Tag Archives: fraud

I Seem to Have a LinkedIn Account

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/08/i_seem_to_have_.html

I seem to have a LinkedIn account.

This comes as a surprise, since I don’t have a LinkedIn account, and have never logged in to LinkedIn.

Does anyone have any contacts into the company? I would like to report this fraudulent account, and possibly get control of it. I’m not on LinkedIn, but the best defense against this is probably to create a real account.

Lawyer Says He Was Deceived Into BitTorrent Copyright Trolling Scheme

Post Syndicated from Andy original https://torrentfreak.com/lawyer-says-he-was-deceived-into-bittorrent-copyright-trolling-scheme-170807/

For more than a decade, companies around the world have been trying to turn piracy into profit. For many this has meant the development of “copyright trolling” schemes, in which alleged pirates are monitored online and then pressured into cash settlements.

The shadowy nature of this global business means that its true scale will never be known but due to the controversial activities of some of the larger players, it’s occasionally possible to take a peek inside their operations. One such opportunity has just raised its head.

According to a lawsuit filed in California, James Davis is an attorney licensed in Oregon and California. Until two years ago, he was largely focused on immigration law. However, during March 2015, Davis says he was approached by an old classmate with an opportunity to get involved in a new line of business.

That classmate was Oregon lawyer Carl Crowell, who over the past several years has been deeply involved in copyright-trolling cases, including a deluge of Dallas Buyers Club and London Has Fallen litigation. He envisioned a place for Davis in the business.

Davis seemed to find the proposals attractive and became seriously involved in the operation, filing 58 cases on behalf of the companies involved. In common with similar cases, the lawsuits were brought in the name of the entities behind each copyrighted work, such as Dallas Buyers Club, LLC and LHF Productions, Inc.

In time, however, things started to go wrong. Davis claims that he discovered that Crowell, in connection with and on behalf of the other named defendants, “misrepresented the true nature of the Copyright Litigation Campaign, including the ownership of the works at issue and the role of the various third-parties involved in the litigation.”

Davis says that Crowell and the other defendants (which include the infamous Germany-based troll outfit Guardaley) made false representations to secure his participation, while holding back other information that might have made him think twice about becoming involved.

“Crowell and other Defendants withheld numerous material facts that were known to Crowell and the knowledge of which would have cast doubt on the value and ethical propriety of the Copyright Litigation Campaign for Mr. Davis,” the lawsuit reads.

Davis goes on to allege serious misconduct, including that representations regarding ownership of various entities were false and used to deceive him into participating in the scheme.

As time went on, Davis said he had increasing doubts about the operation. Then, in August 2016 as a result of a case underway in California, he began asking questions which resulted in him uncovering additional facts. These undermined both the representations of the people he was working for and his own belief in the “value and ethical propriety of the Copyright Litigation Campaign,” the lawsuit claims.

Davis said this spurred him on to “aggressively seek further information” from Crowell and other people involved in the scheme, including details of its structure and underlying support. He says all he received were “limited responses, excuses, and delays.”

The case was later dismissed by mutual agreement of the parties involved but of course, Davis’ concerns about the underlying case didn’t come to the forefront until the filing of his suit against Crowell and the others.

Davis says that following a meeting in Santa Monica with several of the main players behind the litigation campaign, he decided its legal and factual basis were unsound. He later told Crowell and Guardaley that he was withdrawing from their project.

As the result of the misrepresentations made to him, Davis is now suing the defendants on a number of counts, detailed below.

“Defendants’ business practices are unfair, unlawful, and fraudulent. Davis has suffered monetary damage as a direct result of the unfair, unlawful, and fraudulent business practices set forth herein,” the lawsuit reads.

Requesting a trial by jury, Davis is seeking actual damages, statutory damages, punitive or treble damages “in the amount of no less than $300,000.”

While a payment of that not insignificant amount would clearly satisfy Davis, the prospect of a trial in which the Guardaley operation is laid bare would be preferable when the interests of its thousands of previous targets are considered.

Only time will tell how things will pan out but like the vast majority of troll cases, this one too seems destined to be settled in private, to ensure the settlement machine keeps going.

Note: The case was originally filed in June, only to be voluntarily dismissed. It has now been refiled in state court.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

BulkyIPTV Operator Was Arrested For Fraud, Money Laundering

Post Syndicated from Andy original https://torrentfreak.com/bulkyiptv-operator-was-arrested-for-fraud-money-laundering-170724/

For many years, video-focused Internet piracy was all about obtaining pre-recorded content such as movies and TV shows. Now, however, the rise of streaming is enabling a massive uptake of live ‘pirate’ programming.

At the forefront of this movement are web streaming portals, dedicated Kodi add-ons, and premium IPTV services. The latter, which can rival official services, tend to offer a better quality service but with a price tag attached. This has resulted in a whole new market for people seeking to generate revenue from piracy.

One of those outfits was UK-based BulkyIPTV, but as first reported here on TF, last week the entire operation was shut down after police arrested its operator.

“Hi all. Today I was arrested. Everything has been shut down,” its operator confirmed Wednesday.

“They took everything – phone, laptop, PC and cash, as well as other stuff to gather evidence against me. I’m sorry it has come to this but i’m looking at a stretch inside.”

Soon after the news was made public, many people on Facebook speculated that the arrest never happened and that BulkyIPTV’s operator had conjured up a story in order to “do a runner” with his customers’ subscription money.

However, a source close to the situation insisted that an arrest had been made in the Derby area of the UK in connection with live TV piracy, a fact we reported in our article.

For a few days things went silent, but in a joint statement with the Federation Against Copyright Theft, Derbyshire Police have now confirmed that they executed a warrant at a Derby property last week.

“The warrant took place on Tuesday (18th July) as part of ongoing work to stop the use of the illegal set top boxes, which are tampered with to enable them to offer a range of premium subscription services such as Sky TV and BT Sport without paying for them,” the police statement reads.

While the police don’t specifically mention BulkyIPTV in their press release, everything points to the operator of the service being the person who was targeted last week.

BulkyGifts.co.uk, a site connected to BulkyIPTV that sold a product which enabled people to access cable and satellite programming cheaply, was initially registered to the address that police targeted on Tuesday in Grenfell Avenue, Sunny Hill. The name of the person who registered the domain is also a perfect match with Electoral Roll records and social media profiles across numerous sites.

Police confirmed that a 29-year-old man was arrested on suspicion of fraud, money laundering, and copyright offenses. Electronic equipment was seized along with a “large amount” of cash.

In a statement, Kieron Sharp, CEO of the Federation Against Copyright Theft, reminded sellers and buyers of these services that their actions are illegal.

“This collaboration between Derbyshire police and FACT is another step forward in disrupting the sale of illegal streaming devices,” Sharp said.

“People may think there is nothing wrong with having one of these devices and streaming premium pay-for channels for free, such as live sports. However, this is illegal and you would be breaking the law.”

As highlighted in our opinion piece last week, some service providers appear to be playing fast and loose with their security. If that trend continues, expect FACT and the police to keep taking these services down.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Usenet Provider Giganews Sues Perfect 10 For Fraud, Demands $20m

Post Syndicated from Andy original https://torrentfreak.com/usenet-provider-giganews-sues-perfect-10-for-fraud-demands-20m-170712/

For many years, Perfect 10 went about its business of publishing images of women in print and on the Internet. At some point along the way, however, the company decided that threatening to sue online service providers was more profitable.

Claiming copyright infringement, Perfect 10 took on a number of giants including Google, Amazon, Mastercard, and Visa, not to mention hosting providers such as LeaseWeb and OVH.

With court papers revealing that Perfect 10 owner Norman Zada worked 365 days a year on litigation and that the company acquired copyrights for use in lawsuits, it’s no surprise that around two dozen of Perfect 10’s lawsuits ended in cash settlements and defaults.

With dollar signs in mind, Perfect 10 went after another pretty big fish in 2011. The publisher claimed that Usenet provider Giganews was responsible when its users uploaded Perfect 10 images to the newsgroups. Things did not go well.

