Tag Archives: gambling

Russia Blacklists 250 Pirate Sites For Displaying Gambling Ads

Post Syndicated from Andy original https://torrentfreak.com/russia-blacklists-250-pirate-sites-for-displaying-gambling-ads-180421/

Blocking alleged pirate sites is usually a question of proving that they’re involved in infringement and then applying to the courts for an injunction.

In Europe, the process is becoming easier, largely thanks to an EU ruling that permits blocking on copyright grounds.

As reported over the past several years, Russia is taking its blocking processes very seriously. Copyright holders can now have sites blocked in just a few days, if they can show their operators as being unresponsive to takedown demands.

This week, however, Russian authorities have again shown that copyright infringement doesn’t have to be the only Achilles’ heel of pirate sites.

Back in 2006, online gambling was completely banned in Russia. Three years later in 2009, land-based gambling was also made illegal in all but four specified regions. Then, in 2012, the Russian Supreme Court ruled that ISPs must block access to gambling sites, something they had previously refused to do.

That same year, telecoms watchdog Rozcomnadzor began publishing a list of banned domains and within those appeared some of the biggest names in gambling. Many shut down access to customers located in Russia but others did not. In response, Rozcomnadzor also began targeting sites that simply offered information on gambling.

Fast forward more than six years and Russia is still taking a hard line against gambling operators. However, it now finds itself in a position where the existence of gambling material can also assist the state in its quest to take down pirate sites.

Following a complaint from the Federal Tax Service of Russia, Rozcomnadzor has again added a large number of ‘pirate’ sites to the country’s official blocklist after they advertised gambling-related products and services.

“Rozkomnadzor, at the request of the Federal Tax Service of Russia, added more than 250 pirate online cinemas and torrent trackers to the unified register of banned information, which hosted illegal advertising of online casinos and bookmakers,” the telecoms watchdog reported.

Almost immediately, 200 of the sites were blocked by local ISPs since they failed to remove the advertising when told to do so. For the remaining 50 sites, breathing space is still available. Their bans can be suspended if the offending ads are removed within a timeframe specified by the authorities, which has not yet run out.

“Information on a significant number of pirate resources with illegal advertising was received by Rozcomnadzor from citizens and organizations through a hotline that operates on the site of the Unified Register of Prohibited Information, all of which were sent to the Federal Tax Service for making decisions on restricting access,” the watchdog revealed.

Links between pirate sites and gambling companies have traditionally been close over the years, with advertising for many top-tier brands appearing on portals large and small. However, in recent times the prevalence of gambling ads has diminished, in part due to campaigns conducted in the United States, Europe, and the UK.

For pirate site operators in Russia, the decision to carry gambling ads now comes with the added risk of being blocked. Only time will tell whether any reduction in traffic is considered serious enough to warrant a gambling boycott of their own.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Google Should Begin Delisting Pirate Sites, Aussie Rightsholders Say

Post Syndicated from Andy original https://torrentfreak.com/google-should-begin-delisting-pirate-sites-aussie-rightsholders-say-180322/

After being passed almost three years ago, in February the Australian government announced a review of its pirate site-blocking laws.

The Department of Communications asked for feedback on the effectiveness of the mechanism, from initial injunction application through to website blocking and, crucially, whether further amendments are required.

“The Department welcomes single, consolidated submissions from organizations or parties, capturing all views on the Copyright Amendment (Online Infringement) Act 2015 (Online Infringement Amendment) [pdf],” the consultation paper began.

Several responses from interested groups have been filed with the government and unsurprisingly, most come from entertainment industry groups seeking to expand on what has been achieved so far.

The most aggressive submissions come from the two companies that have made the most use of the blocking scheme so far – movie group Village Roadshow and TV provider Foxtel. Together the companies have had dozens of sites blocked in Australia by local ISPs but now they want the blocking regime expanded to online service platforms too.

Indeed, in the Roadshow and Foxtel submissions combined, Google is mentioned no less than 29 times as being part of the piracy problem Down Under.

“Village Roadshow strongly supported the original site blocking legislation and now we strongly support strengthening it,” Village Roadshow co-chief Graham Burke writes.

“With all major pirate sites blocked in Australia, the front door of the department store is shut. However, pirates, facilitated by Google and other search engines, are circumventing Australian Laws and Courts and opening a huge back door. Australia needs the power to require Google and other search engines to take reasonable steps to stop facilitating searches which lead to pirate sites.”

Burke goes on to criticize Google’s business model, which pushes tens of millions of people “searching for stolen goods” to pirate sites that hit them with “rogue advertising including illegal gambling, drugs, sex aids and prostitution.”

In a nutshell, the Village Roadshow co-chief suggests that Google’s business model involves profiting from knowingly leading consumers to illegal locations where they are ultimately ripped off.

“The analogy for Google is a Westfield Shopping Centre knowing they are getting big traffic to the center from a store that is using stolen goods to lure people and then robbing them!” he writes.

