Tag Archives: Facebook

Tracking the Owner of Kickass Torrents

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2016/07/tracking_the_ow.html

Here’s the story of how it was done. First, a fake ad on torrent listings linked the site to a Latvian bank account, an e-mail address, and a Facebook page.

Using basic website-tracking services, Der-Yeghiayan was able to uncover (via a reverse DNS search) the hosts of seven apparent KAT website domains: kickasstorrents.com, kat.cr, kickass.to, kat.ph, kastatic.com, thekat.tv and kickass.cr. This dug up two Chicago IP addresses, which were used as KAT name servers for more than four years. Agents were then able to legally gain a copy of the server’s access logs (explaining why it was federal authorities in Chicago that eventually charged Vaulin with his alleged crimes).

Using similar tools, Homeland Security investigators also performed something called a WHOIS lookup on a domain that redirected people to the main KAT site. A WHOIS search can provide the name, address, email and phone number of a website registrant. In the case of kickasstorrents.biz, that was Artem Vaulin from Kharkiv, Ukraine.

Der-Yeghiayan was able to link the email address found in the WHOIS lookup to an Apple email address that Vaulin purportedly used to operate KAT. It’s this Apple account that appears to tie all of pieces of Vaulin’s alleged involvement together.

On July 31st 2015, records provided by Apple show that the me.com account was used to purchase something on iTunes. The logs show that the same IP address was used on the same day to access the KAT Facebook page. After KAT began accepting Bitcoin donations in 2012, $72,767 was moved into a Coinbase account in Vaulin’s name. That Bitcoin wallet was registered with the same me.com email address.

Another article.

KickassTorrents’ Connections to the US Doomed the Site

Post Syndicated from Andy original https://torrentfreak.com/kickasstorrents-connections-to-the-us-doomed-the-site-160723/

katTo the huge disappointment of millions of BitTorrent users, KickassTorrents disappeared this week following an investigation by the Department of Homeland Security in the United States.

With a huge hole now present at the top of the torrent landscape, other sites plus interested groups and individuals will be considering their options. Step up their game and take over the top slot? Cautiously maintain the status quo? Or pull out altogether…

Make no mistake, this is a game of great reward, matched only by the risk. If the DHS complaint is to be believed, Kickass made dozens of millions of euros, enough to tempt even the nerviest of individuals. But while that might attract some, is avoiding detection almost impossible these days?

The complaint against KAT shows that while not inevitable, it’s becoming increasingly difficult. It also shows that carelessness plays a huge part in undermining security and that mistakes made by others in the past are always worth paying attention to.

Servers in the United States

Perhaps most tellingly, in the first instance KAT failed to learn from the ‘mistakes’ made by Megaupload. While the cases are somewhat dissimilar, both entities chose to have a US presence for at least some of their servers. This allowed US authorities to get involved. Not a great start.

“[Since 2008], KAT has relied on a network of computer servers around the world to operate, including computer servers located in Chicago, Illinois,” the complaint against the site reads.

The Chicago server weren’t trivial either.

“According to a reverse DNS search conducted by the hosting company on or about May 5, 2015, that server was the mail client ‘mail.kat.ph’.”

Torrent site mail servers. In the United States. What could go possibly go wrong?

In a word? Everything. In January 2016, DHS obtained a search warrant and cloned the Chicago servers. Somewhat unsurprisingly this gifted investigating agent Jared Der-Yeghiayan (the same guy who infiltrated Silk Road) valuable information.

“I located multiple files that contained unique user information, access logs, and other information. These files include a file titled ‘passwd’ located in the ‘etc’ directory, which was last accessed on or about January 13, 2016, and which identified the users who had access to the operating system,” Der-Yeghiayan said.

Servers in Canada

KAT also ran several servers hosted with Montreal-based Netelligent Hosting Services. There too, KAT was vulnerable.

In response to a Mutual Legal Assistance Treaty request, in April 2016 the Royal Canadian Mounted Police obtained business records associated with KAT’s account and made forensic images of the torrent site’s hard drives.

Why KAT chose Netelligent isn’t clear, but the site should have been aware that the hosting company would be forced to comply with law enforcement requests. After all, it had happened at least once before in a case involving Swedish torrent site, Sparvar.

Mistakes at the beginning

When pirate sites first launch, few admins expect them to become world leaders. If they did, they’d probably approach things a little differently at the start. In KAT’s case, alleged founder Artem Vaulin registered several of the site’s domains in his own name, information that was happily handed to the DHS by US-based hosting company GoDaddy.

Vaulin also used a Gmail account, operated by US-based Google. The complaint doesn’t explicitly say that Google handed over information, but it’s a distinct possibility. In any event, an email sent from that account in 2009 provided a helpful bridge to investigators.

“I changed my gmail. now it’s admin@kickasstorrents.com,” it read.

Forging further connections from his private email accounts to those operated from KAT, in 2012 Vaulin sent ‘test’ emails from KAT email addresses to his Apple address. This, HSI said, signaled the point that Vaulin began using KAT emails for business.

No time to relax, even socially

In addition to using an email account operated by US-based Apple, (in which HSI found Vaulin’s passport and driver’s license details, plus his banking info), the Ukranian also had an iTunes account.

Purchases he made there were logged by Apple, down to the IP address. Then, thanks to information provided by US-based Facebook (notice the recurring Stateside theme?), HSI were able to match that same IP address against a login to KAT’s Facebook page.

Anonymous Bitcoin – not quite

If the irony of the legitimate iTunes purchases didn’t quite hit the spot, the notion that Bitcoin could land someone in trouble should tick all the boxes. According to the complaint, US-based Bitcoin exchange Coinbase handed over information on Vaulin’s business to HSI.

“Records received from the bitcoin exchange company Coinbase revealed that the KAT Bitcoin Donation Address sent bitcoins it received to a user’s account maintained at Coinbase. This account was identified as belonging to Artem Vaulin located in Kharkov, Ukraine,” it reads.

Final thoughts

For a site that the US Government had always insisted was operating overseas, KickassTorrents clearly had a huge number of United States connections. This appears to have made the investigation much more simple than it would have been had the site and its owner had maintained a presence solely in Eastern Europe.

Why the site chose to maintain these connections despite the risks might never be answered, but history has shown us time and again that US-based sites are not only vulnerable but also open to the wrath of the US Government. With decades of prison time at stake, that is clearly bad news.

But for now at least, Vaulin is being detained in Poland, waiting to hear of his fate. Whether or not he’ll quickly be sent to the United States is unclear, but it seems unlikely that a massively prolonged Kim Dotcom-style extradition battle is on the agenda. A smaller one might be, however.

While the shutdown of KAT and the arrest of its owner came out of the blue, the writing has always been on the wall. The shutdown is just one of several momentous ‘pirate’ events in the past 18 months including the closure (and resurrection) of The Pirate Bay, the dismantling of the main Popcorn Time fork, and the end of YTS/YIFY.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Canadian Man Behind Popular ‘Orcus RAT’

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/07/canadian-man-is-author-of-popular-orcus-rat/

Far too many otherwise intelligent and talented software developers these days apparently think they can get away with writing, selling and supporting malicious software and then couching their commerce as a purely legitimate enterprise. Here’s the story of how I learned the real-life identity of Canadian man who’s laboring under that same illusion as proprietor of one of the most popular and affordable tools for hacking into someone else’s computer.

Earlier this week I heard from Daniel Gallagher, a security professional who occasionally enjoys analyzing new malicious software samples found in the wild. Gallagher said he and members of @malwrhunterteam and @MalwareTechBlog recently got into a Twitter fight with the author of Orcus RAT, a tool they say was explicitly designed to help users remotely compromise and control computers that don’t belong to them.

A still frame from a Youtube video showing Orcus RAT's keylogging ability to steal passwords from Facebook users and other credentials.

A still frame from a Youtube video demonstrating Orcus RAT’s keylogging ability to steal passwords from Facebook and other sites.

The author of Orcus — a person going by the nickname “Ciriis Mcgraw” a.k.a. “Armada” on Twitter and other social networks — claimed that his RAT was in fact a benign “remote administration tool” designed for use by network administrators and not a “remote access Trojan” as critics charged. Gallagher and others took issue with that claim, pointing out that they were increasingly encountering computers that had been infected with Orcus unbeknownst to the legitimate owners of those machines.

The malware researchers noted another reason that Mcgraw couldn’t so easily distance himself from how his clients used the software: He and his team are providing ongoing technical support and help to customers who have purchased Orcus and are having trouble figuring out how to infect new machines or hide their activities online.

What’s more, the range of features and plugins supported by Armada, they argued, go well beyond what a system administrator would look for in a legitimate remote administration client like Teamviewer, including the ability to launch a keylogger that records the victim’s every computer keystroke, as well as a feature that lets the user peek through a victim’s Web cam and disable the light on the camera that alerts users when the camera is switched on.

A new feature of Orcus announced July 7 lets users configure the RAT so that it evades digital forensics tools used by malware researchers, including an anti-debugger and an option that prevents the RAT from running inside of a virtual machine.

Other plugins offered directly from Orcus’s tech support page (PDF) and authored by the RAT’s support team include a “survey bot” designed to “make all of your clients do surveys for cash;” a “USB/.zip/.doc spreader,” intended to help users “spread a file of your choice to all clients via USB/.zip/.doc macros;” a “Virustotal.com checker” made to “check a file of your choice to see if it had been scanned on VirusTotal;” and an “Adsense Injector,” which will “hijack ads on pages and replace them with your Adsense ads and disable adblocker on Chrome.”