In November 2014, the U.S. District Court for the Central District of California found that Giganews was not liable for the infringing activities of its users. Perfect 10 was ordered to pay Giganews $5.6m in attorney’s fees and costs. Perfect 10 lost again at the Court of Appeals for the Ninth Circuit.

But even with all of these victories under its belt, Giganews just can’t catch a break.

The company is clearly owed millions but Perfect 10 is refusing to pay up. As a result, this week Giganews filed yet another suit, accusing Perfect 10 and Norman Zada of fraud aimed at depriving Giganews of the amounts laid out by the court.

The claims center around an alleged conspiracy in which Perfect 10 transferred its funds and assets to Zada.

“As of now (over two years since the judgment), Perfect 10 has not voluntarily paid any amount of the judgment,” the complaint begins.

“Instead, Perfect 10, through the unlawful acts of Zada and in conspiracy with him, has intentionally avoided satisfaction of the judgment through a series of fraudulent transfers of Perfect 10’s corporate assets to Zada’s personal possession.”

Giganews says these “illegal and fraudulent” transfers began back in 2014, when Perfect 10 began to realize that the fight against the Usenet provider was going bad.

For example, on November 20, 2014, around six days after the court granted summary judgment in favor of Giganews, Perfect 10 transferred $850,000 to Zada’s personal account. The Perfect 10 owner later told a Judgment Debtor’s Examination that the transfer was made due to the summary judgment orders, a statement that amounts to a confession of fraud, Giganews says.

“We had a settlement of $1.1 million in, I believe, June. I was entitled to that money,” Zada told the hearing. “And after the summary judgment orders were issued, I did not see any point in keeping more cash than we needed in the account.”

Giganews says that Perfect 10 transferred at least $1.75m in cash to Zada.

Then, within weeks of the court ordering Perfect 10 to pay $5.6m in attorneys fees and costs, Giganews says that Zada “fraudulently transferred substantially all
of Perfect 10’s physical assets” to himself for an amount that did not represent their true value.

Those assets included a car, furniture, and computer servers. When Zada was questioned why the transfers took place, he admitted that “it would have been
totally disruptive to have those [assets] seized” in satisfaction of the judgment. Indeed, the complaint alleges that the assets never moved physical location.

Perhaps surprisingly given the judgment, Giganews alleges that Zada continues to run Perfect 10’s business in much the same way as he did before. The company even has copyright infringement litigation underway against AOL in Germany, despite having few assets.

This is made possible, Giganews says, by Perfect 10 calling on assets it previously transferred to Zada. When required by the company, Zada simply “gives” them back.

In summary, Giganews says these transfers display the “badges of fraud” that indicate attempts to “hinder, delay or defraud” creditors, while leaving Perfect 10 practically insolvent.

“As a consequence, Plaintiffs are entitled to a judgment against Defendants, and each of them, in the sum of the unlawfully transferred amounts of at least $1,750,000, or in an amount to be proven at trial, together with interest on that amount at the legal rate of 10% per annum from and after March 24, 2015,” the complaint reads.

But the claim doesn’t stop there. Giganews asks the court to prevent Perfect 10 from transferring any more cash or assets out of Perfect 10 to Zada or anyone acting in concert with him or on his behalf. This is rounded off with a claim for punitive and exemplary damages of $20m to be considered during a jury trial.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Could Pirate TV Box Users Be Prosecuted For Fraud?

Post Syndicated from Andy original https://torrentfreak.com/could-pirate-tv-box-users-be-prosecuted-for-fraud-170709/

With the issue of piracy-enabled set-top boxes still making the headlines, the English Premier League (EPL) has emerged as the most likely organization to prosecute sellers of infringing boxes in the UK.

However, last month the Federation Against Copyright Theft, who provide anti-piracy services for the EPL, revealed that mere users of boxes (such as those containing augmented Kodi setups) could be targeted for prosecution sometime in the future.

As noted in our earlier coverage, people who merely stream pirated content into their own homes are difficult to track online. They pose much greater challenges than BitTorrent users, for example, who can lead investigators straight to their door. But for FACT chief executive Kieron Sharp, there are opportunities to find people via non-technical means.

“When we’re working with the police against a company that’s selling IPTV boxes or illicit streaming devices on a large scale, they have records of who they’ve sold them to,” Sharp said.

The suggestion here is that box sellers’ customer lists contain the personal details of people who obtain Premier League and other content for free so, once identified, could be open to prosecution.

With conventional thinking under copyright law, prosecuting a set-top box/Kodi user for streaming content to his own home is a bit of a daunting prospect, not to mention an expensive one. Copyright cases are notoriously complicated and an individual putting up a spirited defense could cause problems for the prosecution. The inevitable light sentence wouldn’t provide much of a deterrent either.

With all that in mind, it appears that FACT is more interested in prosecuting under other legislation.

During an interview with BBC Radio 5 Live’s Chris Warburton this week, Sharp said that people streaming into their own homes are committing a criminal offense, i.e., something that could interest the police and attract a fine or custodial sentence.

“The law has always been the case that people who are doing something illegal, streaming in their own homes, through these devices, are committing a crime. What’s happened recently is that’s been clarified by an EU judge in one case and by a civil judge in another,” Sharp said.

The EU case was BREIN v Filmspeler, which in part determined that people who stream content from an illegal source do so in breach of copyright law. The judge in the civil case was Justice Arnold, who in a UK Premier League blocking case reached the same conclusion.

While it’s now fairly clear that streaming pirate content in the EU is indeed illegal, is a civil wrong, and can be dealt with by suing someone, it’s not immediately clear how that turns into a criminal offense. It wasn’t clear in the interview either, so Warburton pressed Sharp again.

“What is the bit of the law that you are breaking when you’re streaming, how are you committing a criminal act?” he asked Sharp.

“There are various pieces of legislation,” the FACT chief said. “The one we’ve been looking at is under the Fraud Act which would say you are committing a fraud by streaming these football matches through to your television, watching them at home, and not paying for the license to do so.”

At this point, everything begins to slot into place.

For the past several years through several high-profile Internet piracy cases, FACT has shied away from prosecutions under copyright law. Each time it has opted for offenses under the Fraud Act 2006, partly because longer sentences were available at the time, i.e., up to 10 years in prison.

However, earlier this year FACT’s lawyer revealed that prosecutions under the Fraud Act can be easier for a jury to understand than those actioned under copyright law.

With this wealth of experience in mind, it’s easy to see why FACT would take this route in set-top box cases, especially when fraud legislation is relatively easy to digest.

Possession etc. of articles for use in frauds

“A person is guilty of an offense if he has in his possession or under his control any article for use in the course of or in connection with any fraud,” the Fraud Act reads.

To clarify, an ‘article’ includes “any program or data held in electronic form,” which is perfect for infringing Kodi addons etc.

Given the above, it seems that if the Court can be convinced that the person knowingly possessed a pirate set-top box programmed for fraudulent purposes, there could, in theory, be a successful prosecution resulting in a prison sentence and/or a fine.

Obtaining services dishonestly

“A person is guilty of an offense under this section if he obtains services for himself or another….by a dishonest act, and….he [knowingly] obtains them without any payment having been made for or in respect of them or without payment having been made in full,” the relevant section of the Act reads.

There are probably other angles to this under the Fraud Act but these seem to fit so well that others might not be needed. But how likely is it that someone could be prosecuted in this manner?

Sharp reiterated to the BBC that FACT could get the identities of box buyers as part of investigations into sellers, and as part of that “would see what the situation is” with their customers.

“It may well be that in the future, somebody who is an end-user may well get prosecuted,” he said.

But while the possibilities are there, Sharp really didn’t seem that keen to commit to the hounding of stream consumers in the future, and certainly not now. FACT’s strategy appears to be grounded in getting the word out that people are breaking the law.

“[People] think they can get away with it and that’s an important message from our perspective, that they must understand that they are committing offenses, apart from all the other issues of why they should be paying for the legal product. This is something that should be of concern to them, that they are committing offenses,” Sharp said.

The big question that remains is whether FACT and the English Premier League would ever take a case against a regular end-user to court. History tells us that this is fairly unlikely, but if any case did end up in court, it would definitely be hand-picked for best results.