This anti-Google rant heads in a predictable direction. At the moment, Australia’s site-blocking regime only applies to ‘carriage service providers’, the home ISPs we all use. Village Roadshow wants that provision expanded to include ‘intermediary service providers’, which covers search engines, social media, and other types of internet intermediaries.

“Apart from ISP’s, many intermediaries are able to meaningfully impact traffic to infringing sites, and in fact, can and are currently used by pirates to find new locations and proxies to circumvent the ISP blocks,” Burke adds.

In other words, when served with an injunction, companies like Google and Facebook should delist results that lead people to pirate sites. This position is also championed by Foxtel, which points to a voluntary arrangement in the UK between search engines and the entertainment industries.

Under this anti-piracy code introduced last year, search engines agreed to further optimize their algorithms and processes to demote pirated content in search results. The aim is to make infringing content less visible and at a faster rate. At the same time, legal alternatives should be easier to find.

But like Village Roadshow, Foxtel doesn’t appear to be content with demotion – blocking and delisting is the aim.

“Foxtel strongly believes that extending the site blocking powers to search engines so that they must remove copyright infringing sites from search results would have a substantial impact on reducing piracy in Australia,” the company says.

“Search engines already remove URLs from site indexes to comply with local laws and product community standards and therefore, technologically Foxtel understands it would be a relatively simple exercise for search engines to comply with Australian blocking orders.”

Both Foxtel and Roadshow agree in other areas too. Currently, Australia’s site-blocking provisions apply to “online locations” situated outside Australia’s borders but both companies see a need for that restriction to be removed.

Neither company can understand why local pirate sites can’t be handled in the same way as those based overseas, with Foxtel arguing that proving an overseas element can be a costly process.

“Applicants must review individual domain locations and IP addresses and put on evidence relating to these matters to ensure that the location of the sites is established. This evidence, which we consider to be unnecessary, is produced at significant time and cost, all of which is borne by the rights holders,” Foxtel says.

While none of the above is particularly new in the global scheme of things, it’s interesting to note that even when agreements are reached and new legislation is formed, rightsholders always keep pushing for more.

That’s clearly highlighted in the Foxtel submission when the company says that the threshold for determining a pirate site should be lowered. Currently, a site must have a “primary purpose” to “infringe, or to facilitate the infringement” of copyright. Foxtel sees this as being too high.

In order to encompass general hosting sites that may also carry large quantities of infringing content, it would like to remove the term “primary purpose” and replace it with “substantial purpose or effect.” Given the recent criticisms leveled at Google and particularly YouTube for the infringing content it hosts, that request could prove difficult to push through.

Foxtel also sees a need to better tackle live streaming. In the UK, injunctions obtained by the Premier League and UEFA last year allow pirated live sports streams to be blocked in real-time. Although the injunctions are overseen by the courts, on a practical level the process is carried out between rightsholders and compliant ISPs.

Foxtel believes that Australia needs something similar.

“For site blocking to be effective in Australia in respect of live sport streaming sites which frequently change location, Foxtel anticipates that a similar process will ultimately be required to be implemented,” the company notes.

With the consultation process now over, dissenting submissions are in the minority. The most notable come from the Pirate Party (pdf) and Digital Rights Watch (pdf) although both are likely to be drowned out by the voices of rightsholders.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

What John Oliver gets wrong about Bitcoin

Post Syndicated from Robert Graham original http://blog.erratasec.com/2018/03/what-john-oliver-gets-wrong-about.html

John Oliver covered bitcoin/cryptocurrencies last night. I thought I’d describe a bunch of things he gets wrong.

How Bitcoin works

Nowhere in the show does it describe what Bitcoin is and how it works.
Discussions should always start with Satoshi Nakamoto’s original paper. The thing Satoshi points out is that there is an important cost to normal transactions, namely, the entire legal system designed to protect you against fraud, such as the way you can reverse the transactions on your credit card if it gets stolen. The point of Bitcoin is that there is no way to reverse a charge. A transaction is done via cryptography: to transfer money to me, you decrypt it with your secret key and encrypt it with mine, handing ownership over to me with no third party involved that can reverse the transaction, and essentially no overhead.
All the rest of the stuff, like the decentralized blockchain and mining, is all about making that work.
Bitcoin crazies forget about the original genesis of Bitcoin. For example, they talk about adding features to stop fraud, reversing transactions, and having a central authority that manages that. This misses the point, because the existing electronic banking system already does that, and does a better job at it than cryptocurrencies ever can. If you want to mock cryptocurrencies, talk about the “DAO”, which did exactly that — and collapsed in a big fraudulent scheme where insiders made money and outsiders didn’t.
Sticking to Satoshi’s original ideas are a lot better than trying to repeat how the crazy fringe activists define Bitcoin.

How does any money have value?