WHO IS ARMADA?

Gallagher said he was so struck by the guy’s “smugness” and sheer chutzpah that he decided to look closer at any clues that Ciriis Mcgraw might have left behind as to his real-world identity and location. Sure enough, he found that Ciriis Mcgraw also has a Youtube account under the same name, and that a video Mcgraw posted in July 2013 pointed to a 33-year-old security guard from Toronto, Canada.

ciriis-youtubeGallagher noticed that the video — a bystander recording on the scene of a police shooting of a Toronto man — included a link to the domain policereview[dot]info. A search of the registration records attached to that Web site name show that the domain was registered to a John Revesz in Toronto and to the email address john.revesz@gmail.com.

A reverse WHOIS lookup ordered from Domaintools.com shows the same john.revesz@gmail.com address was used to register at least 20 other domains, including “thereveszfamily.com,” “johnrevesz.com, revesztechnologies[dot]com,” and — perhaps most tellingly —  “lordarmada.info“.

Johnrevesz[dot]com is no longer online, but this cached copy of the site from the indispensable archive.org includes his personal résumé, which states that John Revesz is a network security administrator whose most recent job in that capacity was as an IT systems administrator for TD Bank. Revesz’s LinkedIn profile indicates that for the past year at least he has served as a security guard for GardaWorld International Protective Services, a private security firm based in Montreal.

Revesz’s CV also says he’s the owner of the aforementioned Revesz Technologies, but it’s unclear whether that business actually exists; the company’s Web site currently redirects visitors to a series of sites promoting spammy and scammy surveys, come-ons and giveaways.

IT’S IN THE EULA, STUPID!

Contacted by KrebsOnSecurity, Revesz seemed surprised that I’d connected the dots, but beyond that did not try to disavow ownership of the Orcus RAT.

“Profit was never the intentional goal, however with the years of professional IT networking experience I have myself, knew that proper correct development and structure to the environment is no free venture either,” Revesz wrote in reply to questions about his software. “Utilizing my 15+ years of IT experience I have helped manage Orcus through its development.”

Revesz continued:

“As for your legalities question.  Orcus Remote Administrator in no ways violates Canadian laws for software development or sale.  We neither endorse, allow or authorize any form of misuse of our software.  Our EULA [end user license agreement] and TOS [terms of service] is very clear in this matter. Further we openly and candidly work with those prudent to malware removal to remove Orcus from unwanted use, and lock out offending users which may misuse our software, just as any other company would.”

Revesz said none of the aforementioned plugins were supported by Orcus, and were all developed by third-party developers, and that “Orcus will never allow implementation of such features, and or plugins would be outright blocked on our part.”

In an apparent contradiction to that claim, plugins that allow Orcus users to disable the Webcam light on a computer running the software and one that enables the RAT to be used as a “stresser” to knock sites and individuals users offline are available directly from Orcus Technologies’ Github page.

Revesz’s also offers a service to help people cover their tracks online. Using his alter ego “Armada” on the hacker forum Hackforums[dot]net, Revesz also sells a “bulletproof dynamic DNS service” that promises not to keep records of customer activity.

Dynamic DNS services allow users to have Web sites hosted on servers that frequently change their Internet addresses. This type of service is useful for people who want to host a Web site on a home-based Internet address that may change from time to time, because dynamic DNS services can be used to easily map the domain name to the user’s new Internet address whenever it happens to change.

armadadyndns

Unfortunately, these dynamic DNS providers are extremely popular in the attacker community, because they allow bad guys to keep their malware and scam sites up even when researchers manage to track the attacking IP address and convince the ISP responsible for that address to disconnect the malefactor. In such cases, dynamic DNS allows the owner of the attacking domain to simply re-route the attack site to another Internet address that he controls.

Free dynamic DNS providers tend to report or block suspicious or outright malicious activity on their networks, and may well share evidence about the activity with law enforcement investigators. In contrast, Armada’s dynamic DNS service is managed solely by him, and he promises in his ad on Hackforums that the service — to which he sells subscriptions of various tiers for between $30-$150 per year — will not log customer usage or report anything to law enforcement.

According to writeups by Kaspersky Lab and Heimdal Security, Revesz’s dynamic DNS service has been seen used in connection with malicious botnet activity by another RAT known as Adwind.  Indeed, Revesz’s service appears to involve the domain “nullroute[dot]pw”, which is one of 21 domains registered to a “Ciriis Mcgraw,” (as well as orcus[dot]pw and orcusrat[dot]pw).

I asked Gallagher (the researcher who originally tipped me off about Revesz’s activities) whether he was persuaded at all by Revesz’s arguments that Orcus was just a tool and that Revesz wasn’t responsible for how it was used.

Gallagher said he and his malware researcher friends had private conversations with Revesz in which he seemed to acknowledge that some aspects of the RAT went too far, and promised to release software updates to remove certain objectionable functionalities. But Gallagher said those promises felt more like the actions of someone trying to cover himself.

“I constantly try to question my assumptions and make sure I’m playing devil’s advocate and not jumping the gun,” Gallagher said. “But I think he’s well aware that what he’s doing is hurting people, it’s just now he knows he’s under the microscope and trying to do and say enough to cover himself if it ever comes down to him being questioned by law enforcement.”

Can KickassTorrents Make a Comeback?

Post Syndicated from Ernesto original https://torrentfreak.com/can-kickasstorrents-make-a-comeback-160721/

kickasstorrents_500x500Founded in 2009, KickassTorrents (KAT) grew out to become the largest torrent site on the Internet with millions of visitors a day.

As a result, copyright holders and law enforcement have taken aim at the site in recent years. This resulted in several ISP blockades around the world, but yesterday the big hit came when the site’s alleged founder was arrested in Poland.

Soon after the news was made public KAT disappeared, leaving its users without their favorite site. The question that’s on many people’s minds right now is whether the site will make a Pirate Bay-style comeback.

While it’s impossible to answer this question with certainty, the odds can be more carefully weighed by taking a closer look at the events that led up to the bust and what may follow.

First off, KickassTorrents is now down across all the site’s official domain names. This downtime seems to be voluntary in part, as the authorities haven’t seized the servers. Also, several domains are still in the hands of the KAT-team.

That said, the criminal complaint filed in the U.S. District Court in Chicago does reveal that KAT has been heavily compromised (pdf).

According to the feds, Artem Vaulin, a 30-year-old from Ukraine, is the key player behind the site. Over the years, he obfuscated his connections to the site, but several security holes eventually revealed his identity.

With help from several companies in the United States and abroad, Homeland Security Investigations (HSI) agent Jared Der-Yeghiayan identifies the Ukrainian as the driving force behind the site.

The oldest traces to Vaulin are the WHOIS records for various domains, registered in his name early 2009.

“A review of historical Whois information for KAT….identified that it was registered on or about January 19, 2009, to Artem Vaulin with an address located in Kharkiv, Ukraine,” the affidavit reads.

This matches with records obtained from domain registrar GoDaddy, which indicate that Vaulin purchased three KAT-related domain names around the same time.

The agent further uncovered that the alleged KAT founder used an email address with the nickname “tirm.” The same name was listed as KAT’s “owner” on the site’s “People” page in the early days, but was eventually removed in 2011.

Tirm on KAT’s people page

KATpeople

The HSI agent also looked at several messages posted on KAT, which suggest that “tirm” was actively involved in operating the site.

“As part of this investigation, I also reviewed historical messages posted by tirm, KAT’s purported ‘Owner.’ These postings and others indicate that tirm was actively engaged in the early running of KAT in addition to being listed as an administrator and the website’s owner,” the HSI agent writes.

Assisted by Apple and Facebook the feds were then able to strengthen the link between Vaulin, tirm, and his involvement in the site.

Facebook, for example, handed over IP-address logs from the KAT fanpage. With help from Apple, the investigator was then able to cross-reference this with an IP-address Vaulin used for an iTunes transaction.

“Records provided by Apple showed that tirm@me.com conducted an iTunes transaction using IP Address 109.86.226.203 on or about July 31, 2015. The same IP Address was used on the same day to login into the KAT Facebook Account.”

In addition, Apple appears to have handed over private email conversations which reference KAT, dating back several years. These emails also mention a “kickasstorrent payment,” which is believed to be revenue related.

“I identified a number of emails in the tirm@me.com account relating to Vaulin’s operation of KAT. In particular, between on or about June 8, 2010, and on or about September 3, 2010,” the HSI agent writes.

More recent records show that an IP-address linked to KAT’s Facebook page was also used to access Vaulin’s Coinbase account, suggesting that the Bitcoin wallet also assisted in the investigation.

“Notably, IP address 78.108.178.77 accessed the KAT Facebook Account about a dozen times in September and October 2015. This same IP Address was used to login to Vaulin’s Coinbase account 47 times between on or about January 28, 2014, through on or about November 13, 2014.”

As for the business side, the complaint mentions a variety of ad payments, suggesting that KAT made over a dozen million dollars in revenue per year.

It also identifies the company Cryptoneat as KAT’s front. The Cryptoneat.com domain was registered by Vaulin and LinkedIn lists several employees of the company who were involved in the early development of the site.