For example, someone who bought a box from eBay would probably be of no real interest, but someone who had extended email exchanges with a seller, during which they discussed in detail how to pirate English Premier League games specifically, would provide a more useful test subject.

And then, when there are two people involved (the knowingly infringing buyer and the seller, who would also be prosecuted) that also raises the question of whether there had been an element of conspiracy.

Overall though, what people probably want to know is whether lots of people are going to get prosecuted for fraud and the answer to that is almost certainly ‘no.’ Prosecutions against the little guy are resource hungry, expensive, offer little return, and tend to generate negative publicity if they’re perceived as vindictive.

A single highly publicized case is a possible outcome if FACT and the EPL got really desperate, but there’s no guarantee that the Crown Prosecution Service would allow the case to go ahead.

“Prosecutors should guard against the criminal law being used as a debt collection agency or to protect the commercial interests of companies and organizations,” recent CPS advice reads.

“However, prosecutors should also remain alert to the fact that such organizations can become the focus of serious and organized criminal offending.”

FACT could, of course, conduct a private prosecution, which they have done several times in the past. But that is a risk too, so it seems likely that education efforts will come first, to try and slow things down.

“Our desire has always been that sports fans, football fans, would pay for the commercial package, they would pay a fee to watch and that is still our position,” Sharp told the BBC.

“But working with our clients and members such as the Premier League and Sky and BT Sports, we have to consider all the options available to us, to put a bit of a brake on this problem because it’s growing all the time.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Friday Squid Blogging: Food Supplier Passes Squid Off as Octopus

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/06/food_supplier_p.html

According to a lawsuit (main article behind paywall), “a Miami-based food vendor and its supplier have been misrepresenting their squid as octopus in an effort to boost profits.”

As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.

Read my blog posting guidelines here.

Three Men Sentenced Following £2.5m Internet Piracy Case

Post Syndicated from Andy original https://torrentfreak.com/three-men-sentenced-following-2-5m-internet-piracy-case-170622/

While legal action against low-level individual file-sharers is extremely rare in the UK, the country continues to pose a risk for those engaged in larger-scale infringement.

That is largely due to the activities of the Police Intellectual Property Crime Unit and private anti-piracy outfits such as the Federation Against Copyright Theft (FACT). Investigations are often a joint effort which can take many years to complete, but the outcomes can often involve criminal sentences.

That was the profile of another Internet piracy case that concluded in London this week. It involved three men from the UK, Eric Brooks, 43, from Bolton, Mark Valentine, 44, from Manchester, and Craig Lloyd, 33, from Wolverhampton.

The case began when FACT became aware of potentially infringing activity back in February 2011. The anti-piracy group then investigated for more than a year before handing the case to police in March 2012.

On July 4, 2012, officers from City of London Police arrested Eric Brooks’ at his home in Bolton following a joint raid with FACT. Computer equipment was seized containing evidence that Brooks had been running a Netherlands-based server hosting more than £100,000 worth of pirated films, music, games, software and ebooks.

According to police, a spreadsheet on Brooks’ computer revealed he had hundreds of paying customers, all recruited from online forums. Using PayPal or utilizing bank transfers, each paid money to access the server. Police mentioned no group or site names in information released this week.

“Enquiries with PayPal later revealed that [Brooks] had made in excess of £500,000 in the last eight years from his criminal business and had in turn defrauded the film and TV industry alone of more than £2.5 million,” police said.

“As his criminal enterprise affected not only the film and TV but the wider entertainment industry including music, games, books and software it is thought that he cost the wider industry an amount much higher than £2.5 million.”

On the same day police arrested Brooks, Mark Valentine’s home in Manchester had a similar unwelcome visit. A day later, Craig Lloyd’s home in Wolverhampton become the third target for police.

Computer equipment was seized from both addresses which revealed that the pair had been paying for access to Brooks’ servers in order to service their own customers.

“They too had used PayPal as a means of taking payment and had earned thousands of pounds from their criminal actions; Valentine gaining £34,000 and Lloyd making over £70,000,” police revealed.

But after raiding the trio in 2012, it took more than four years to charge the men. In a feature common to many FACT cases, all three were charged with Conspiracy to Defraud rather than copyright infringement offenses. All three men pleaded guilty before trial.

On Monday, the men were sentenced at Inner London Crown Court. Brooks was sentenced to 24 months in prison, suspended for 12 months and ordered to complete 140 hours of unpaid work.

Valentine and Lloyd were each given 18 months in prison, suspended for 12 months. Each was ordered to complete 80 hours unpaid work.

Detective Constable Chris Glover, who led the investigation for the City of London Police, welcomed the sentencing.

“The success of this investigation is a result of co-ordinated joint working between the City of London Police and FACT. Brooks, Valentine and Lloyd all thought that they were operating under the radar and doing something which they thought was beyond the controls of law enforcement,” Glover said.

“Brooks, Valentine and Lloyd will now have time in prison to reflect on their actions and the result should act as deterrent for anyone else who is enticed by abusing the internet to the detriment of the entertainment industry.”

While even suspended sentences are a serious matter, none of the men will see the inside of a cell if they meet the conditions of their sentence for the next 12 months. For a case lasting four years involving such large sums of money, that is probably a disappointing result for FACT and the police.

Nevertheless, the men won’t be allowed to enjoy the financial proceeds of their piracy, if indeed any money is left. City of London Police say the trio will be subject to a future confiscation hearing to seize any proceeds of crime.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Court Orders Google to Remove Links to Takedown Notice

Post Syndicated from Ernesto original https://torrentfreak.com/court-orders-google-to-remove-links-to-takedown-notice-170616/

On an average day Google processes more than three million takedown notices from copyright holders, and that’s for its search engine alone.

Thanks to Google’s transparency report, the public is able to see where these notices come from and what content they’re targeting. In addition, Google partners with Lumen to post copies of most notices online.

Founded by Harvard’s Berkman Center, Lumen is one of the few tools that helps to keep copyright holders accountable, while offering an invaluable database for researchers and the public in general.

However, not everyone is pleased with the service. Many copyright holders find it unfair that Google still indirectly links to the infringing URLs, because the search results point people to the takedown notice on Lumen, where these are listed in public.

Google linking to a standard DMCA notice

In Germany, a similar complaint was at the center of a lawsuit. A local company found that when people entered its name into the search engine combined with the term ‘suspected fraud’ (Betrugsverdacht), several search results would appear suggesting that the two were linked.

Since making false claims against companies is not allowed in Germany, the company wanted the results removed. The court agreed with this assessment and ordered Google to take action, which it did. However, after removing the results, Google added a mention at the bottom of the results pointing users to the takedown request on Lumen.

“As a reaction to a legal request that was sent to Google, we have removed one search result. You can find further information at LumenDatabase.org,” Google noted, with a link.

The company wasn’t happy with this and wanted Google to remove this mention, since it indirectly linked to the offensive URLs. After a lower court first sided with Google, the Higher Regional Court of Munich has now ordered (pdf) the search engine to remove the link to the Lumen notice.

Mirko Brüß, a lawyer and expert on German copyright law, wrote a detailed overview of the case in question on IPKAT explaining the court’s reasoning.

“By presenting its users an explanation about the deleted search result, combined with a hyperlink to the Lumen website where the deleted search result could be clicked, Google (still) enabled users to find and read the infringing statements, even after being ordered by a court to discontinue doing so,” he notes.

“The court found that it made no difference whether one or two clicks are needed to get to the result,” Brüß adds.

Lumen

While the order only refers to the link at the bottom of the search results, it may also apply to the transparency report itself, Brüß informs TorrentFreak.

It will be interesting to see if copyright holders will use similar means to ensure that Google stops linking to copies of their takedown notices. That would seriously obstruct Google’s well-intentioned transparency efforts, but thus far this hasn’t happened.

Finally, it is worth noting that Google doesn’t index the takedown notices from Lumen itself. Links to takedown notices are only added to search results where content has been removed, either by court order or following a DMCA request.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Online Platforms Should Collaborate to Ban Piracy and Terrorism, Report Suggests

Post Syndicated from Andy original https://torrentfreak.com/online-platforms-collaborate-ban-piracy-terrorism-report-suggests-170608/

With deep ties to the content industries, the Digital Citizens Alliance periodically produces reports on Internet piracy. It has published reports on cyberlockers and tried to blame Cloudflare for the spread of malware, for example.