Oliver’s answer is currencies have value because people agree that they have value, like how they agree a Beanie Baby is worth $15,000.
This is wrong. A better way of asking the question why the value of money changes. The dollar has been losing roughly 2% of its value each year for decades. This is called “inflation”, as the dollar loses value, it takes more dollars to buy things, which means the price of things (in dollars) goes up, and employers have to pay us more dollars so that we can buy the same amount of things.
The reason the value of the dollar changes is largely because the Federal Reserve manages the supply of dollars, using the same law of Supply and Demand. As you know, if a supply decreases (like oil), then the price goes up, or if the supply of something increases, the price goes down. The Fed manages money the same way: when prices rise (the dollar is worth less), the Fed reduces the supply of dollars, causing it to be worth more. Conversely, if prices fall (or don’t rise fast enough), the Fed increases supply, so that the dollar is worth less.
The reason money follows the law of Supply and Demand is because people use money, they consume it like they do other goods and services, like gasoline, tax preparation, food, dance lessons, and so forth. It’s not like a fine art painting, a stamp collection or a Beanie Baby — money is a product. It’s just that people have a hard time thinking of it as a consumer product since, in their experience, money is what they use to buy consumer products. But it’s a symmetric operation: when you buy gasoline with dollars, you are actually selling dollars in exchange for gasoline. That you call one side in this transaction “money” and the other “goods” is purely arbitrary, you call gasoline money and dollars the good that is being bought and sold for gasoline.
The reason dollars is a product is because trying to use gasoline as money is a pain in the neck. Storing it and exchanging it is difficult. Goods like this do become money, such as famously how prisons often use cigarettes as a medium of exchange, even for non-smokers, but it has to be a good that is fungible, storable, and easily exchanged. Dollars are the most fungible, the most storable, and the easiest exchanged, so has the most value as “money”. Sure, the mechanic can fix the farmers car for three chickens instead, but most of the time, both parties in the transaction would rather exchange the same value using dollars than chickens.
So the value of dollars is not like the value of Beanie Babies, which people might buy for $15,000, which changes purely on the whims of investors. Instead, a dollar is like gasoline, which obey the law of Supply and Demand.
This brings us back to the question of where Bitcoin gets its value. While Bitcoin is indeed used like dollars to buy things, that’s only a tiny use of the currency, so therefore it’s value isn’t determined by Supply and Demand. Instead, the value of Bitcoin is a lot like Beanie Babies, obeying the laws of investments. So in this respect, Oliver is right about where the value of Bitcoin comes, but wrong about where the value of dollars comes from.

Why Bitcoin conference didn’t take Bitcoin

John Oliver points out the irony of a Bitcoin conference that stopped accepting payments in Bitcoin for tickets.
The biggest reason for this is because Bitcoin has become so popular that transaction fees have gone up. Instead of being proof of failure, it’s proof of popularity. What John Oliver is saying is the old joke that nobody goes to that popular restaurant anymore because it’s too crowded and you can’t get a reservation.
Moreover, the point of Bitcoin is not to replace everyday currencies for everyday transactions. If you read Satoshi Nakamoto’s whitepaper, it’s only goal is to replace certain types of transactions, like purely electronic transactions where electronic goods and services are being exchanged. Where real-life goods/services are being exchanged, existing currencies work just fine. It’s only the crazy activists who claim Bitcoin will eventually replace real world currencies — the saner people see it co-existing with real-world currencies, each with a different value to consumers.

Turning a McNugget back into a chicken

John Oliver uses the metaphor of turning a that while you can process a chicken into McNuggets, you can’t reverse the process. It’s a funny metaphor.
But it’s not clear what the heck this metaphor is trying explain. That’s not a metaphor for the blockchain, but a metaphor for a “cryptographic hash”, where each block is a chicken, and the McNugget is the signature for the block (well, the block plus the signature of the last block, forming a chain).
Even then that metaphor as problems. The McNugget produced from each chicken must be unique to that chicken, for the metaphor to accurately describe a cryptographic hash. You can therefore identify the original chicken simply by looking at the McNugget. A slight change in the original chicken, like losing a feather, results in a completely different McNugget. Thus, nuggets can be used to tell if the original chicken has changed.
This then leads to the key property of the blockchain, it is unalterable. You can’t go back and change any of the blocks of data, because the fingerprints, the nuggets, will also change, and break the nugget chain.
The point is that while John Oliver is laughing at a silly metaphor to explain the blockchain becuase he totally misses the point of the metaphor.
Oliver rightly says “don’t worry if you don’t understand it — most people don’t”, but that includes the big companies that John Oliver name. Some companies do get it, and are producing reasonable things (like JP Morgan, by all accounts), but some don’t. IBM and other big consultancies are charging companies millions of dollars to consult with them on block chain products where nobody involved, the customer or the consultancy, actually understand any of it. That doesn’t stop them from happily charging customers on one side and happily spending money on the other.
Thus, rather than Oliver explaining the problem, he’s just being part of the problem. His explanation of blockchain left you dumber than before.