“Many of the employees found on LinkedIn who present themselves as working for Cryptoneat are the same employees who received assignments from Vaulin in the KAT alert emails,” the complaint reads.

Interestingly, none of the other employees are identified or charged.

To gather further information on the money side, the feds also orchestrated an undercover operation where they posed as an advertiser. This revealed details of several bank accounts, with one receiving over $28 million in just eight months.

“Those records reflect that the Subject Account received a total of approximately €28,411,357 in deposits between on or about August 28, 2015, and on or about March 10, 2016.”

Bank account

bankkat

Finally, and crucially, the investigators issued a warrant directed at the Canadian webhost of KickassTorrents. This was one of the biggest scores as it provided them with full copies of KAT’s hard drives, including the email server.

“I observed […] that they were all running the same Linux Gentoo operating system, and that they contained files with user information, SSH access logs, and other information, including a file titled ‘passwd’ located in the ‘etc’ directory,” the HSI agent writes.

“I also located numerous files associated with KAT, including directories and logs associated to their name servers, emails and other files,” he adds.

Considering all the information U.S. law enforcement has in its possession, it’s doubtful that KAT will resume its old operation anytime soon.

Technically it won’t be hard to orchestrate a Pirate Bay-style comeback, as there are probably some backups available. However, now that the site has been heavily compromised and an ongoing criminal investigation is underway, it would be a risky endeavor.

Similarly, uploaders and users may also worry about what information the authorities have in their possession. The complaint cites private messages that were sent through KAT, suggesting that the authorities have access to a significant amount of data.

While regular users are unlikely to be targeted, the information may provide useful for future investigations into large-scale uploaders. More clarity on this, the site’s future, and what it means for the torrent ecosystem, is expected to become evident when the dust settles.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Feds Seize KickassTorrents Domains, Arrest Owner

Post Syndicated from Ernesto original https://torrentfreak.com/feds-seize-kickasstorrents-domains-charge-owner-160720/

kickasstorrents_500x500With millions of unique visitors per day KickassTorrents (KAT) has become the most-used torrent site on the Internet, beating even The Pirate Bay.

Today, however, the site has run into a significant roadblock after U.S. authorities announced the arrest of the site’s alleged owner.

The 30-year-old Artem Vaulin, from Ukraine, was arrested today in Poland from where the United States has requested his extradition.

In a criminal complaint filed in U.S. District Court in Chicago, the owner is charged with conspiracy to commit criminal copyright infringement, conspiracy to commit money laundering, and two counts of criminal copyright infringement.

katcomplaint

The complaint further reveals that the feds posed as an advertiser, which revealed a bank account associated with the site.

It also shows that Apple handed over personal details of Vaulin after the investigator cross-referenced an IP-address used for an iTunes transaction with an IP-address that was used to login to KAT’s Facebook account.

“Records provided by Apple showed that tirm@me.com conducted an iTunes transaction using IP Address 109.86.226.203 on or about July 31, 2015. The same IP Address was used on the same day to login into the KAT Facebook,” the complaint reads.

In addition to the arrest in Poland, the court also granted the seizure of a bank account associated with KickassTorrents, as well as several of the site’s domain names.

Commenting on the announcement, Assistant Attorney General Caldwell said that KickassTorrents helped to distribute over $1 billion in pirated files.

“Vaulin is charged with running today’s most visited illegal file-sharing website, responsible for unlawfully distributing well over $1 billion of copyrighted materials.”

“In an effort to evade law enforcement, Vaulin allegedly relied on servers located in countries around the world and moved his domains due to repeated seizures and civil lawsuits. His arrest in Poland, however, demonstrates again that cybercriminals can run, but they cannot hide from justice.”

KAT’s .com and .tv domains are expected to be seized soon by Verisign. For the main Kat.cr domain as well as several others, seziure warrants will be sent to the respective authorities under the MLAT treaty.

At the time of writing the main domain name Kat.cr has trouble loading, but various proxies still appear to work. KAT’s status page doesn’t list any issues, but we assume that this will be updated shortly.

TorrentFreak has reached out to the KAT team for a comment on the news and what it means for the site’s future, but we have yet to hear back.

Breaking story, in depth updates will follow.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Register Now for AWS Summit – New York

Post Syndicated from Craig Liebendorfer original https://blogs.aws.amazon.com/security/post/TxUPB50NPUS6JM/Register-Now-for-AWS-Summit-New-York

The AWS Summit – New York is just around the corner! If you are planning to attend August 10-11, register now because seats are limited. This year’s keynote speaker is Dr. Werner Vogels, Amazon CTO and Vice President, and he will highlight the newest AWS features, services, and customer stories.

Choose one of our full-day bootcamps to get the most out of your Summit experience:

  • AWS Technical Essentials (Introductory Level)
  • Securing Cloud Workloads with DevOps Automation (Expert Level)
  • Build a Serverless, Location-Aware, Search & Recommendations-Enabled Application (Expert Level)
  • Taking AWS Operations to the Next Level (Expert Level)

Stay connected: Join the conversation on Twitter using #AWSSummit, and on Facebook.

We look forward to seeing you in New York!

– Craig

Useless Duck Company

Post Syndicated from Liz Upton original https://www.raspberrypi.org/blog/useless-duck-company/

The Useless Duck Company’s very splendid videos, demonstrating some of their thoughtful and helpful Internet of Things applications, have been making us LITERALLY DIE WITH HAPPINESS (literally!) ever since we discovered them. Even better: we got in touch with the Chief Duck, and he let us know which of his inventions use a Raspberry Pi. Here are two of the most safe-for-work ones.

Sock Removal Robot

Two months ago I made an app for removing socks, but people complained that you need a dog for it to work. I made this robot so everyone can use my app! Patreon – https://www.patreon.com/user?u=3660602 Instagram – https://www.instagram.com/UselessDuck/ Twitter – https://twitter.com/UselessDuck/ Facebook – https://www.facebook.com/UselessDuckCompany/ Music by http://www.bensound.com/

Wireless baby crib

If your baby does not fall asleep after use simply press the button again. Instagram – https://www.instagram.com/UselessDuck/ Twitter – https://twitter.com/UselessDuck/ Facebook – https://www.facebook.com/UselessDuckCompany/ Intro music by http://www.bensound.com/

Useless Duck Company, we salute you. Please invent something to clear up the coffee we’ve all spat across our desks.

 

The post Useless Duck Company appeared first on Raspberry Pi.

VKontakte & Universal Music Close to Anti-Piracy Deal

Post Syndicated from Andy original https://torrentfreak.com/vkontakte-universal-music-close-to-anti-piracy-deal-160715/

For many years, social networking giant vKontakte has been branded one of the world’s worst facilitators of copyright infringement.

The site, often dubbed ‘Russia’s Facebook’, has clashed with copyright holders everywhere, and has even found itself the subject of intense criticism from the U.S. Government.

One of vKontakte’s longest running disputes has been with Universal Music. Like several other recording labels, Universal has put the social network under intense pressure to curtail infringement on its platform.

Patience ran out two years ago when the label filed a lawsuit at the Saint Petersburg and Leningrad Region Arbitration Court. Since then the case has flipped both ways, first with a partial victory for the labels, then a Court of Appeal ruling in favor of vKontakte.

After Universal filed another appeal in May, the case looked like it might drag on, but according to a report from Russia’s Vedomosti, peace is on the horizon.

Citing two sources within vKontakte parent company Mail.ru, the publication says that negotiations to strike a licensing deal with Universal are advanced and an announcement is imminent.

According to the insiders, the companies are in the “final stages” of approval and confirmation of the deal could arrive before the end of the week.

The scope of the licensing/anti-piracy deal appears to be broad, encompassing not only vKontakte but other Mail.ru ventures including Classmates (Odnoklassniki) and My World. These sites are the three most popular social networking platforms in Russia and where millions of tracks are downloaded for free.

So what’s in it for Universal? Currently, it appears that the record label is being guaranteed a minimum fee of $8m over three years. However, there is also a revenue sharing arrangement under discussion which could see Mail.ru companies make money when their users sign up for a premium music subscription package.

There is some speculation that an announcement could take place during this weekend’s VK Fest music festival but the sources warn there are still some legal complications to be ironed out.

In the event that confirmation of the deal is pushed back, the suggestion is that the parties could announce an “agreement of intent” instead, with the final details to be hammered out during the next few weeks.

If Universal does indeed sign on the dotted line, it will be in good company. Mail.ru already has annual licensing deals in place with Sony Music ($2m), Warner Music ($2.5m), distributor The Orchard, plus a handful of local publishers. Adding the world’s largest music company into the mix would largely complete the circle.

Assuming the Universal deal goes ahead, Mail.ru is initially expected to spend around $7m per year on music licensing, a huge amount considering that the entire Russian digital music market was worth just $23.5m in 2015.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

ALPHA vs. The Pro – Judgement Day

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/alpha-vs-pro-judgement-day/

Firstly, lets set the mood. I need you to watch this video.

Go on. Stop what you’re doing and press play. I can wait…

Star Wars: The Force Awakens Trailer Top Gun

Top Gun Little mashup with all aircraft fights and new scenes! Follow us on Facebook! https://www.facebook.com/dangdogblog/

Done? How good was that, right? RIGHT?! Mmmhmm, I knew you’d like it.

Now, onto ALPHA…

I’ll set the scene.