One of the key themes pursued by DCA is that Internet piracy is inextricably linked to a whole bunch of other online evils and that tackling the former could deliver a much-needed body blow to the latter.

Its new report, titled ‘Trouble in Our Digital Midst’, takes this notion and runs with it, bundling piracy with everything from fake news to hacking, to malware and brand protection, to the sextortion of “young girls and boys” via their computer cameras.

The premise of the report is that cybercrime as a whole is undermining America’s trust in the Internet, noting that 64% of US citizens say that their trust in digital platforms has dropped in the last year. Given the topics under the spotlight, it doesn’t take long to see where this is going – Internet platforms like Google, Facebook and YouTube must tackle the problem.

“When asked, ‘In your opinion, are digital platforms doing enough to keep the Internet safe and trustworthy, or are do they need to do more?’ a staggering 75 percent responded that they need to do more to keep the Internet safe,” the report notes.

It’s abundantly clear that the report is mostly about piracy but a lot of effort has been expended to ensure that people support its general call for the Internet to be cleaned up. By drawing attention to things that even most pirates might find offensive, it’s easy to find more people in agreement.

“Nearly three-quarters of respondents see the pairing of brand name advertising with offensive online content – like ISIS/terrorism recruiting videos – as a threat to the continued trust and integrity of the Internet,” the report notes.

Of course, this is an incredibly sensitive topic. When big brand ads turned up next to terrorist recruiting videos on YouTube, there was an almighty stink, and rightly so. However, at every turn, the DCA report manages to weave the issue of piracy into the equation, noting that the problem includes the “$200 million in advertising that shows up on illegal content theft websites often unbeknownst to the brands.”

The overriding theme is that platforms like Google, Facebook, and YouTube should be able to tackle all of these problems in the same way. Filtering out a terrorist video is the same as removing a pirate movie. And making sure that ads for big brands don’t appear alongside terrorist videos will be just as easy as starving pirates of revenue, the suggestion goes.

But if terrorism doesn’t grind your gears, what about fake news?

“64 percent of Americans say that the Fake News issue has made them less likely to trust the Internet as a source of information,” the report notes.

At this juncture, Facebook gets a gentle pat on the back for dealing with fake news and employing 3,000 people to monitor for violent videos being posted to the network. This shows that the company “takes seriously” the potential harm bad actors pose to Internet safety. But in keeping with the theme running throughout the report, it’s clear DCA are carefully easing in the thin end of the wedge.

“We are at only the beginning of thinking through other kinds of illicit and illegal activity happening on digital platforms right now that we must gain or re-gain control over,” DCA writes.

Quite. In the very next sentence, the group goes on to warn about the sale of drugs and stolen credit cards, adding that the sale of illicit streaming devices (modified Kodi boxes etc) is actually an “insidious yet effective delivery mechanism to infect computers with malware such as Remote Access Trojans.”

Both Amazon and Facebook receive praise in the report for their recent banning (1,2) of augmented Kodi devices but their actions are actually framed as the companies protecting their own reputations, rather than the interests of the media groups that have been putting them under pressure.

“And though this issue underscores the challenges faced by digital platforms – not all of which act with the same level of responsibility – it also highlights the fact digital platforms can and will step up when their own brands are at stake,” the report reads.

But pirate content and Remote Access Trojans through Kodi boxes are only the beginning. Pirate sites are playing a huge part as well, DCA claims, with one in three “content theft websites” exposing people to identify theft, ransomware, and sextortion via “the computer cameras of young girls and boys.”

Worst still, if that was possible, the lack of policing by online platforms means that people are able to “showcase live sexual assaults, murders, and other illegal conduct.”

DCA says that with all this in mind, Americans are looking for online digital platforms to help them. The group claims that citizens need proactive protection from these ills and want companies like Facebook to take similar steps to those taken when warning consumers about fake news and violent content.

So what can be done to stop this tsunami of illegality? According to DCA, platforms like Google, Facebook, YouTube, and Twitter need to up their game and tackle the problem together.

“While digital platforms collaborate on policy and technical issues, there is no evidence that they are sharing information about the bad actors themselves. That enables criminals and bad actors to move seamlessly from platform to platform,” DCA writes.

“There are numerous examples of industry working together to identify and share information about exploitive behavior. For example, casinos share information about card sharks and cheats, and for decades the retail industry has shared information about fraudulent credit cards. A similar model would enable digital platforms and law enforcement to more quickly identify and combat those seeking to leverage the platforms to harm consumers.”

How this kind of collaboration could take place in the real world is open to interpretation but the DCA has a few suggestions of its own. Again, it doesn’t shy away from pulling people on side with something extremely offensive (in this case child pornography) in order to push what is clearly an underlying anti-piracy agenda.

“With a little help from engineers, digital platforms could create fingerprints of unlawful conduct that is shared across platforms to proactively block such conduct, as is done in a limited capacity with child pornography,” DCA explains.

“If these and other newly developed measures were adopted, digital platforms would have the information to enable them to make decisions whether to de-list or demote websites offering illicit goods and services, and the ability to stop the spread of illegal behavior that victimizes its users.”

The careful framing of the DCA report means that there’s something for everyone. If you don’t agree with them on tackling piracy, then their malware, fake news, or child exploitation angles might do the trick. It’s quite a clever strategy but one that the likes of Google, Facebook, and YouTube will recognize immediately.

And they need to – because apparently, it’s their job to sort all of this out. Good luck with that.

The full report can be found here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

So You Want To Be An Internet Piracy Investigator?

Post Syndicated from Andy original https://torrentfreak.com/so-you-want-to-be-an-internet-piracy-investigator-170528/

While the authorities would like to paint a picture of Internet pirates as thoughtless thieves only interested in the theft of intellectual property, the truth is more nuanced.

Like every other online and indeed offline location, pirate sites are filled with people from all corners of society, from rich to poor, and from the basically educated to the borderline genius.

What is especially interesting is the extremely thin line between poacher and gamekeeper, between those who want to exploit intellectual property and those who want to protect it. Indeed, it is far from uncommon to find former pirates and renegade coders “going straight” by working for their former enemies.

While a repellent thought to some, it makes perfect sense. Anyone who knows the piracy scene back to front could be a valuable asset to the other side, under the right circumstances. But what does it really take to be an anti-piracy investigator?

As it happens, the UK’s Federation Against Copyright Theft is currently trying to fill exactly such a position. The job of “Internet Investigator” is based in the UK and the successful applicant will report to a manager. While that tends to suggest a lower pay grade, FACT are insistent that applicants meet stringent criteria.

“Working as a proactive member of the investigatory team to support the strategic objectives of FACT. Responsible for the detection, investigation, and protection of clients Intellectual Property whether physical or digital as directed by the Investigations Manager,” the listing reads.

More specifically, FACT is looking for someone with a “strong aptitude for investigation” who is capable of working under minimal supervision. The candidate is also required to have a proven record of liaising with “industry and enforcement organizations”, presumably including entertainment companies and the police.

At this point, things get pretty interesting. FACT says that the job involves assessing and investigating “individuals and entities” responsible for “illegal or infringing activity related to Intellectual Property.” Think torrent, streaming and IPTV site operators and staff, release group members, ‘Kodi Box’ sellers, infringing addon developers, even people flogging dodgy DVDs down the market.

When these investigations are being carried out, FACT expects evidence and intelligence to be gathered “ethically and in accordance with criminal procedure rules”, presumably so that cases don’t collapse when they end up in court. Which they often do.

Also of interest is how closely FACT appears to align its practices with those of the police. While the candidate is expected to liaise with law enforcement, they will also be expected to take part in briefings, seizure of evidence and prosecution support, all while “managing risks” and acting in accordance with UK legislation.

Another aspect of the job is a little cryptic, in that it requires the candidate to “locate offenders” and then undertake action “with an alternative approach to a proportionate solution.” That’s open to interpretation but it sounds very much like the home visits FACT has been known to make to site operators, who are asked to cease and desist while handing over their domains.