ICO’s

John Oliver mocks the Brave ICO ($35 million in 30 seconds), claiming it’s all driven by YouTube personalities and people who aren’t looking at the fundamentals.
And while this is true, most ICOs are bunk, the  Brave ICO actually had a business model behind it. Brave is a Chrome-like web-browser whose distinguishing feature is that it protects your privacy from advertisers. If you don’t use Brave or a browser with an ad block extension, you have no idea how bad things are for you. However, this presents a problem for websites that fund themselves via advertisements, which is most of them, because visitors no longer see ads. Brave has a fix for this. Most people wouldn’t mind supporting the websites they visit often, like the New York Times. That’s where the Brave ICO “token” comes in: it’s not simply stock in Brave, but a token for micropayments to websites. Users buy tokens, then use them for micropayments to websites like New York Times. The New York Times then sells the tokens back to the market for dollars. The buying and selling of tokens happens without a centralized middleman.
This is still all speculative, of course, and it remains to be seen how successful Brave will be, but it’s a serious effort. It has well respected VC behind the company, a well-respected founder (despite the fact he invented JavaScript), and well-respected employees. It’s not a scam, it’s a legitimate venture.

How to you make money from Bitcoin?

The last part of the show is dedicated to describing all the scam out there, advising people to be careful, and to be “responsible”. This is garbage.
It’s like my simple two step process to making lots of money via Bitcoin: (1) buy when the price is low, and (2) sell when the price is high. My advice is correct, of course, but useless. Same as “be careful” and “invest responsibly”.
The truth about investing in cryptocurrencies is “don’t”. The only responsible way to invest is to buy low-overhead market index funds and hold for retirement. No, you won’t get super rich doing this, but anything other than this is irresponsible gambling.
It’s a hard lesson to learn, because everyone is telling you the opposite. The entire channel CNBC is devoted to day traders, who buy and sell stocks at a high rate based on the same principle as a ponzi scheme, basing their judgment not on the fundamentals (like long term dividends) but animal spirits of whatever stock is hot or cold at the moment. This is the same reason people buy or sell Bitcoin, not because they can describe the fundamental value, but because they believe in a bigger fool down the road who will buy it for even more.
For things like Bitcoin, the trick to making money is to have bought it over 7 years ago when it was essentially worthless, except to nerds who were into that sort of thing. It’s the same tick to making a lot of money in Magic: The Gathering trading cards, which nerds bought decades ago which are worth a ton of money now. Or, to have bought Apple stock back in 2009 when the iPhone was new, when nerds could understand the potential of real Internet access and apps that Wall Street could not.
That was my strategy: be a nerd, who gets into things. I’ve made a good amount of money on all these things because as a nerd, I was into Magic: The Gathering, Bitcoin, and the iPhone before anybody else was, and bought in at the point where these things were essentially valueless.
At this point with cryptocurrencies, with the non-nerds now flooding the market, there little chance of making it rich. The lottery is probably a better bet. Instead, if you want to make money, become a nerd, obsess about a thing, understand a thing when its new, and cash out once the rest of the market figures it out. That might be Brave, for example, but buy into it because you’ve spent the last year studying the browser advertisement ecosystem, the market’s willingness to pay for content, and how their Basic Attention Token delivers value to websites — not because you want in on the ICO craze.

Conclusion

John Oliver spends 25 minutes explaining Bitcoin, Cryptocurrencies, and the Blockchain to you. Sure, it’s funny, but it leaves you worse off than when it started. It admits they “simplify” the explanation, but they simplified it so much to the point where they removed all useful information.

Massive Site-Blocking Measures Countered By 100K Browser Addon Users

Post Syndicated from Andy original https://torrentfreak.com/massive-site-blocking-measures-countered-by-100k-browser-addon-users-171231/

FCT tyIn July 2015, Portugal’s Ministry of Culture announced the signing of a memorandum between its own General Inspection of Cultural Activities (IGAC), the Portuguese Association of Telecommunication Operators (APRITEL), various rightsholder groups, the body responsible for administering Portugal’s .PT domain, and representatives from the advertising industry.

The memorandum laid out a new mechanism for blocking so-called ‘pirate’ sites. In common with similar frameworks elsewhere, the process can be triggered by a complaint from a rightsholder association. Local anti-piracy group MAPINET then collates evidence that a site is engaged in the unlawful distribution of copyright works and has failed to cease its activities.

The system was quickly utilized by rightsholders seeking to block access to their content. Within six months, 330 sites had been blocked by ISPs, but that was only the beginning. In the months and years that followed, hundreds more sites were rendered inaccessible but in common with similar programs elsewhere, no official list of blocked sites was made available. People are keeping watch, however.

SitesBloqueados (Blocked Sites) is a web portal run by Revolução dos Bytes (Bytes’ Revolution), a group of like-minded anti-censorship activists in Portugal. Created a few months after blocking began in the region, their comprehensive database now contains almost 1,400 domains, the majority of which have been blocked on copyright grounds.