Imagine it’s the mid eighties. You’re name is Dr Myles Dyson and you’ve just invented the neural-net processor. You see your invention as a massive success, a gift to humanity, a major stepping stone across the treacherous waters toward world piece.

… and then Sarah Connor shoots you.

Wait.

That’s Cyberdyne. This is Psibernetix. My bad. I’ll start again.

University of Cincinnati doctoral graduate Nick Ernest may not have built the neural-net processor (thankfully), but he’s definitely created something on that level. Ernest and his team at Psibernetix have created ALPHA, an AI set to be the ultimate wingman of the sky(net)… which runs on a Raspberry Pi.

Exciting, yes? Let me explain…

ALPHA is an artificial intelligence with the capability to out-manoeuvre even the most seasoned fighter pilot pro… and to prove this, ALPHA was introduced to retired U.S. Air Force pilot Col. Gene Lee in a head-to-head dogfight simulation.

When pitted against Col. Gene Lee, who now works as an instructor and Air Battle Manager for the U.S. Air Force, ALPHA repeatedly shot down the pro, never allowing Lee to get a single shot in.

“I was surprised at how aware and reactive it was. It seemed to be aware of my intentions, and reacting instantly to my changes in flight and missile deployment. It knew how to defeat the shot I was taking. It moved instantly between defensive and offensive actions as needed.”

Before ALPHA, pilots training with simulated missions against AIs would often be able to ‘trick’ the system, understanding the limitations of the technology involved to win over their virtual opponents. However, with ALPHA this was simply not the case, instead leaving Lee exhausted and thoroughly defeated by the simulations.

“I go home feeling washed out. I’m tired, drained and mentally exhausted. This may be artificial intelligence, but it represents a real challenge.”

Prior to their work alongside Col. Gene Lee, ALPHA was set up against the current AI resources used for training manned and unmanned teams as part of the Air Force research programme. Much like its sessions with Lee, ALPHA outperformed the existing programmes, repeatedly beating the AIs in various situations.

ALPHA vs. Gene Lee

Nick Ernest, David Carroll and Gene Lee vs ALPHA

In the long term, ALPHA looks set to continue to advance in the field with additional development options, such as aerodynamic and sensor models, in the works. The aim is for ALPHA to work as an AI wingman for existing pilots. With current pilots hitting speeds of 1500 miles per hour at altitudes thousands of feet in the air, ALPHA can provide response times that beat their human counterparts by miles; this would allow for Unmanned Combat Aerial Vehicles (UCAVs) to defend pilots against hostile attack in the skies, while learning from enemy action.

This ability to run ALPHA on such a low-budget PC make the possibilities for using the AI in the field all that more achievable. As confirmed by Ernest himself (we emailed him to check), the AI and its algorithms can react to the simulated flight’s events, and eventually real-life situations, with ease, using the processing power of a $35 computer. 

And that, ladies and gentlemen, is incredible.

tom cruise top gun

This blog post was bought to you by the 1980’s*. You’re most welcome.

*Yes, we know Terminator 2 was released in 1991. Give us some slack.

The post ALPHA vs. The Pro – Judgement Day appeared first on Raspberry Pi.

Hijacking Someone’s Facebook Account with a Fake Passport Copy

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2016/07/hijacking_someo.html

BBC has the story. The confusion is that a scan of a passport is much easier to forge than an actual passport. This is a truly hard problem: how do you give people the ability to get back into their accounts after they’ve lost their credentials, while at the same time prohibiting hackers from using the same mechanism to hijack accounts? Demanding an easy-to-forge copy of a hard-to-forge document isn’t a good solution.

How Una Got Her Stolen Laptop Back

Post Syndicated from Andy Klein original https://www.backblaze.com/blog/how-una-found-her-stolen-laptop/

Lost Laptop World Map

Reading Peter’s post on getting your data ready for vacation travels, reminded me of a story we recently received from a Backblaze customer. Una’s laptop was stolen and then traveled the over multiple continents over the next year. Here’s Una’s story, in her own words, on how she got her laptop back. Enjoy.

Pulse Incident Number 10028192
(or: How Playing Computer Games Can Help You In Adulthood)

One day when I was eleven, my father arrived home with an object that looked like a briefcase made out of beige plastic. Upon lifting it, one realized it had the weight of, oh, around two elephants. It was an Ericsson ‘portable’ computer, one of the earliest prototypes of laptop. All my classmates had really cool and fashionable computer game consoles with amazing names like “Atari” and “Commodore”, beautifully vibrant colour displays, and joysticks. Our Ericsson had a display with two colours (orange and … dark orange), it used floppy discs that were actually floppy (remember those?), ran on DOS and had no hard drive (you had to load the operating system every single time you turned on the computer. Took around 10 minutes). I dearly loved this machine, however, and played each of the 6 games on it incessantly. One of these was “Where In The World Is Carmen Sandiego?” an educational game where a detective has to chase an archvillain around the world, using geographical and cultural references as clues to get to the next destination. Fast forward twenty years and…

It’s June 2013, I’m thirty years old, and I still love laptops. I live in Galway, Ireland; I’m a self-employed musician who works in a non-profit music school so the cash is tight, but I’ve splashed out on a Macbook Pro and I LOVE IT. I’m on a flight from Dublin to Dubai with a transfer in Turkey. I talk to the guy next to me, who has an Australian accent and mentions he’s going to Asia to research natural energy. A total hippy, I’m interested; we chat until the convo dwindles, I do some work on my laptop, and then I fall asleep.

At 11pm the plane lands in Turkey and we’re called off to transfer to a different flight. Groggy, I pick up my stuff and stumble down the stairs onto the tarmac. In the half-light beside the plane, in the queue for the bus to the terminal, I suddenly realize that I don’t have my laptop in my bag. Panicking, I immediately seek out the nearest staff member. “Please! I’ve left my laptop on the plane – I have to go back and get it!”

The guy says: “No. It’s not allowed. You must get on the bus, madam. The cabin crew will find it and put it in “Lost and Found” and send it to you.” I protest but I can tell he’s immovable. So I get on the bus, go into the terminal, get on another plane and fly to Dubai. The second I land I ring Turkish Air to confirm they’ve found my laptop. They haven’t. I pretty much stalk Turkish Air for the next two weeks to see if the laptop turns up, but to no avail. I travel back via the same airport (Ataturk International), and go around all three Lost and Found offices in the airport, but my laptop isn’t there amongst the hundreds of Kindles and iPads. I don’t understand.

As time drags on, the laptop doesn’t turn up. I report the theft in my local Garda station. The young Garda on duty is really lovely to me and gives me lots of empathy, but the fact that the laptop was stolen in airspace, in a foreign, non-EU country, does not bode well. I continue to stalk Turkish Airlines; they continue to stonewall me, so I get in touch with the Turkish Department for Consumer Affairs. I find a champion amongst them called Ece, who contacts Turkish Airlines and pleads on my behalf. Unfortunately they seem to have more stone walls in Turkey than there are in the entire of Co. Galway, and his pleas fall on deaf ears. Ece advises me I’ll have to bring Turkish Airlines to court to get any compensation, which I suspect will cost more time and money than the laptop is realistically worth. In a firstworld way, I’m devastated – this object was a massive financial outlay for me, a really valuable tool for my work. I try to appreciate the good things – Ece and the Garda Sharon have done their absolute best to help me, my pal Jerry has loaned me a laptop to tide me over the interim – and then I suck it up, say goodbye to the last of my savings, and buy a new computer.

I start installing the applications and files I need for my business. I subscribe to an online backup service, Backblaze, whereby every time I’m online my files are uploaded to the cloud. I’m logging in to Backblaze to recover all my files when I see a button I’ve never noticed before labelled “Locate My Computer”. I catch a breath. Not even daring to hope, I click on it… and it tells me that Backblaze keeps a record of my computer’s location every time it’s online, and can give me the IP address my laptop has been using to get online. The records show my laptop has been online since the theft!! Not only that, but Backblaze has continued to back up files, so I can see all files the thief has created on my computer. My laptop has last been online in, of all the places, Thailand. And when I look at the new files saved on my computer, I find Word documents about solar power. It all clicks. It was the plane passenger beside me who had stolen my laptop, and he is so clueless he’s continued to use it under my login, not realizing this makes him trackable every time he connects to the internet.

I keep the ‘Locate My Computer” function turned on, so I’m consistently monitoring the thief’s whereabouts, and start the chapter of my life titled “The Sleep Deprivation and The Phonebill”. I try ringing the police service in Thailand (GMT +7 hours) multiple times. To say this is ineffective is an understatement; the language barrier is insurmountable. I contact the Irish embassy in Bangkok – oh, wait, that doesn’t exist. I try a consulate, who is lovely but has very limited powers, and while waiting for them to get back to me I email two Malaysian buddies asking them if they know anyone who can help me navigate the language barrier. I’m just put in touch with this lovely pal-of-a-pal called Tupps who’s going to help me when… I check Backblaze and find out that my laptop had started going online in East Timor. Bye bye, Thailand.

I’m so wrecked trying to communicate with the Thai bureaucracy I decide to play the waiting game for a while. I suspect East Timor will be even more of an international diplomacy challenge, so let’s see if the thief is going to stay there for a while before I attempt a move, right? I check Backblaze around once a week for a month, but then the thief stops all activity – I’m worried. I think he’s realized I can track him and has stopped using my login, or has just thrown the laptop away. Reason kicks in, and I begin to talk myself into stopping my crazy international stalking project. But then, when I least expect it, I strike informational GOLD. In December, the thief checks in for a flight from Bali to Perth and saves his online check-in to the computer desktop. I get his name, address, phone number, and email address, plus flight number and flight time and date.