Unsurprisingly, FACT are looking for someone with a computer science degree or similar, and good organizational skills. Above that, it’s fairly obvious they’re seeking someone with a legal background, perhaps a law graduate or even a former police officer.

In addition to familiarity with the rules laid down in the Management of Police Information (MOPI) 2010, the candidate will be required to attend court hearings to give evidence. They’ll also need to conduct “intrusive surveillance” in accordance with the Regulation of Investigatory Powers Act 2000 (RIPA) and have knowledge of:

– European Convention on Human Rights Act 2000
– Police and Criminal Evidence Act 1984
– Regulation of Investigatory Powers Act 2000
– Data Protection Act 1998
– Proceeds of Crime Act 2002
– Fraud Act 2006
– Serious Crime Act 2007
– Copyright Designs & Patents Act 1988 and Trade Marks Act 1994
– Computer Misuse Act 1990
– Other applicable legislation

The window to apply has almost run out but given the laundry list of qualities above, it seems unlikely that FACT will be swamped with perfectly suitable candidates right off the bat.

Finally, it’s probably worth mentioning that former torrent site operators and release group members keen to branch out are not specifically mentioned as primary candidates, so the poacher-turned-gamekeeper applicant might want to keep that part under their hat, at least until later.

Otherwise, FACT might just slap the cuffs on there and then, in line with UK legislation and procedure, of course.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Ransomware and the Internet of Things

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/05/ransomware_and_.html

As devastating as the latest widespread ransomware attacks have been, it’s a problem with a solution. If your copy of Windows is relatively current and you’ve kept it updated, your laptop is immune. It’s only older unpatched systems on your computer that are vulnerable.

Patching is how the computer industry maintains security in the face of rampant Internet insecurity. Microsoft, Apple and Google have teams of engineers who quickly write, test and distribute these patches, updates to the codes that fix vulnerabilities in software. Most people have set up their computers and phones to automatically apply these patches, and the whole thing works seamlessly. It isn’t a perfect system, but it’s the best we have.

But it is a system that’s going to fail in the “Internet of things”: everyday devices like smart speakers, household appliances, toys, lighting systems, even cars, that are connected to the web. Many of the embedded networked systems in these devices that will pervade our lives don’t have engineering teams on hand to write patches and may well last far longer than the companies that are supposed to keep the software safe from criminals. Some of them don’t even have the ability to be patched.

Fast forward five to 10 years, and the world is going to be filled with literally tens of billions of devices that hackers can attack. We’re going to see ransomware against our cars. Our digital video recorders and web cameras will be taken over by botnets. The data that these devices collect about us will be stolen and used to commit fraud. And we’re not going to be able to secure these devices.

Like every other instance of product safety, this problem will never be solved without considerable government involvement.

For years, I have been calling for more regulation to improve security in the face of this market failure. In the short term, the government can mandate that these devices have more secure default configurations and the ability to be patched. It can issue best-practice regulations for critical software and make software manufacturers liable for vulnerabilities. It’ll be expensive, but it will go a long way toward improved security.

But it won’t be enough to focus only on the devices, because these things are going to be around and on the Internet much longer than the two to three years we use our phones and computers before we upgrade them. I expect to keep my car for 15 years, and my refrigerator for at least 20 years. Cities will expect the networks they’re putting in place to last at least that long. I don’t want to replace my digital thermostat ever again. Nor, if I ever need one, do I want a surgeon to ever have to go back in to replace my computerized heart defibrillator in order to fix a software bug.

No amount of regulation can force companies to maintain old products, and it certainly can’t prevent companies from going out of business. The future will contain billions of orphaned devices connected to the web that simply have no engineers able to patch them.

Imagine this: The company that made your Internet-enabled door lock is long out of business. You have no way to secure yourself against the ransomware attack on that lock. Your only option, other than paying, and paying again when it’s reinfected, is to throw it away and buy a new one.

Ultimately, we will also need the network to block these attacks before they get to the devices, but there again the market will not fix the problem on its own. We need additional government intervention to mandate these sorts of solutions.

None of this is welcome news to a government that prides itself on minimal intervention and maximal market forces, but national security is often an exception to this rule. Last week’s cyberattacks have laid bare some fundamental vulnerabilities in our computer infrastructure and serve as a harbinger. There’s a lot of good research into robust solutions, but the economic incentives are all misaligned. As politically untenable as it is, we need government to step in to create the market forces that will get us out of this mess.

This essay previously appeared in the New York Times. Yes, I know I’m repeating myself.

Copyright Troll Attorney John Steele Disbarred by Illinois Supreme Court

Post Syndicated from Ernesto original https://torrentfreak.com/copyright-troll-attorney-john-steele-disbarred-by-illinois-supreme-court-170522/

Over the years, copyright trolls have been accused of involvement in various dubious schemes and actions, but there’s one group that has gone above and beyond.

Prenda Law grabbed dozens of headlines, mostly surrounding negative court rulings over identity theft, misrepresentation and even deception.

Most controversial was the shocking revelation that Prenda uploaded their own torrents to The Pirate Bay, creating a honeypot for the people they later sued over pirated downloads.

The allegations also raised the interest of the US Department of Justice, which indicted Prenda principals John Steele and Paul Hansmeier late last year. The two stand accused of running a multi-million dollar fraud and extortion operation.

A few weeks ago Steele pleaded guilty, admitting among other things that they did indeed use The Pirate Bay to operate a honeypot for online pirates.

Following the guilty plea the Illinois Supreme Court, which started looking into the case long before the indictment, has now decided to disbar the attorney. This means that Steele no longer has the right to practice law.

The decision doesn’t really come as a surprise. Steele has admitted to two of the 18 counts listed in the indictment, including some of the allegations that were also listed by the Supreme Court.

In its conclusion, the Court lists a variety of misconduct including “conduct involving dishonesty, fraud, deceit, or misrepresentation, by conduct including filing lawsuits without supporting facts, under the names of entities like Ingenuity 13 and AF Holdings, which were created by Movant for purposes of exacting settlements.”

Also, Steele’s trolling operation was “using means that had no substantial purpose other than to embarrass or burden a third person, or using methods of obtaining evidence that violates the legal rights of such a person…,” the Supreme Court writes.

Steele was disbarred “on consent,” according to Cook County Record, which means that he agreed to have his Illinois law practice license revoked.

The disbarment is not unexpected considering Steele’s guilty plea. However, victims of the Prenda trolling scheme may still welcome it as a form of justice. Meanwhile, Steele has bigger problems to worry about.

The former Prenda attorney is still awaiting his sentencing in the criminal case. In theory, he faces a statutory maximum sentence of 40 years in prison as well as a criminal fine of hundreds of thousands of dollars. However, by signing a plea agreement, he likely gets a reduced sentence.

The Illnois Supreme Court conclusions are available here (pdf), courtesy of Fight Copyright Trolls.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Kim Dotcom Says Family Trust Could Sue Mega Investor

Post Syndicated from Andy original https://torrentfreak.com/kim-dotcom-says-family-trust-could-sue-mega-investor-170511/

One year after the raid on Megaupload and his sprawling mansion, Kim Dotcom fought back in grand fashion by launching new file-hosting site Mega.

It was a roaring success, signing up hundreds of thousands of users in the first few hours alone. Mega, it seemed, might soon be kicking at heels of the unprecedented traction of Megaupload.

While Mega continued to grow, in July 2015 Dotcom indicated that his previously warm connections with the site may have soured.

“I’m not involved in Mega anymore. Neither in a managing nor in a shareholder capacity,” he said.

Dotcom went on to claim that a then-unnamed Chinese investor (wanted in China for fraud) had used straw-men and businesses to accumulate more and more Mega shares, shares that were later seized as part of an investigation by the New Zealand government.

Mega bosses angrily denied that there had been any hostile takeover, noting that “those shareholders” who had decided not to subscribe to recent issues had “…been diluted accordingly. That has been their choice.”

But a year later and the war of words between Dotcom and Mega was still simmering, with the Chinese investor now being openly named as Bill Liu.

A notorious high-roller who allegedly gambled $293m at New Zealand’s SkyCity casino, Liu was soon being described by Dotcom as China’s “fifth most-wanted criminal” due to a huge investigation into the businessman’s dealings taking place back home.