“SitesBloqueados was mainly created because, although the Memorandum of Understanding contained certain requirements to make a site eligible to be blocked – such as 500 items [or links] to copyright content or one third of the site containing copyrighted material – there was no official way to validate that data and make sure that these ‘rules’ are being respected,” team member Henrique Mouta informs TF.

The manner in which the list is maintained is quite unique. As mentioned earlier, there are no official sources listing blocked domains so the people behind SitesBloqueados had to get creative. Alongside this project they also run Ahoy!, a Chrome and Firefox extension that allows users to circumvent censorship in Portugal and it’s through that tool they gather information.

“Ahoy! basically bypasses any traffic to a blocked site through our own proxies, allowing the users to navigate in a free, uncensored internet,” Henrique explains.

As this extension works on a whitelist basis, we had to create a mechanism to automatically detect and whitelist sites that have been blocked, so if a user accesses a blocked site that is not on our list yet, we get a notification so we can review the site and add it to the list. That is the list that is also powering SitesBloqueados.pt.”

When the voluntary agreement was first announced, local ISPs came under intense criticism for agreeing to work with copyright holders without need for a court process. However, Henrique says they are actually in a precarious position.

“We usually see the ISPs as the bad guys, blocking sites, throttling our internet and, more recently, going against the Internet Neutrality. But, in this particular case, all the major ISPs are forced to block any sites that have been requested in 15 days, or they might pay fines for every single day after the deadline.

“MAPiNET (MOVIMENTO CÍVICOANTI PIRATARIA NA INTERNET) is the organization, alongside with IGAC (Inspecção Geral Das Actividades Culturais), that compiles the lists of sites and sends them to the ISP. It’s usually two lists per month. Of course, I’m not excusing the ISPs, as they should stand up against censorship. But we all know that’s asking too much of them,” Henrique adds.

Interestingly, the first site blockade in Portugal wasn’t actioned on copyright grounds. It was, in fact, targeted at Uber.com.

“This happened in June 2015, after a court order to suspend all Uber activity in Portugal. This opened a huge precedent, with all these anti-piracy organizations seeing how easy is to block a site, technically speaking.

“So, at the end of August of that same year, the [anti-piracy] Memorandum was signed by all the parties and, since then, both MAPiNET and IGAC have the power to request any site block, without any court order, without any legal order,” Henrique notes.

This lit a fire under the team and two and half years later, Ahoy! is now being used by 100k people to unblock almost 1,400 sites, while feeding back information on newly blocked domains. These are then added to the blocklist database and considered for unblocking methods via the addon.

Currently, around 50 new domains are blocked every month in Portugal and Henrique and the team are determined to document every one of them. They believe that by keeping an eye on things publicly, it lets the anti-piracy groups know they are being watched and cannot act with impunity. Around 90% of all blocked domains are restricted on copyright grounds but some also fall foul of new gambling laws that forbid unlicensed sites.

From the beginning, the big question has surrounded potential abuse. So, given the lack of a court process, have any players attempted to game the system?

“So far, we haven’t seen any signs of intentional abuse. There have been a few problems with sites being wrongly blocked. The most popular case is Carbon Games site that was blocked nearly two years ago, and it was mistaken for a different site, a Gambling site, named Carbon Gaming,” Henrique says.

“A few months later, we detected another case. A Spanish journalist had a website where he was posting videoclips of the latest releases. All of these releases were originally on YouTube, uploaded by the respective owners, however that was not enough to keep the site alive.”

Under pressure from Revolução dos Bytes this block was reversed but it’s not the only instance of errors. Non-existent sites have been blocked as have sites publishing headlines and linking to the respective online newspapers.

With blocking continuing at a steady pace, dozens of new domains are restricted every month. But Henrique and the team believe it won’t achieve anything positive and only serves to harm the Internet and democracy.

“Blocking sites to prevent piracy is the same as being on a sinking submarine, trying to patch every leaking hull hole with duct tape. If they want to fight piracy, they should try to understand, in the first place, why it happens and what they can do to change it.

“It’s well known that having cheap and quality services like Netflix and Spotify helped Internet piracy levels drop to record lows, DRM issues aside, of course. And the worst of it is the timing: these organizations see the decreasing levels of piracy as a signal that their stupid censorship is actually working. I’m really afraid that this is now an unstoppable snowball. The Internet in Portugal has seen much better days,” Henrique concludes.

But while he’s pessimistic over current developments, it appears that the Ahoy! movement is only set to grow. The team say they want to bring the browser-based system to other countries that are suffering from similar blockades and that suggestions from the public are welcome.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

How Much Does ‘Free’ Premier League Piracy Cost These Days?