I have numerous fantasies about my next move. How about I ring up the police in Australia, they immediately believe my story and do my every bidding, and then the thief is met at Arrivals by the police, put into handcuffs and marched immediately to jail? Or maybe I should somehow use the media to tell the truth about this guy’s behaviour and give him a good dose of public humiliation? Should I try my own version of restorative justice, contact the thief directly and appeal to his better nature? Or, the most tempting of all, should I get my Australian-dwelling cousin to call on him and bash his face in? … This last option, to be honest, is the outcome I want the most, but Emmett’s actually on the other side of the Australian continent, so it’s a big ask, not to mention the ever-so-slightly scary consequences for both Emmett and myself if we’re convicted… ! (And, my conscience cries weakly from the depths, it’s just the teensiest bit immoral.) Christmas is nuts, and I’m just so torn and ignorant about course of action to take I … do nothing.

One morning in the grey light of early February I finally decide what to do. Although it’s the longest shot in the history of long shots, I will ring the Australian police force about a laptop belonging to a girl from the other side of the world, which was stolen in airspace, in yet another country in the world. I use Google to figure out the nearest Australian police station to the thief’s address. I set my alarm for 4am Irish time, I ring Rockhampton Station, Queensland, and explain the situation to a lovely lady called Danielle. Danielle is very kind and understanding but, unsurprisingly, doesn’t hold out much hope that they can do anything. I’m not Australian, the crime didn’t happen in Australia, there’s questions of jurisdiction, etc. etc. I follow up, out of sheer irrational compulsion rather than with the real hope of an answer, with an email 6 weeks later. There’s no response. I finally admit to myself the laptop is gone. Ever since he’s gone to Australia the thief has copped on and stopped using my login, anyway. I unsubscribe my stolen laptop from Backblaze and try to console myself with the thought that at least I did my best.

And then, completely out of the blue, on May 28th 2014, I get an email from a Senior Constable called Kain Brown. Kain tells me that he has executed a search warrant at a residence in Rockhampton and has my laptop!! He has found it!!! I am stunned. He quickly gets to brass tacks and explains my two options: I can press charges, but it’s extremely unlikely to result in a conviction, and even if it did, the thief would probably only be charged with a $200 fine – and in this situation, it could take years to get my laptop back. If I don’t press charges, the laptop will be kept for 3 months as unclaimed property, and then returned to me. It’s a no-brainer; I decide not to press charges. I wait, and wait, and three months later, on the 22nd September 2014, I get an email from Kain telling me that he can finally release the laptop to me.

Naively, I think my tale is at the “Happy Ever After” stage. I dance a jig around the kitchen table, and read my subsequent email from a “Property Officer” of Rockhampton Station, John Broszat. He has researched how to send the laptop back to me … and my jig is suddenly halted. My particular model of laptop has a lithium battery built into the casing which can only be removed by an expert, and it’s illegal to transport a lithium battery by air freight. So the only option for getting the laptop back, whole and functioning, is via “Sea Mail” – which takes three to four months to get to Ireland. This blows my mind. I can’t quite believe that in this day and age, we can send people to space, a media file across the world in an instant, but that transporting a physical object from one side of the globe to another still takes … a third of a year! It’s been almost a year and a half since my laptop was stolen. I shudder to think of what will happen on its final journey via Sea Mail – knowing my luck, the ship will probably be blown off course and it’ll arrive in the Bahamas.

Fortunately, John is empathetic, and willing to think outside the box. Do I know anyone who will be travelling from Australia to Ireland via plane who would take my laptop in their hand luggage? Well, there’s one tiny silver lining to the recession: half of Craughwell village has a child living in Australia. I ask around on Facebook and find out that my neighbour’s daughter is living in Australia and coming home for Christmas. John Broszat is wonderfully cooperative and mails my laptop to Maroubra Police Station for collection by the gorgeous Laura Gibbons. Laura collects it and brings it home in her flight hand luggage, and finally, FINALLY, on the 23rd of December 2014, 19 months after it’s been stolen, I get my hands on my precious laptop again.

I gingerly take the laptop out of the fashionable paper carrier bag in which Laura has transported it. I set the laptop on the table, and examine it. The casing is slightly more dented than it was, but except for that it’s in one piece. Hoping against hope, I open up the screen, press the ‘on’ button and… the lights flash and the computer turns on!!! The casing is dented, there’s a couple of insalubrious pictures on the hard drive I won’t mention, but it has been dragged from Turkey to Thailand to East Timor to Indonesia to Australia, and IT STILL WORKS. It even still has the original charger accompanying it. Still in shock that this machine is on, I begin to go through the hard drive. Of course, it’s radically different – the thief has deleted all my files, changed the display picture, downloaded his own files and applications. I’m curious: What sort of person steals other people’s laptops? How do they think, organize their lives, what’s going through their minds? I’ve seen most of the thief’s files before from stalking him via the Backblaze back-up service, and they’re not particularly interesting or informative about the guy on a personal level. But then I see a file I haven’t seen before, “ free ebook.pdf ”. I click on it, and it opens. I shake my head in disbelief. The one new file that the thief has downloaded onto my computer is the book “How To Win Friends And Influence People”.

A few weeks later, a new friend and I kiss for the first time. He’s a graphic designer from London. Five months later, he moves over to Ireland to be with me. We’re talking about what stuff he needs to bring when he’s moving and he says “I’m really worried; my desktop computer is huge. I mean, I have no idea how I’m going to bring it over.” Smiling, I say “I have a spare laptop that might suit you…”

[Editor: The moral of the story is make sure your data is backed up before you go on vacation.]

The post How Una Got Her Stolen Laptop Back appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Really? Buy a Pirate TV Box, Get a Free Cruise?

Post Syndicated from Andy original https://torrentfreak.com/reallybuy-a-pirate-tv-box-get-a-free-cruise-160703/

zstream-logoAdvertising and marketing efforts are all around us. Every waking hour of every day, someone somewhere tries to get us interested in their latest product or service.

While TV and radio have dominated over the years, increasingly the Internet is the go-to platform for companies determined to portray their product as the next big thing.

The Internet has many great qualities and for those looking to do something a bit different or wild, its unregulated nature means you can do whatever the hell you want. Or at the least shoot first, worry about the consequences later.

That appears to be the philosophy of the company behind the Z Stream Box, the next ‘big’ thing in audio-visual consumption. Promoted via a glossy website and numerous online videos, the set-top Z Stream Box aims to fulfil the dreams of every movie, TV show, sports and music junkie.

“Get the Biggest Shows, the Latest Movies, Stream the biggest blockbusters here first. Watch every episode of your favorite shows, past and present, Live and on demand. Enjoy the latest series and specials as they premiere without waiting,” the advertising reads.

“Break free of annual contracts, surprise fees and TV that ties you down. With Z Stream Box® get the TV you love over 100 of your favorite channels, Hit movies, Documentaries, Sports and more! NO contracts and NO monthly payments ever.”

While these kinds of claims are usually the sole preserve of pirate devices, there are various indicators on the Z Stream site suggesting that this must be a legitimate offer. Firstly, it has celebrity endorsements. Here’s a nice image of singer, songwriter and actress Christina Millian enjoying the device.

zstream1

And to make sure that the cord-cutting phenomenon resonates with the younger generation, here’s YouTube star Jordyn Jones holding a Z Stream Box and looking surprised at how much it can do.

zstream2

For those who haven’t already guessed, the basic premise of the Z Stream Box is that people can stop paying their expensive cable bills and get all their content online. It’s an Internet sensation!

Actually, let’s cut the nonsense. Z Stream Box is nothing more than a Kodi-enabled Android box with all the best pirate addons such as Genesis and Icefilms fully installed.

zstream4

While that probably isn’t much of a shock by now, the way this device is being marketed is nothing short of remarkable.

Claimed celebrity endorsements aside, the people at Z Stream have commissioned a full-blown 18-minute infomercial for their device which must have cost a small fortune and would be at home on any shopping channel.

zstream3

Seriously, this gig has absolutely everything – several glossy presenters, many actors, a perfect family, potential and existing ‘customers’ who can’t quite believe how good the device is, and much much more.

Of course, you’re probably wondering how much all this costs. Well, it’s the equivalent of just a few months cable, apparently. Admittedly that’s quite a lot of cash, but it’s the savings that are important, Z Stream say.

In the end it’s revealed the unit costs ‘just’ $295.95. That’s almost $300 for a box that would cost less than $100 if people looked around for something similar on eBay or Amazon. But do those products come with a free five-day cruise for two around the Bahamas, including all onboard meals and entertainment? Thought not. (18 minutes into the video below)

zstream5

The full and quite unbelievable infomercial is embedded below and for those interested in just how far pirate advertising can go, the Z Stream Box website can be found here. Facebook here, YouTube account here.

Update: The Z Stream Box website has been taken down, Google Cache to the rescue, with Archive.is backup

Video mirror here

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

BitTorrent Protocol Turns 15 Years Old Today

Post Syndicated from Ernesto original https://torrentfreak.com/bittorrent-protocol-turns-15-years-old-today-160702/

bittorrent_logo“My new app, BitTorrent, is now in working order, check it out here,” Bram Cohen wrote on a Yahoo! message board on July 2, 2001.