Mega saw things a little differently, however.

“Mr Liu has a shareholding interest but has no management or board position so he certainly doesn’t control Mega,” the company insisted at the time.

Dotcom disagreed strongly with that assertion and this week, more than a year later, the topic has raised its head yet again.

“In a nutshell, Bill Liu has taken control of Mega by using straw men to buy shares for him, ultimately giving him the majority on the board,” Dotcom informs TF.

In common with the raid on Megaupload, the Mega/Liu backstory is like something out of a Hollywood movie.

This week the NZ Herald published an amazing report detailing Liu’s life since he first entered New Zealand in 2001. A section explains how he first got involved with Mega.

Tony Lentino, who was the founder of domain name registrar Instra, was also Mega’s first CEO. It’s reported that he later fell out with Dotcom and wanted to sell his shares in the company.

Bill Liu wanted to invest so Lentino went to meet him at his penthouse apartment on the 35th floor of the Metropolis tower in central Auckland.

Lentino later told police that Liu opened a bottle of Penfolds Grange wine during the meeting – no joke at $800 per bottle. That developed into a discussion about Liu buying Lentino’s stake in Mega and a somewhat interesting trip back home for Lentino.

“You want one of my cars to take home?” Liu allegedly asked Lentino.

The basement contained a Porsche, a Bentley and a Rolls-Royce – and Lentino was invited to take his pick. He took the NZ$400,000 Rolls as part of the NZ$4.2 million share in Mega he transferred to Liu.

Well, not quite to Liu, directly at least.

“When it came time to sign the deal, the shares were to be split into two parcels: one in the name of Zhao Wu Shen, a close friend of [Liu], and a trust company,” NZ Herald reports.

“It was the third transaction where Yan had been quietly buying into Mega – nothing was in his name, but he now controlled 18.8 per cent.”

It is not clear how much Liu currently owns but Lentino later told police (who believed that Liu was hiding his assets) that the Chinese businessman was the “invisible CEO” of Mega.

Speaking with TF this week, Dotcom says that Liu achieved his status by holding Mega back.

“Liu used his power to prevent Mega from monetizing its traffic via advertising sales or premium account sales and by doing so he created an artificial situation in which Mega had to raise more money to survive,” Dotcom says.

“He then pumped double-digit millions of dollars into the business via his straw men in order to dilute all other shareholders to almost zero.”

Dotcom says that Mega could’ve been “instantly profitable, ” but instead Liu intentionally forced the company into a loss-making situation, safe in the knowledge he could “turn on profitability at the push of a button.”

Dotcom says Liu chose not to do that until he directly or indirectly owned “almost all” of the shares in Mega. That, he says, came at the expense of his family, who had invested in Mega.

“The family trust that was setup for the benefit of my children owned the majority of Mega until Bill Liu entered the stage with his unlawful actions to take control of the company,” Dotcom says.

“He ran it at a loss when it could have been profitable, and then diluted other shareholders.”

According to Dotcom, the people behind his family trust are now considering their options, including legal action against Liu and others.

“The trustees of the family trust are now considering legal action against all parties involved in this dilution scam in light of the new information that has become public today from other court proceedings against Bill Liu,” Dotcom concludes.

It’s difficult to find a more colorful character than Dotcom, but Bill Liu certainly gives Dotcom a run for his money. His story can be found here, it’s almost unbelievable.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Court Extends Hold on Megaupload’s MPAA and RIAA Lawsuits

Post Syndicated from Ernesto original https://torrentfreak.com/court-extends-hold-on-megauploads-mpaa-and-riaa-lawsuits-170409/

megaupload-logoWell over five years have passed since Megaupload was shutdown and it’s still unclear how the criminal proceedings will unfold.

A few weeks ago the New Zealand High Court ruled that Kim Dotcom and his former colleagues can be extradited to the US. Not on copyright grounds, but for conspiracy to defraud.

Following the ruling Dotcom quickly announced that he would take the matter to the Court of Appeal, which will prolong the case for several months at least.

While all parties await the outcome of this appeal, the criminal case in the United States remains pending. The same goes for the civil cases launched by the MPAA and RIAA in 2014.

Since the civil cases may influence the criminal proceedings, Megaupload’s legal team previously managed to put these cases on hold, and this week another extension was granted.

Previously there were concerns that the long delays could result in the destruction of evidence, as some of Megaupload’s hard drives were starting to fail. However, after the parties agreed on a solution to back-up and restore the files, this is no longer an issue.

“With the preservation order now in place, Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months, subject to the terms and conditions stated in the proposed order,” the company wrote in the motion to stay.

On Thursday U.S. District Court Judge Liam O’Grady granted Megaupload’s request to stay both lawsuits until October this year, barring any new developments. The music and movie companies didn’t oppose the motion.

The order of U.S. District Court Judge Liam O’Grady is available here (pdf). A copy of Megaupload’s request can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

AWS Hot Startups – March 2017

Post Syndicated from Ana Visneski original https://aws.amazon.com/blogs/aws/aws-hot-startups-march-2017/

As the madness of March rounds up, take a break from all the basketball and check out the cool startups Tina Barr brings you for this month!

-Ana


The arrival of spring brings five new startups this month:

  • Amino Apps – providing social networks for hundreds of thousands of communities.
  • Appboy – empowering brands to strengthen customer relationships.
  • Arterys – revolutionizing the medical imaging industry.
  • Protenus – protecting patient data for healthcare organizations.
  • Syapse – improving targeted cancer care with shared data from across the country.

In case you missed them, check out February’s hot startups here.

Amino Apps (New York, NY)
Amino Logo
Amino Apps was founded on the belief that interest-based communities were underdeveloped and outdated, particularly when it came to mobile. CEO Ben Anderson and CTO Yin Wang created the app to give users access to hundreds of thousands of communities, each of them a complete social network dedicated to a single topic. Some of the largest communities have over 1 million members and are built around topics like popular TV shows, video games, sports, and an endless number of hobbies and other interests. Amino hosts communities from around the world and is currently available in six languages with many more on the way.

Navigating the Amino app is easy. Simply download the app (iOS or Android), sign up with a valid email address, choose a profile picture, and start exploring. Users can search for communities and join any that fit their interests. Each community has chatrooms, multimedia content, quizzes, and a seamless commenting system. If a community doesn’t exist yet, users can create it in minutes using the Amino Creator and Manager app (ACM). The largest user-generated communities are turned into their own apps, which gives communities their own piece of real estate on members’ phones, as well as in app stores.

Amino’s vast global network of hundreds of thousands of communities is run on AWS services. Every day users generate, share, and engage with an enormous amount of content across hundreds of mobile applications. By leveraging AWS services including Amazon EC2, Amazon RDS, Amazon S3, Amazon SQS, and Amazon CloudFront, Amino can continue to provide new features to their users while scaling their service capacity to keep up with user growth.

Interested in joining Amino? Check out their jobs page here.

Appboy (New York, NY)
In 2011, Bill Magnuson, Jon Hyman, and Mark Ghermezian saw a unique opportunity to strengthen and humanize relationships between brands and their customers through technology. The trio created Appboy to empower brands to build long-term relationships with their customers and today they are the leading lifecycle engagement platform for marketing, growth, and engagement teams. The team recognized that as rapid mobile growth became undeniable, many brands were becoming frustrated with the lack of compelling and seamless cross-channel experiences offered by existing marketing clouds. Many of today’s top mobile apps and enterprise companies trust Appboy to take their marketing to the next level. Appboy manages user profiles for nearly 700 million monthly active users, and is used to power more than 10 billion personalized messages monthly across a multitude of channels and devices.

Appboy creates a holistic user profile that offers a single view of each customer. That user profile in turn powers contextual cross-channel messaging, lifecycle engagement automation, and robust campaign insights and optimization opportunities. Appboy offers solutions that allow brands to create push notifications, targeted emails, in-app and in-browser messages, news feed cards, and webhooks to enhance the user experience and increase customer engagement. The company prides itself on its interoperability, connecting to a variety of complimentary marketing tools and technologies so brands can build the perfect stack to enable their strategies and experiments in real time.