Post Syndicated from Andy original https://torrentfreak.com/how-much-does-free-premier-league-piracy-cost-these-days-170902/

Right now, the English Premier League is engaged in perhaps the most aggressively innovative anti-piracy operation the Internet has ever seen. After obtaining a new High Court order, it now has the ability to block ‘pirate’ streams of matches, in real-time, with no immediate legal oversight.

If the Premier League believes a server is streaming one of its matches, it can ask ISPs in the UK to block it, immediately. That’s unprecedented anywhere on the planet.

As previously reported, this campaign caused a lot of problems for people trying to access free and premium streams at the start of the season. Many IPTV services were blocked in the UK within minutes of matches starting, with free streams also dropping like flies. According to information obtained by TF, more than 600 illicit streams were blocked during that weekend.

While some IPTV providers and free streams continued without problems, it seems likely that it’s only a matter of time before the EPL begins to pick off more and more suppliers. To be clear, the EPL isn’t taking services or streams down, it’s only blocking them, which means that people using circumvention technologies like VPNs can get around the problem.

However, this raises the big issue again – that of continuously increasing costs. While piracy is often painted as free, it is not, and as setups get fancier, costs increase too.

Below, we take a very general view of a handful of the many ‘pirate’ configurations currently available, to work out how much ‘free’ piracy costs these days. The list is not comprehensive by any means (and excludes more obscure methods such as streaming torrents, which are always free and rarely blocked), but it gives an idea of costs and how the balance of power might eventually tip.

Basic beginner setup

On a base level, people who pirate online need at least some equipment. That could be an Android smartphone and easily installed free software such as Mobdro or Kodi. An Internet connection is a necessity and if the EPL blocks those all important streams, a VPN provider is required to circumvent the bans.

Assuming people already have a phone and the Internet, a VPN can be bought for less than £5 per month. This basic setup is certainly cheap but overall it’s an entry level experience that provides quality equal to the effort and money expended.

Equipment: Phone, tablet, PC
Comms: Fast Internet connection, decent VPN provider
Overal performance: Low quality, unpredictable, often unreliable
Cost: £5pm approx for VPN, plus Internet costs

Big screen, basic

For those who like their matches on the big screen, stepping up the chain costs more money. People need a TV with an HDMI input and a fast Internet connection as a minimum, alongside some kind of set-top device to run the necessary software.

Android devices are the most popular and are roughly split into two groups – the small standalone box type and the plug-in ‘stick’ variant such as Amazon’s Firestick.

A cheap Android set-top box

These cost upwards of £30 to £40 but the software to install on them is free. Like the phone, Mobdro is an option, but most people look to a Kodi setup with third-party addons. That said, all streams received on these setups are now vulnerable to EPL blocking so in the long-term, users will need to run a paid VPN.

The problem here is that some devices (including the 1st gen Firestick) aren’t ideal for running a VPN on top of a stream, so people will need to dump their old device and buy something more capable. That could cost another £30 to £40 and more, depending on requirements.

Importantly, none of this investment guarantees a decent stream – that’s down to what’s available on the day – but invariably the quality is low and/or intermittent, at best.

Equipment: TV, decent Android set-top box or equivalent
Comms: Fast Internet connection, decent VPN provider
Overall performance: Low to acceptable quality, unpredictable, often unreliable
Cost: £30 to £50 for set-top box, £5pm approx for VPN, plus Internet

Premium IPTV – PC or Android based

At this point, premium IPTV services come into play. People have a choice of spending varying amounts of money, depending on the quality of experience they require.

First of all, a monthly IPTV subscription with an established provider that isn’t going to disappear overnight is required, which can be a challenge to find in itself. We’re not here to review or recommend services but needless to say, like official TV packages they come in different flavors to suit varying wallet sizes. Some stick around, many don’t.

A decent one with a Sky-like EPG costs between £7 and £15 per month, depending on the quality and depth of streams, and how far in front users are prepared to commit.

Fairly typical IPTV with EPG (VOD shown)

Paying for a year in advance tends to yield better prices but with providers regularly disappearing and faltering in their service levels, people are often reluctant to do so. That said, some providers experience few problems so it’s a bit like gambling – research can improve the odds but there’s never a guarantee.

However, even when a provider, price, and payment period is decided upon, the process of paying for an IPTV service can be less than straightforward.

While some providers are happy to accept PayPal, many will only deal in credit cards, bitcoin, or other obscure payment methods. That sets up more barriers to entry that might deter the less determined customer. And, if time is indeed money, fussing around with new payment processors can be pricey, at least to begin with.

Once subscribed though, watching these streams is pretty straightforward. On a base level, people can use a phone, tablet, or set-top device to receive them, using software such as Perfect Player IPTV, for example. Currently available in free (ad supported) and premium (£2) variants, this software can be setup in a few clicks and will provide a decent user experience, complete with EPG.

Perfect Player IPTV

Those wanting to go down the PC route have more options but by far the most popular is receiving IPTV via a Kodi setup. For the complete novice, it’s not always easy to setup but some IPTV providers supply their own free addons, which streamline the process massively. These can also be used on Android-based Kodi setups, of course.