It was the first time a working copy of the BitTorrent code had been made available to the public, but the initial response wasn’t exactly overwhelming.

“What’s BitTorrent, Bram?” was the sole reply he received on the board.

Fast forward 15 years and BitTorrent has become one of the most prominent technologies of the current millennium. One that transformed the web and which is still hugely relevant today.

When Cohen first announced his invention to the world, he could have never imagined that the technology would be used by hundreds of millions of people in the years that followed.

He was simply trying to improve file transfers, by using people’s upload and download capacity simultaneously.

“Fundamentally, I was trying to figure out how people on the Internet could utilize all the unused upstream bandwidth to make it faster to send huge files,” Bram Cohen told TorrentFreak, commenting on these early days.

BitTorrent FAQ Cohen wrote in 2001

btfaq

While the technology itself was the main focus for Cohen, the public quickly realized that BitTorrent opened the door to sharing huge files, which was very rare at the time.

Since BitTorrent users download and upload at the same time, popular files are distributed more quickly. With other file-sharing technologies, distribution slows down.

This idea was a major breakthrough at the time. Before then, it was virtually impossible for a regular Internet user to share a video with dozens of people, but torrents made it possible. As a result, BitTorrent soon became responsible for a quarter of all Internet traffic.

As with many innovations on the web, porn fans were among the first to embrace the new technology in its full glory. Several of the early torrent sites were exclusively centered around adult content, and a torrent site without a porn category was rare.

After a few months, torrent sites started popping up left and right, listing a wide range of content. This included perfectly legal Linux distros, but also pirated copies of The Matrix, Photoshop and the Spice Girls’ latest album.

With the rise of sites such as The Pirate Bay, Mininova, isoHunt and KickassTorrents, torrents became a synonym for piracy among the broader public. However, the technology itself is “neutral” and used more broadly than most people realize.

Twitter and Facebook also discovered the power of BitTorrent. Behind the scenes, it’s helping these tech giants distribute files across their servers faster and more efficiently than any other alternatives. And the opportunities don’t end there.

BitTorrent Inc, the company Bram Cohen co-founded in 2004 has released various applications for the BitTorrent protocol over the past years. A “sync” tool that lets people run their private backup solution, for example, or a browser that serves webpages without the need for a central server.

Cohen himself also worked hard on a live streaming implementation of BitTorrent. Although this hasn’t been adopted widely just yet, BitTorrent Inc. believes that it could power the future of online live news and entertainment.

Whatever the future may look like, it is safe to say that with BitTorrent, Bram Cohen changed the lives of dozens of millions of people.

Directly, by allowing people around the world to easily share large files without the need for a central server. But also indirectly, by being one of the great motivators for the entertainment industries to compete with piracy and offer their content online.

If Bram hadn’t taken his invention public 15 years ago, the Internet may have looked very different today.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Facebook Using Physical Location to Suggest Friends

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2016/06/facebook_using_.html

This could go badly:

People You May Know are people on Facebook that you might know,” a Facebook spokesperson said. “We show you people based on mutual friends, work and education information, networks you’re part of, contacts you’ve imported and many other factors.”

One of those factors is smartphone location. A Facebook spokesperson said though that shared location alone would not result in a friend suggestion, saying that the two parents must have had something else in common, such as overlapping networks.

“Location information by itself doesn’t indicate that two people might be friends,” said the Facebook spokesperson. “That’s why location is only one of the factors we use to suggest people you may know.”

The article goes on to describe situations where you don’t want Facebook to do this: Alcoholics Anonymous meetings, singles bars, some Tinder dates, and so on. But this is part of Facebook’s aggressive use of location data in many of its services.

BoingBoing post.

EDITED TO ADD: Facebook backtracks.

Create and Deploy a Chat Bot to AWS Lambda in Five Minutes

Post Syndicated from Bryan Liston original https://aws.amazon.com/blogs/compute/create-and-deploy-a-chat-bot-to-aws-lambda-in-five-minutes/

This is a guest post by Gojko Adzic, creator of ClaudiaJS

 

The new Claudia.JS Bot Builder project helps JavaScript developers to easily create chat-bots for Facebook, Telegram, Skype, and Slack, and deploy them to AWS Lambda and Amazon API Gateway in minutes.

The key idea behind this project is to remove all the boilerplate code and common infrastructure tasks, so you can focus on writing the really important part of the bot — your business workflows. Everything else is handled by the Claudia Bot Builder.

The Claudia Bot Builder library simplifies messaging workflows, automatically sets up the correct web hooks, and guides you through configuration steps, so you don’t have to research individual implementation protocols. It automatically converts the incoming messages from various platforms into a common format, so you can handle them easily. It also automatically packages the responses into the correct templates, so you do not have to worry about different message response formats. This means that you can write and deploy a single bot with just a few lines of code, and operate it on various bot platforms using AWS Lambda. Check out the two-minute video Create chat-bots easily using Claudia Bot Builder to see how easy it is to set up a bot on AWS using the new tool.

Here’s a simple example:

Prerequisites

The Claudia Bot Builder works with the Node.JS 4.3.2 AWS Lambda installation. It requires using the Claudia.JS deployment tool, which you can install using NPM:

npm install claudia -g

If you already have Claudia installed, make sure it’s up to date. The Claudia Bot Builder support requires version 1.4.0 or later.

Creating a simple text bot

First, create an empty folder, and a new NPM project inside it. Make sure to give it a descriptive name:

npm init

Then, add the claudia-bot-builder library as a project dependency:

npm install claudia-bot-builder -S

For this particular bot, generate some dynamic content using the huh excuse generator. Add that as a project dependency:

npm install huh -S

Now create the bot. Create a file called bot.js and paste the following content:

var botBuilder = require('claudia-bot-builder'),
    excuse = require('huh');

module.exports = botBuilder(function (request) {
  return 'Thanks for sending ' + request.text  + 
      '. Your message is very important to us, but ' + 
      excuse.get();
});

That’s pretty much it. You can now deploy the bot to AWS and configure it for Facebook Messenger, by using Claudia:

claudia create --region us-east-1 --api-module bot --configure-fb-bot

Now would be a good time to configure a new Facebook page and a messenger application, as explained in the Facebook Messenger Getting Started Guide. The bot installer prints the web hook URL and the verification token, which you can copy to your Facebook Messenger configuration page. You can then generate the page access token from Facebook. Copy that back to Claudia when asked, and you’re almost done.

In a few moments, your bot will be live, and you can talk to it from the page you created. That was easy, wasn’t it?

If you’d like other Facebook users to talk to it as well, submit it for application review from the Facebook App Developer page.

Deploying to other platforms

The Claudia Bot Builder can also help you set up this bot for all the other platforms. Just run claudia update and provide the additional configuration option:

  • For Slack slash commands, use –configure-slack-slash-command
  • For Skype, use –configure-skype-bot
  • For Telegram, use –configure-telegram-bot

More complex workflows

The example bot just responds with silly excuses so for homework, do something more interesting with it.

The request object passed into the message handling function contains the entire message in the text field, but it also has some other pieces of data for more complex work. The sender field identifies the user sending the message, so you can create threads of continuity and sessions. The type field contains the identifier of the bot endpoint that received the message (for example, skype or facebook) so you can respond differently to different bot systems. The originalRequest field contains the entire unparsed original message, so you can handle platform-specific requests and go beyond simple text.

For examples, check out:

  • Fact Bot, which looks up facts about topics on WikiData and creates Facebook Messenger menus.
  • Space Explorer Bot, A small FB Messenger chat bot using NASA API

Although it’s enough just to return a string value for simple cases, and the Bot Builder packages it correctly for individual bot engines, you can return a more complex object and get platform-specific features, for example, Facebook buttons. In that case, make sure to use the type field of the request to decide on additional features.

For asynchronous workflows, send back a Promise object, and resolve it with the response later. The convention is the same: if the promise gets resolved with a string, the Claudia Bot Builder automatically packages it into the correct template based on the bot endpoint that received a message. Reply with an object instead of a string, and the Bot Builder will not do any specific parsing, letting you take advantage of more advanced bot features for individual platforms. Remember to configure your Lambda function for longer execution if you plan to use asynchronous replies; by default, AWS limits this to 3 seconds.

Try it out live

You can see this bot in action and play with it live from the GitHub Claudia Examples repository.

More information

For more information on the Claudia Bot Builder, and some nice example projects, check out the Claudia Bot Builder GitHub project repository. For questions and suggestions, visit the Claudia project chat room on Gitter.

Help! My VPN Provider Is Compromised By a Gag Order!

Post Syndicated from Ernesto original https://torrentfreak.com/vpn-provider-proxy-sh-compromised-gag-order-160626/

proxyshMillions of Internet users around the world use a VPN to protect their privacy online. One of the key benefits is that it hides one’s true IP-address from third-party monitoring outfits, countering a lot of unwanted snooping.

However, law enforcement is not always happy with these services and in extreme cases can compel VPN providers to start logging internal connections to catch a perpetrator.

This is what appears to have happened to Seychelles-based VPN service Proxy.sh. Earlier this month the company excluded one of its nodes from its warrant canary.

“We would like to inform our users that we do not wish any longer to mention France 8 (85.236.153.236) in our warrant canary until further notice,” the company announced on its website, and via email to its customers.