AWS makes it easy for Appboy to dynamically size all of their service components and automatically scale up and down as needed. They use an array of services including Elastic Load Balancing, AWS Lambda, Amazon CloudWatch, Auto Scaling groups, and Amazon S3 to help scale capacity and better deal with unpredictable customer loads.

To keep up with the latest marketing trends and tactics, visit the Appboy digital magazine, Relate. Appboy was also recently featured in the #StartupsOnAir video series where they gave insight into their AWS usage.

Arterys (San Francisco, CA)
Getting test results back from a physician can often be a time consuming and tedious process. Clinicians typically employ a variety of techniques to manually measure medical images and then make their assessments. Arterys founders Fabien Beckers, John Axerio-Cilies, Albert Hsiao, and Shreyas Vasanawala realized that much more computation and advanced analytics were needed to harness all of the valuable information in medical images, especially those generated by MRI and CT scanners. Clinicians were often skipping measurements and making assessments based mostly on qualitative data. Their solution was to start a cloud/AI software company focused on accelerating data-driven medicine with advanced software products for post-processing of medical images.

Arterys’ products provide timely, accurate, and consistent quantification of images, improve speed to results, and improve the quality of the information offered to the treating physician. This allows for much better tracking of a patient’s condition, and thus better decisions about their care. Advanced analytics, such as deep learning and distributed cloud computing, are used to process images. The first Arterys product can contour cardiac anatomy as accurately as experts, but takes only 15-20 seconds instead of the 45-60 minutes required to do it manually. Their computing cloud platform is also fully HIPAA compliant.

Arterys relies on a variety of AWS services to process their medical images. Using deep learning and other advanced analytic tools, Arterys is able to render images without latency over a web browser using AWS G2 instances. They use Amazon EC2 extensively for all of their compute needs, including inference and rendering, and Amazon S3 is used to archive images that aren’t needed immediately, as well as manage costs. Arterys also employs Amazon Route 53, AWS CloudTrail, and Amazon EC2 Container Service.

Check out this quick video about the technology that Arterys is creating. They were also recently featured in the #StartupsOnAir video series and offered a quick demo of their product.

Protenus (Baltimore, MD)
Protenus Logo
Protenus founders Nick Culbertson and Robert Lord were medical students at Johns Hopkins Medical School when they saw first-hand how Electronic Health Record (EHR) systems could be used to improve patient care and share clinical data more efficiently. With increased efficiency came a huge issue – an onslaught of serious security and privacy concerns. Over the past two years, 140 million medical records have been breached, meaning that approximately 1 in 3 Americans have had their health data compromised. Health records contain a repository of sensitive information and a breach of that data can cause major havoc in a patient’s life – namely identity theft, prescription fraud, Medicare/Medicaid fraud, and improper performance of medical procedures. Using their experience and knowledge from former careers in the intelligence community and involvement in a leading hedge fund, Nick and Robert developed the prototype and algorithms that launched Protenus.

Today, Protenus offers a number of solutions that detect breaches and misuse of patient data for healthcare organizations nationwide. Using advanced analytics and AI, Protenus’ health data insights platform understands appropriate vs. inappropriate use of patient data in the EHR. It also protects privacy, aids compliance with HIPAA regulations, and ensures trust for patients and providers alike.

Protenus built and operates its SaaS offering atop Amazon EC2, where Dedicated Hosts and encrypted Amazon EBS volume are used to ensure compliance with HIPAA regulation for the storage of Protected Health Information. They use Elastic Load Balancing and Amazon Route 53 for DNS, enabling unique, secure client specific access points to their Protenus instance.

To learn more about threats to patient data, read Hospitals’ Biggest Threat to Patient Data is Hiding in Plain Sight on the Protenus blog. Also be sure to check out their recent video in the #StartupsOnAir series for more insight into their product.

Syapse (Palo Alto, CA)
Syapse provides a comprehensive software solution that enables clinicians to treat patients with precision medicine for targeted cancer therapies — treatments that are designed and chosen using genetic or molecular profiling. Existing hospital IT doesn’t support the robust infrastructure and clinical workflows required to treat patients with precision medicine at scale, but Syapse centralizes and organizes patient data to clinicians at the point of care. Syapse offers a variety of solutions for oncologists that allow them to access the full scope of patient data longitudinally, view recommended treatments or clinical trials for similar patients, and track outcomes over time. These solutions are helping health systems across the country to improve patient outcomes by offering the most innovative care to cancer patients.

Leading health systems such as Stanford Health Care, Providence St. Joseph Health, and Intermountain Healthcare are using Syapse to improve patient outcomes, streamline clinical workflows, and scale their precision medicine programs. A group of experts known as the Molecular Tumor Board (MTB) reviews complex cases and evaluates patient data, documents notes, and disseminates treatment recommendations to the treating physician. Syapse also provides reports that give health system staff insight into their institution’s oncology care, which can be used toward quality improvement, business goals, and understanding variables in the oncology service line.

Syapse uses Amazon Virtual Private Cloud, Amazon EC2 Dedicated Instances, and Amazon Elastic Block Store to build a high-performance, scalable, and HIPAA-compliant data platform that enables health systems to make precision medicine part of routine cancer care for patients throughout the country.

Be sure to check out the Syapse blog to learn more and also their recent video on the #StartupsOnAir video series where they discuss their product, HIPAA compliance, and more about how they are using AWS.

Thank you for checking out another month of awesome hot startups!

-Tina Barr

 

Congress Removes FCC Privacy Protections on Your Internet Usage

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/03/congress_remove.html

Think about all of the websites you visit every day. Now imagine if the likes of Time Warner, AT&T, and Verizon collected all of your browsing history and sold it on to the highest bidder. That’s what will probably happen if Congress has its way.

This week, lawmakers voted to allow Internet service providers to violate your privacy for their own profit. Not only have they voted to repeal a rule that protects your privacy, they are also trying to make it illegal for the Federal Communications Commission to enact other rules to protect your privacy online.

That this is not provoking greater outcry illustrates how much we’ve ceded any willingness to shape our technological future to for-profit companies and are allowing them to do it for us.

There are a lot of reasons to be worried about this. Because your Internet service provider controls your connection to the Internet, it is in a position to see everything you do on the Internet. Unlike a search engine or social networking platform or news site, you can’t easily switch to a competitor. And there’s not a lot of competition in the market, either. If you have a choice between two high-speed providers in the US, consider yourself lucky.

What can telecom companies do with this newly granted power to spy on everything you’re doing? Of course they can sell your data to marketers — and the inevitable criminals and foreign governments who also line up to buy it. But they can do more creepy things as well.

They can snoop through your traffic and insert their own ads. They can deploy systems that remove encryption so they can better eavesdrop. They can redirect your searches to other sites. They can install surveillance software on your computers and phones. None of these are hypothetical.

They’re all things Internet service providers have done before, and they are some of the reasons the FCC tried to protect your privacy in the first place. And now they’ll be able to do all of these things in secret, without your knowledge or consent. And, of course, governments worldwide will have access to these powers. And all of that data will be at risk of hacking, either by criminals and other governments.

Telecom companies have argued that other Internet players already have these creepy powers — although they didn’t use the word “creepy” — so why should they not have them as well? It’s a valid point.

Surveillance is already the business model of the Internet, and literally hundreds of companies spy on your Internet activity against your interests and for their own profit.

Your e-mail provider already knows everything you write to your family, friends, and colleagues. Google already knows our hopes, fears, and interests, because that’s what we search for.

Your cellular provider already tracks your physical location at all times: it knows where you live, where you work, when you go to sleep at night, when you wake up in the morning, and — because everyone has a smartphone — who you spend time with and who you sleep with.

And some of the things these companies do with that power is no less creepy. Facebook has run experiments in manipulating your mood by changing what you see on your news feed. Uber used its ride data to identify one-night stands. Even Sony once installed spyware on customers’ computers to try and detect if they copied music files.

Aside from spying for profit, companies can spy for other purposes. Uber has already considered using data it collects to intimidate a journalist. Imagine what an Internet service provider can do with the data it collects: against politicians, against the media, against rivals.