Nevertheless, if the EPL blocks the provider, a VPN is still going to be needed to access the IPTV service.

An Android tablet running Kodi

So, even if we ignore the cost of the PC and Internet connection, users could still find themselves paying between £10 and £20 per month for an IPTV service and a decent VPN. While more channels than simply football will be available from most providers, this is getting dangerously close to the £18 Sky are asking for its latest football package.

Equipment: TV, PC, or decent Android set-top box or equivalent
Comms: Fast Internet connection, IPTV subscription, decent VPN provider
Overal performance: High quality, mostly reliable, user-friendly (once setup)
Cost: PC or £30/£50 for set-top box, IPTV subscription £7 to £15pm, £5pm approx for VPN, plus Internet, plus time and patience for obscure payment methods.
Note: There are zero refunds when IPTV providers disappoint or disappear

Premium IPTV – Deluxe setup

Moving up to the top of the range, things get even more costly. Those looking to give themselves the full home entertainment-like experience will often move away from the PC and into the living room in front of the TV, armed with a dedicated set-top box. Weapon of choice: the Mag254.

Like Amazon’s FireStick, PC or Android tablet, the Mag254 is an entirely legal, content agnostic device. However, enter the credentials provided by many illicit IPTV suppliers and users are presented with a slick Sky-like experience, far removed from anything available elsewhere. The device is operated by remote control and integrates seamlessly with any HDMI-capable TV.

Mag254 IPTV box

Something like this costs around £70 in the UK, plus the cost of a WiFi adaptor on top, if needed. The cost of the IPTV provider needs to be figured in too, plus a VPN subscription if the provider gets blocked by EPL, which is likely. However, in this respect the Mag254 has a problem – it can’t run a VPN natively. This means that if streams get blocked and people need to use a VPN, they’ll need to find an external solution.

Needless to say, this costs more money. People can either do all the necessary research and buy a VPN-capable router/modem that’s also compatible with their provider (this can stretch to a couple of hundred pounds) or they’ll need to invest in a small ‘travel’ router with VPN client features built in.

‘Travel’ router (with tablet running Mobdro for scale)

These devices are available on Amazon for around £25 and sit in between the Mag254 (or indeed any other wireless device) and the user’s own regular router. Once the details of the VPN subscription are entered into the router, all traffic passing through is encrypted and will tunnel through web blocking measures. They usually solve the problem (ymmv) but of course, this is another cost.

Equipment: Mag254 or similar, with WiFi
Comms: Fast Internet connection, IPTV subscription, decent VPN provider
Overall performance: High quality, mostly reliable, very user-friendly
Cost: Mag254 around £75 with WiFi, IPTV subscription £7 to £15pm, £5pm for VPN (plus £25 for mini router), plus Internet, plus patience for obscure payment methods.
Note: There are zero refunds when IPTV providers disappoint or disappear

Conclusion

On the whole, people who want a reliable and high-quality Premier League streaming experience cannot get one for free, no matter where they source the content. There are many costs involved, some of which cannot be avoided.

If people aren’t screwing around with annoying and unreliable Kodi streams, they’ll be paying for an IPTV provider, VPN and other equipment. Or, if they want an easy life, they’ll be paying Sky, BT or Virgin Media. That might sound harsh to many pirates but it’s the only truly reliable solution.

However, for those looking for something that’s merely adequate, costs drop significantly. Indeed, if people don’t mind the hassle of wondering whether a sub-VHS quality stream will appear before the big match and stay on throughout, it can all be done on a shoestring.

But perhaps the most important thing to note in respect of costs is the recent changes to the pricing of Premier League content in the UK. As mentioned earlier, Sky now delivers a sports package for £18pm, which sounds like the best deal offered to football fans in recent years. It will be tempting for sure and has all the hallmarks of a price point carefully calculated by Sky.

The big question is whether it will be low enough to tip significant numbers of people away from piracy. The reality is that if another couple of thousand streams get hit hard again this weekend – and the next – and the next – many pirating fans will be watching the season drift away for yet another month, unviewed. That’s got to be frustrating.

The bottom line is that high-quality streaming piracy is becoming a little bit pricey just for football so if it becomes unreliable too – and that’s the Premier League’s goal – the balance of power could tip. At this point, the EPL will need to treat its new customers with respect, in order to keep them feeling both entertained and unexploited.

Fail on those counts – especially the latter – and the cycle will start again.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Police Intellectual Property Crime Unit Secures Funding Until 2019

Post Syndicated from Andy original https://torrentfreak.com/police-intellectual-property-crime-unit-secures-funding-until-2019-170823/

When compared to the wide range of offenses usually handled by the police, copyright infringement is a relatively rare offense.

Historically most connected to physical counterfeiting, in recent years infringement has regularly featured a significant online component.