Proxy.sh’s warning

proxycana

The warrant canary states that no warrants, searches or seizures of any kind have been received, but this is no longer true for the French node. The fact that this has been announced indirectly suggests that the company is not allowed to communicate about it publicly.

TorrentFreak reached out to Proxy.sh hoping to get some additional information. While no further details were provided, the VPN provider strongly advises its users not to connect to the ‘compromised’ node.

“We recommend our users to no longer connect to it. We are striving to do whatever it takes to include that node into our warrant canary again,” Proxy.sh says.

“The warrant canary has been particularly designed to make sure we could still move without being legally able to answer questions in a more detailed manner. We are happy to see it put to use after all and that our users are made aware of it,” they add.

The announcement will come as a shock to most Proxy.sh users and many will be wondering what they should do next. A good question, but unfortunately not one with an easy answer.

Leave or stay?

Some users may be inclined to leave. Why stay with a VPN provider that’s partly compromised if there are many other alternatives out there? This is a logical and understandable response.

On the other hand, one can also value Proxy.sh’s transparency in the matter. The company takes its warrant canary seriously where other VPN providers, with or without a warrant canary, may have stayed quiet.

Ironically, the fact that Proxy.sh received a gag order increases the trustworthiness of the company itself, although that comes at a price.

We suspect that there are only a few VPN providers that would suspend their operations “Lavabit style” on receipt of a narrowly targeted gag order that doesn’t compromise its service as a whole. Considering the fact that only one node is in question, the request does appear to be rather targeted in this case.

It’s also worth keeping in mind that many large Internet companies including Google and Facebook receive gag orders on a regular basis. Most users have no clue that this is happening, and others simply don’t care.

Trust?

VPN users who would prefer their VPN provider to shut down instead of complying with a gag order should leave, that much is clear. But how do you know that the next choice will be as transparent as Proxy.sh?

As is often the case it all boils down to trust. Do you trust your VPN provider to handle your private communications carefully, and to what degree does a gag order on one of the nodes change this?

How one answers this question is a matter of personal preference.

Most of our questions to Proxy.sh remained unanswered, presumably due to the court order, but the company was able to provide some additional details on their compliance with orders from various jurisdictions.

While the company is incorporated in the Seychelles, it also complies with orders from other jurisdictions it operates from.

“Our company respects the law everywhere it operates, but it still has the option to cooperate fully while ceasing any further operations in any specific jurisdiction,” Proxy.sh says.

“Depending on the level of threat to our users’ privacy and according to our legal advisers, we take the decision to bring updates to our warrant canary either for a specific node or for a whole country.”

So what would you do in this situation?

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

FBI Raids Spammer Outed by KrebsOnSecurity

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/06/fbi-raids-spammer-outed-by-krebsonsecurity/

Michael A. Persaud, a California man profiled in a Nov. 2014 KrebsOnSecurity story about a junk email artist currently flagged by anti-spam activists as one of the world’s Top 10 Worst Spammers, was reportedly raided by the FBI in connection with a federal spam investigation.

atballAccording to a June 9 story at ABC News, on April 27, 2016 the FBI raided the San Diego home of Persaud, who reportedly has been under federal investigation since at least 2013. The story noted that on June 6, 2016, the FBI asked for and was granted a warrant to search Persaud’s iCloud account, which investigators believe contained “evidence of illegal spamming’ and wire fraud to further [Persaud’s] spamming activities.”

Persaud doesn’t appear to have been charged with a crime in connection with this investigation. He maintains his email marketing business is legitimate and complies with the CAN-SPAM Act, the main anti-spam law in the United States which prohibits the sending of spam that spoofs that sender’s address or does not give recipients an easy way to opt out of receiving future such emails from that sender.

The affidavit that investigators with the FBI used to get a warrant for Persaud’s iCloud account is sealed, but a copy of it was obtained by KrebsOnSecurity. It shows that during the April 2016 FBI search of his home, Persaud told agents that he currently conducts internet marketing from his residence by sending a million emails in under 15 minutes from various domains and Internet addresses.

The affidavit indicates the FBI was very interested in the email address michaelp77x@gmail.com. In my 2014 piece Still Spamming After All These Years, I called attention to this address as the one tied to Persaud’s Facebook account — and to 5,000 or so domains he was advertising in spam. The story was about how the junk email Persaud acknowledged sending was being relayed through broad swaths of Internet address space that had been hijacked from hosting firms and other companies.

persaud-fbFBI Special Agent Timothy J. Wilkins wrote that investigators also subpoenaed and got access to that michaelp77x@gmail.com account, and found emails between Persaud and at least four affiliate programs that hire spammers to send junk email campaigns.

A spam affiliate program is a type of business or online retailer — such as an Internet pharmacy — that pays a third party (known as affiliates or spammers) a percentage of any sales that they generate for the program (for a much deeper dive on how affiliate programs work, check out Spam Nation).

When I wrote about Persaud back in 2014, I noted that his spam generally advertised the types of businesses you might expect to see pimped in junk email: payday loans, debt consolidation services, and various “nutraceutical” products.

Persaud did not respond to requests for comment. But in an email he sent to KrebsOnSecurity in November 2014, he said:

“I can tell you that my company deals with many different ISPs both in the US and overseas and I have seen a few instances where smaller ones will sell space that ends up being hijacked,” Persaud wrote in an email exchange with KrebsOnSecurity. “When purchasing IP space you assume it’s the ISP’s to sell and don’t really think that they are doing anything illegal to obtain it. If we find out IP space has been hijacked we will refuse to use it and demand a refund. As for this email address being listed with domain registrations, it is done so with accordance with the CAN-SPAM guidelines so that recipients may contact us to opt-out of any advertisements they receive.”

Persaud is currently listed as #10 on the World’s 10 Worst Spammers list maintained by Spamhaus, an anti-spam organization. In 1998, Persaud was sued by AOL, which charged that he committed fraud by using various names to send millions of get-rich-quick spam messages to America Online customers. In 2001, the San Diego District Attorney’s office filed criminal charges against Persaud, alleging that he and an accomplice crashed a company’s email server after routing their spam through the company’s servers.

AMC Threatens Copyright Lawsuit Over Walking Dead Spoiler

Post Syndicated from Andy original https://torrentfreak.com/amc-threatens-copyright-lawsuit-over-walking-dead-spoiler-160614/

walkingdeadThe Spoiling Dead Fans (TSD) is a community of hardcore The Walking Dead fans who have an even greater interest in the show than most. As their name suggests, they’re dedicated to obtaining all the latest information about the hit show – including information not yet in the public domain.

There have been suggestions recently that TSDF might reveal the identity of the individual who Negan killed with ‘Lucille’, his barbed wire covered baseball bat. As the cliff-hanger from the final episode of the last series, it’s pretty important to fans. As it turns out, it’s massively important to makers AMC too.

In a posting on their Facebook page this week, the operators of The Spoiling Dead told their 364,000 followers that AMC had contacted them with legal threats.

“After two years, AMC finally reached out to us! But it wasn’t a request not to post any info about the Lucille Victim or any type of friendly attempt at compromise, it was a cease and desist and a threat of a lawsuit by AMC Holdings, LLC’s attorney, Dennis Wilson. They say we can’t make any type of prediction about the Lucille Victim,” they wrote.

TorrentFreak has obtained a copy of the letter sent to TSDF in which AMC’s attorney at Kilpatrick Townsend & Stockton LLP lays down the law. Surprisingly for a show that hasn’t aired and potentially hasn’t even been made yet, the law being laid down is copyright in nature.

“AMC is aware that The Spoiling Dead Fans site is promoting your claim that you have received copyright protected, trade secret information about the most critical plot information in the unreleased next season of The Walking Dead,” the letter begins.

“You also state that you plan to distribute this purported highly confidential information despite your knowledge that such distribution, if the information is indeed accurate, is unauthorized and will greatly damage AMC, distributors of The Walking Dead as well as Walking Dead fans awaiting the new seasons’ release who wish to watch their favorite show unspoiled.”

AMC’s claim that any spoilers will amount to copyright infringement are somewhat eyebrow raising but according to the company this ground has been covered before.

“The release of plot summaries and particularly the types of crucial plot elements that you have stated you intend to release, have been found to constitute copyright infringement. Specifically, in Twin Peaks Productions vs. Publications International, the Court ruled that publishing a work that ‘recount[s] for its readers precisely the plot details’ of a fictional work constitutes copyright infringement.”

By citing a specific case one might conclude that AMC’s attorney is confident that the cases are similar, but reading the details casts more than just a little doubt on his claims.

The historical case in question involved the publication of a book by Publications International which covered in detail the first eight episodes of the 1990/91 TV series Twin Peaks. The big question was whether this use of copyright works was protected under fair use but in the end the court decided the publisher had gone too far.

The court found that the defendant’s “detailed recounting of the show’s plotlines went far beyond merely identifying their basic outline for the transformative purposes of comment or criticism” adding:

Because the plot synopses were so detailed, and in fact lifted many sections verbatim from the original scripts, the court found that defendant copied a substantial amount of plaintiff’s original works.

This hardly seems to mirror the situation playing out alongside a potential spoiler of an unaired episode of The Walking Dead. Presumably that spoiler can be achieved by saying a single name too, which by no stretch of the imagination amounts to a substantial part of any show.

Merits of the argument aside though, AMC doesn’t appear in any mood for messing around.