Of course the telecom companies want a piece of the surveillance capitalism pie. Despite dwindling revenues, increasing use of ad blockers, and increases in clickfraud, violating our privacy is still a profitable business — especially if it’s done in secret.

The bigger question is: why do we allow for-profit corporations to create our technological future in ways that are optimized for their profits and anathema to our own interests?

When markets work well, different companies compete on price and features, and society collectively rewards better products by purchasing them. This mechanism fails if there is no competition, or if rival companies choose not to compete on a particular feature. It fails when customers are unable to switch to competitors. And it fails when what companies do remains secret.

Unlike service providers like Google and Facebook, telecom companies are infrastructure that requires government involvement and regulation. The practical impossibility of consumers learning the extent of surveillance by their Internet service providers, combined with the difficulty of switching them, means that the decision about whether to be spied on should be with the consumer and not a telecom giant. That this new bill reverses that is both wrong and harmful.

Today, technology is changing the fabric of our society faster than at any other time in history. We have big questions that we need to tackle: not just privacy, but questions of freedom, fairness, and liberty. Algorithms are making decisions about policing, healthcare.

Driverless vehicles are making decisions about traffic and safety. Warfare is increasingly being fought remotely and autonomously. Censorship is on the rise globally. Propaganda is being promulgated more efficiently than ever. These problems won’t go away. If anything, the Internet of things and the computerization of every aspect of our lives will make it worse.

In today’s political climate, it seems impossible that Congress would legislate these things to our benefit. Right now, regulatory agencies such as the FTC and FCC are our best hope to protect our privacy and security against rampant corporate power. That Congress has decided to reduce that power leaves us at enormous risk.

It’s too late to do anything about this bill — Trump will certainly sign it — but we need to be alert to future bills that reduce our privacy and security.

This post previously appeared on the Guardian.

EDITED TO ADD: Former FCC Commissioner Tom Wheeler wrote a good op-ed on the subject. And here’s an essay laying out what this all means to the average Internet user.

UK Court Dismisses Case Against Torrent Site Proxy Operator

Post Syndicated from Ernesto original https://torrentfreak.com/uk-court-dismisses-case-against-torrent-site-proxy-operator-170307/

cityoflondonpoliceDuring the summer of 2014, City of London Police arrested then 20-year-old Callum Haywood of Bakersfield for his involvement with several proxy sites and services.

The investigation linked Haywood to Immunicity, a censorship circumvention tool that allowed users to route their traffic through a proxy network. In addition, he was also connected to the Pirate Bay proxy list Piratereverse.info plus several KickassTorrents and other proxy sites.

These proxies all served as a copy of the original sites, which are blocked by several UK ISPs, allowing users to bypass restrictions imposed by the High Court. While Haywood wasn’t operating any of the original sites, police decided to move ahead with the case anyway.

Following the arrest, progress was slow. It took nearly two years for the Police Intellectual Property Crime Unit (PIPCU) to formally announce charges, which amounted to one count of converting and/or transferring criminal property and six counts of possession of an article for use in fraud.

The charges related to the operation of a Pirate Bay proxy and two KickassTorrent proxies, and could’ve potentially landed the now 23-year-old a prison sentence of over ten years.

Haywood, however, denied any wrongdoing and after three dismissal hearings, his Honour Judge Dickinson QC of the Nottingham Crown Court agreed that the case should be dismissed. The initial dismissal was signed late last week, and after PIPCU chose not to appeal, the case is now over.

Piratereverse.info

piratereverse

No official paperwork has been released yet, but we were informed that the Court dismissed the case because of conflicting arguments that were presented during hearings last September and December.

The prosecution initially argued that the reverse proxy sites allowed users to make a fraudulent false representation to their ISP, by obscuring their IP-addresses. In a later hearing, however, they argued that Haywood was the one who made the false representation through his software.

The contradicting claims appear to demonstrate a lack of technical understanding on the prosecution’s side. In their September argument, they seemed to confuse a reverse proxy site with a forward proxy, which would indeed hide a user’s activity from an ISP.

In the December hearing, the prosecution made another error. In their attempt to explain what a reverse proxy server is, they relied on printouts from Wikipedia as official evidence. The judge wasn’t happy and stressed that it was unacceptable for the prosecution to submit clearly inadmissible evidence.

While Haywood is obviously pleased with the end result, the case took its toll. There was a looming uncertainty present for years, as well as the prospect of ending up in prison if the case went in the wrong direction.

“Two and a half years is a long time, I have gone from being an undergrad computer science student to graduating with a first class honours, and working as a software developer for a network appliance vendor,” Haywood informs TF.

“While I don’t think it has prevented me from achieving what I wanted, it has been a very difficult period of time for my family, and my friends. Having the case dismissed goes to show how the right decision was to plead not guilty – had I pleaded guilty, I would have been sentenced without contest.”

Haywood always maintained his innocence and in the end it paid off. He now hopes to leave the bad times behind and focus on the future. As for the authorities, he hopes that they will address real threats to society, instead of reverse proxy sites.

“I am pleased that it is over, as it was very frustrating. Everyone that I had discussed the case with who had a decent understanding of the technicalities was shocked that it had been allowed to get so far.

“It is also a disappointment how many resources were wasted in dealing with this case, when there are much more serious actual crimes on our streets,” Haywood concludes.

TorrentFreak contacted PIPCU for a comment, but we haven’t heard back at the time of publication.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Prenda Attorney Pleads Guilty to Operating a Piracy ‘Honeypot’

Post Syndicated from Ernesto original https://torrentfreak.com/prenda-attorney-pleads-guilty-to-operating-a-piracy-honeypot-170307/

In recent years, so-called copyright trolls have been accused of various dubious schemes and actions, with one group as the frontrunner.

Prenda Law grabbed dozens of headlines, mostly surrounding negative court rulings over identity theft, misrepresentation and even deception.

Most controversial was the shocking revelation that Prenda uploaded their own torrents to The Pirate Bay, creating a honeypot for the people they later sued over pirated downloads.

The allegations ultimately resulted in a criminal indictment last year, and now one of the main Prenda attorneys has pleaded guilty before the District Court of Minnesota. A few hours ago John Steele, 45, signed a plea agreement admitting that he is guilty of mail fraud, wire fraud, and conspiracy to commit money laundering.

According to Steele, he and his colleague Paul Hansmeier generated more than $6 million by threatening BitTorrent users who allegedly downloaded pirated porn videos, some of which the attorney created and uploaded himself.

“Steele admitted that he and Hansmeier created a series of sham entities to obtain copyrights to pornographic movies – some of which they filmed themselves – and then uploaded those movies to file-sharing websites like ‘The Pirate Bay’ in order to lure people to download the movies,” the Department of Justice (DoJ) announced.

The Pirate Bay played an important role in this case. Not only were the founders of the site heard as witnesses, but the site was also an unwitting part of Prenda’s honeypot scheme as our coverage exposed several years ago.

“…defendants caused P.H. to upload their clients’ pornographic movies to BitTorrent file-sharing websites, including a website named the Pirate Bay, without their clients’ consent in order to entice people to download the movies and make it easier to catch those who attempted to obtain the movies,” the plea agreement reads.

From the plea agreement

Prenda Law went to great lengths to hide its direct involvement in the uploading of the material as well as its personal stake in the lawsuits and settlements, according to the plea agreement.

After extracting IP-addresses of account holders who allegedly shared the files Prenda created and uploaded, they asked courts for subpoenas to obtain the personal info of their targets from ISPs. This contact information was then used to coerce victims to pay high settlement fees.

“Steele and Hansmeier used extortionate tactics such as letters and phone calls to threaten victims with enormous financial penalties and public embarrassment unless they agreed to pay a $3,000 settlement fee,” the DoJ writes.

No sentencing date has been set yet. In theory, the Prenda attorney now faces statutory maximum sentence of 40 years in prison as well as a criminal fine of hundreds of thousands of dollars. However, by signing a plea agreement Steele is likely eligible for a reduced sentence.

Steele’s co-defendant Paul Hansmeier remains innocent until proven otherwise. However, he appears to be worse off now that Steele’s words can be used against him. Steele’s full guilty plea is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.