about it. You have to pay Apple or you won’t have enough space to back up both. Having said that, iCloud storage costs as little as 99 cents per month for 50 gigabytes, $2.99 a month for 200 GB, and $9.99 per month for 1 terabyte of iCloud storage. Not that expensive, but it is another expense.

There’s another caveat, too. iCloud Backup doesn’t back up everything on your phone. Things that aren’t backed up include:

  • Data that’s already in iCloud: Contacts, calendar appointments, notes, your Photo Stream and iCloud Photo Library, for example.
  • Data stored on other cloud services. Gmail, for example, or Microsoft Exchange mail.
  • Your Apple Pay info, and your Touch ID info (if your device is so equipped).
  • Imported media files, like e-books, music and videos you’ve acquired from services besides Apple’s own iTunes, e.g. Amazon.
  • Any App Store or iTunes in the Cloud content (that stuff is still available for re-download in your Purchased Content tab, it’s just an inconvenience to reload).

Most of this makes a lot of sense. Since data is already synced in iCloud and other cloud services, there’s no need to duplicate it in the backup. And as a matter of security, Apple Pay and Touch ID info shouldn’t be kept in a backup either – that info remains the sole domain of specialized hardware on compatible iOS devices called Secure Enclave.

As long as you understand the limits of iCloud Backup, it’s an enormously helpful tool that makes backup, recovery and upgrading a lot easier.

There’s an alternative that doesn’t require you to buy any more space in the cloud and isn’t dependent on a network connection, either: Backing up locally. To do that, you can use iTunes.

How does iTunes backup work?

With iTunes, data on your iPhone or iPad is backed up on your computer – so to be clear, you’re going to need a Mac or Windows PC in order to do this. The good news is that you don’t need an Internet connection, don’t have to pay for iCloud space or any other shenanigans. All you’ll need is enough hard drive space to accommodate the backup.

iTunes is a free download from Apple and comes with OS X.

Initially, to do this, you’ll have to physically connect your iPhone or iPad to your Mac or PC using its USB sync cable. You can configure iTunes to allow backups over Wi-Fi, however, which will save you that step in the future.

How to use iTunes backup

  1. Connect your iOS device to your Mac or PC using the included sync cable.
  2. Double-click iTunes.
  3. You should see an icon for your device appear in the menu bar on the upper left side of the iTunes window. Click on it.
  4. Click Back Up Now to begin backing up your iOS device to your computer. If you want to include account passwords, Health and HomeKit data, you’ll need to make sure the checkbox entitled Encrypt iPhone backup is also checked.
  5. Once the backup is complete, iTunes will show you the backup’s date and time where it says Latest Backups.

iPhone iTunes backup

As with iCloud backup, there are a few limitations you should be aware of with iTunes backup. Some information isn’t backed up, by design:

  • Content from iTunes and App Stores, or PDF files downloaded to iBooks.
  • Imported music synced from iTunes on the computer, videos, books and photos.
  • Photos already stored in the cloud via iCloud Photo Library and My Photo Stream.
  • Touch ID and Apple Pay settings.
  • Activity, Health and Keychain data (passwords), unless you use Encrypted Backups (see above).

Again, most of these limitations make sense – you can re-sync the content you need and some stuff needs to be excluded as a matter of security.

Once you’re done, iTunes maintains a copy of that backup, which you can restore if you ever need to.

The added benefit from syncing your iPhone or iPad to your Mac or PC using iTunes is that when you back up that Mac or PC, you will also back up the contents from your iPhone or iPad.

What about iOS backup apps?

Instead of using iCloud or iTunes, you can use “backup” apps to backup the data on your iOS device. These types of apps can be helpful, but are usually limited to backing up your photos and your contact list. Other information, such as application data, game data, texts, voicemails, etc., is not typically backed up by these non-Apple apps. The most comprehensive way to backup and restore the data on your iPhone is to use either iCloud or iTunes or both.

3-2-1 Backup

Ideally, you should use both iCloud backups and periodic computer backups to make sure you have at least two ways to restore your iPhone or your iPad if you need to. And if you’re a Backblaze user, all the better. Backblaze backs up the contents of the system directory where your iTunes backups are kept, so if you’re using iTunes and Backblaze, you can be sure your iPhone data is safe.

The combination of iCloud backups, iTunes backups and Backblaze provides you with to make sure your mobile data is safe and sound. It’s a variation of the 3-2-1 backup strategy – two local copies plus one in the cloud equals maximum backup protection. But in this case, two backup copies are going to the cloud, and one is staying local.

Hopefully this has helped demystify what iCloud Backup and iTunes are doing to keep your mobile data safe, and what else you can do to make sure you’re protected. Still confused? Have a question? Or do you use a different strategy that you’d like to share? Let us know in the comments.

The post A Quick Guide to iCloud and iTunes Backups for Your iPhone and iPad appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.