“By advertising the illegal disclosure of intricate plot details of an unreleased episode of The Walking Dead without authorization, you will willfully and intentionally impair the commercial viability of the show and thus AMC’s ability and incentive to continue to produce creative works such as The Walking Dead,” the company’s attorney continues.

“In light of the above, we demand that you repudiate your intent to leak the ‘Lucille Victim’ by confirming that you will cease and desist from that illegal disclosure and/or assisting others in the illegal disclosure.

“Should you fail to do so, AMC will file a lawsuit against you to enjoin your harmful illegal activities and seek to obtain money damages and injunctive relief to address your conduct.”

Whether the threats have any legal basis will probably never be known for sure but in the meantime The Spoiling Dead crew are having a pretty awful time of it. As a result they’ve decided not to take any chances.

“AMC has been harassing us for four days now by contacting our homes, our family members and our employers; even posting on this page and personal social media accounts. We are fans of this show just like you and aren’t a commercial operation that makes profit. We have families and careers to think about,” they explain.

“After consultation with our legal counsel, we have responded to AMC that the TSDF staff will not be posting our prediction on who gets Lucilled on any of our outlets.”

Speaking with TorrentFreak, TSDF said that while AMC insist that a disclosure about the ‘Lucille Victim’ was about to be made, no one from the company has provided that detail.

“[AMC} say that we claimed we received some illegal, protected information and that we said we were going to disclose the Lucille Victim based on that information. But they never identified WHERE the claim they say we made was. Even in our response to them we said we could not repudiate that claim because they didn’t identify it. They still haven’t. They are guessing,” a spokesperson said.

“It would be stupid of us to say something like that. All we ever said is that we were close to a confirmation and should be able to post who we thought it was in a couple weeks. There are lots of ways to confirm things and plenty of them legal.”

While the identity of the ‘Lucille Victim’ has always been a hot topic among Walking Dead fans, it’s now likely that following the legal threats from AMC the interest will leak over into the wider mainstream, thus making it even less likely it will remain a secret.

It’s understandable that AMC want to protect their storylines, but this is not pre-Internet 1980 and the days of secrets like Who Shot J.R.? are long gone.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

IRS Re-Enables ‘Get Transcript’ Feature

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/06/irs-re-enables-get-transcript-feature/

The Internal Revenue Service has re-enabled a service on its Web site that allows taxpayers to get a copy of their previous year’s tax transcript. The renewed effort to beef up taxpayer authentication methods at irs.gov comes more than a year after the agency disabled the transcript service because tax refund fraudsters were using it to steal sensitive data on consumers.

irsbldgDuring the height of tax-filing season in 2015, KrebsOnSecurity warned that identity thieves involved in tax refund fraud with the IRS were using irs.gov’s “Get Transcript” feature to glean salary and personal information they didn’t already have on targeted taxpayers. In May 2015, the IRS suspended the Get Transcript feature, citing its abuse by fraudsters and noting that some 100,000 taxpayers may have been victimized as a result.

In August 2015, the agency revised those estimates up to 330,000, but in February 2016, the IRS again more than doubled its estimate, saying the actual number of victims was probably closer to 724,000.

So exactly how does the new-and-improved Get Transcript feature validate that taxpayers who are requesting information aren’t cybercriminal imposters? According to the IRS’s Get Transcript FAQ, the visitor needs to supply a Social Security number (SSN) and have the following:

  • immediate access to your email account to receive a confirmation code;
  • name, birthdate, mailing address, and filing status from your most recent tax return;
  • an account number from either a credit card, auto loan, mortgage, home equity loan or home equity line of credit;
  • a mobile phone number with your name on the account.

“If you previously registered to use IRS Get Transcript Online, Identity Protection PIN, Online Payment Agreement, or ePostcard online services, log in with the same username and password you chose before,” the IRS said. “You’ll need to provide a financial account number and mobile phone number if you haven’t already done so.”

The agency said it will then verify your financial account number and mobile phone number with big-three credit bureau Equifax. Readers who have taken my advice and placed a security freeze on their credit files will need to request a temporary thaw in that freeze with Equifax before attempting to verify their identity with the IRS.

According to Federal Computer Week, central to the new setup will be knowledge-based authentication that uses supposedly harder-to-answer questions than the tests that led to the compromise of Get Transcript.

Mike Kasper, the tax fraud victim whose story ultimately earned him a chance to testify about the experience before the U.S. Senate Committee on Homeland Security & Governmental Affairs, called the new authentication methods a good step forward. But he worries that they will simply encourage tax refund thieves to commit more acts of identity theft in victim’s name.

“Looks like the investment for a $6,000 refund went from $10 to purchase credit data or now a card number for the victim, up to about $30 to buy a prepaid number although it’s probably even cheaper now,” Kasper said. “I think the ID thieves might simply open new cell phone or credit card accounts in the name of the victim or even keep changing the name on prepaid cell phone accounts acquired just for this purpose.”

Kasper notes that the same lame authentication methods that led to the Get Transcript debacle are still used by annualcreditreport.com, a site mandated by Congress as the only site where consumers can get their by-rights guaranteed free copy of their credit report from each of the major bureaus. Credit reports contain quite a bit of information that may allow thieves to glean the mobile and credit card account numbers for the taxpayers they’re targeting.

Annualcreditreport.com asks consumers to provide a bunch of personal data that can be bought for about $3-$4 from cybercrime shops online — such as date of birth, Social Security number, address and previous addresses. The site also asks the visitor to answer a series of so-called knowledge-based authentication (KBA) questions supplied by the credit bureaus.

These KBA questions — which involve four multiple choice, “out of wallet” questions such as previous address, loan amounts and dates — can be successfully enumerated with random guessing.  In many cases, the answers can be found by consulting free online services, such as Zillow and Facebook.

Fraudsters also may opt to simply phish the phone and credit card information from victims, or turn to criminal data brokers in the underground that specialize in selling these dossiers on consumers, Kasper said.

“The real question is, when will more banks start to check that the incoming transfer from the IRS is for an account under the name of an actual customer,” Kasper said. “Most banks do not do this, but even if they did that is not a complete solution unless they also know their customer. There were probably thousands of fraudulent tax refunds last year where the [perpetrators] just opened up bank accounts in other peoples’ names to receive a refund from the IRS. Because if you’re a thieve and you open an account in the victim’s name, it’s a little harder to trace.”

Password Re-user? Get Ready to Get Busy

Post Syndicated from BrianKrebs original https://krebsonsecurity.com/2016/06/password-re-user-get-to-get-busy/

In the wake of megabreaches at some of the Internet’s most-recognized destinations, don’t be surprised if you receive password reset requests from numerous companies that didn’t experience a breach: Some big name companies — including Facebook and Netflix — are in the habit of combing through huge data leak troves for credentials that match those of their customers and then forcing a password reset for those users.

Netflix sent out notices to customers who re-used their Netflix password at other sites that were hacked.

Netflix sent out notices to customers who re-used their Netflix password at other sites that were hacked. This notice was shared by a reader who had re-used his Netflix password at one of the breached companies.

Netflix.com, for example, sent out a notification late last week to users who made the mistake of re-using their Netflix password at Linkedin, Tumblr or MySpace. All of three of those breaches are years old, but the scope of the intrusions (more than a half billion usernames and passwords leaked in total) only became apparent recently when the credentials were posted online at various sites and services.

“We believe your Netflix account credentials may have been included in a recent release of email addresses and passwords from an older breach at another company,” the message from Neflix reads. “Just to be safe, we’ve reset your password as a precautionary measure.”

The missive goes on to urge recipients to visit Netflix.com and click the “forgot your email or password” link to reset their passwords.

Netflix is taking this step because it knows from experience that cybercriminals will be using the credentials leaked from Tumblr, MySpace and LinkedIn to see if they work on a variety of third-party sites (including Netflix).

As I wrote last year in the aftermath of the AshleyMadison breach that exposed tens of millions of user credentials, Netflix’s forensics team has been using a tool that the company released in 2014 called Scumblr, which scours high-profile sites for specific terms and data.

“Some Netflix members have received emails encouraging them to change their account passwords as a precautionary measure due to the recent disclosure of additional credentials from an older breach at another internet company,” Netflix said in a statement released to KrebsOnSecurity. “Note that we are always engaged in these types of proactive security measures (leveraging Scumblr in addition to other mechanisms and data sources), not just in the case of major security breaches such as this one.”

Facebook also has been known to mine data leaked in major external password breaches for any signs that users are re-using their passwords at the hacked entity. After at a breach discovered at Adobe in 2013 exposed tens of millions Adobe customer credentials, Facebook scoured the leaked Adobe password data for credential recycling among its users.

The last time I wrote about this preemptive security measure, many readers seem to have hastily and erroneously concluded that whichever company is doing the alerting doesn’t properly secure its users passwords if it can simply compare them in plain text to leaked passwords that have already been worked out.

What’s going on here is that Facebook, Netflix, or any other company who wants to can take a corpus of leaked passwords that have already been guessed or cracked can simply hash those passwords with whatever one-way hashing mechanism(s) they use internally. After that, it’s just a matter of finding any overlapping email addresses that use the same password.

Message that Facebook has used in the past to alert users who have re-used their Facebook passwords at other breached sites.

Message that Facebook has used in the past to alert users who have re-used their Facebook passwords at other breached sites.