Formed four years ago and run by the City of London Police, the Police Intellectual Property Crime Unit (PIPCU) has a mission to tackle IP crime wherever it may take place but with a special online focus. It is tightly linked to the music, movie, and publishing industries so can most often be viewed protecting their products from infringement.

PIPCU announced its arrival in the summer of 2013 and officially launched a few months later in December 2013, complete with £2.56million in funding from the UK government’s Intellectual Property Office (IPO). However, the unit had been already in operation for some time, writing warning letters to torrent and streaming site advising them to shut down – or else.

PIPCU’s initial funding secured the future of the unit until June 2015 but in October 2014, well in advance of that deadline, PIPCU secured another £3m from the IPO to fund the unit to September 2017.

Having received £5.56 million in public funds over three years, PIPCU needed to show some bang for its buck. As a result, the unit publicised numerous actions including streaming arrests, attempted domain seizures, torrent site closures and advertising disruptions. PIPCU also shut down several sports streaming and ebook sites plus a large number of proxies

With August 2017 already upon us, PIPCU should be officially out of funds in a month’s time but according to the Law Gazette, the unit is going nowhere.

An Intellectual Property Office (IPO) spokesperson told the publication that PIPCU has received £3.32m in additional funding from the government which runs from July 1, 2017, to June 30, 2019 – the unit’s sixth anniversary.

Much of PIPCU’s more recent activity appears to have been focused in two key areas, both operated under its ‘Operation Creative’ banner. The first concerns PIPCU’s Infringing Website List, which aims to deter advertisers from inadvertently finding ‘pirate’ sites.

Earlier this year, PIPCU claimed success after revealing a 64% drop in “mainstream advertising” revenue on 200 unauthorized platforms between January 2016 and January 2017. More recently, PIPCU revealed that gambling advertising, which is often seen on ‘pirate’ platforms, had reduced by 87% on IWL sites over the previous 12 months.

Finally, PIPCU has been taking action alongside local police forces, FACT, Sky, Virgin, BT, and The Premier League, against suppliers of so-called ‘fully loaded’ set-top boxes, many featuring Kodi bundled with illicit third party addons. However, after a fairly sustained initial flurry, the last publicized operation was in February 2017.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Hacking Slot Machines by Reverse-Engineering the Random Number Generators

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/08/hacking_slot_ma.html

Interesting story:

The venture is built on Alex’s talent for reverse engineering the algorithms — known as pseudorandom number generators, or PRNGs — that govern how slot machine games behave. Armed with this knowledge, he can predict when certain games are likeliest to spit out money­insight that he shares with a legion of field agents who do the organization’s grunt work.

These agents roam casinos from Poland to Macau to Peru in search of slots whose PRNGs have been deciphered by Alex. They use phones to record video of a vulnerable machine in action, then transmit the footage to an office in St. Petersburg. There, Alex and his assistants analyze the video to determine when the games’ odds will briefly tilt against the house. They then send timing data to a custom app on an agent’s phone; this data causes the phones to vibrate a split second before the agent should press the “Spin” button. By using these cues to beat slots in multiple casinos, a four-person team can earn more than $250,000 a week.

It’s an interesting article; I have no idea how much of it is true.

The sad part is that the slot-machine vulnerability is so easy to fix. Although the article says that “writing such algorithms requires tremendous mathematical skill,” it’s really only true that designing the algorithms requires that skill. Using any secure encryption algorithm or hash function as a PRNG is trivially easy. And there’s no reason why the system can’t be designed with a real RNG. There is some randomness in the system somewhere, and it can be added into the mix as well. The programmers can use a well-designed algorithm, like my own Fortuna, but even something less well-thought-out is likely to foil this attack.

Developers and Ethics

Post Syndicated from Bozho original https://techblog.bozho.net/developers-and-ethics/

“What are some areas you are particularly interested in” – recruiters (head-hunters) tend to ask that question a lot. I don’t have a good answer for that – I’ll know it when I see it. But I have a list of areas that I wouldn’t like to work in. And one of them is gambling.

Several years ago I got a very lucrative offer for a gambling company, both well paid and technically challenging. But I rejected it. Because I didn’t want to contribute to abusing peoples’ weaknesses for the sake of getting their money. And no, I’m not a raging Marxist, but gambling is bad. You may argue that it’s a necessary vice and people need it to suppress other internal struggles, but I’m not buying that as a motivator.

I felt it’s unethical to write code that does that. Like I feel it’s unethical to profile users’ behaviours and “read” their emails in order to target ads, or to write bots to disseminate fake news.

A few months ago I was part of the campaign HQ for a party in a parliamentary election. Cambridge Analytica had already become popular after “delivering Brexit and Trump’s victory”, that using voters’ data in order to target messages at them sounded like the new cool thing. As head of IT & data, I rejected this approach. Because it would be unethical to bait unsuspecting users to take dumb tests in order to provide us with facebook tokens. Yes, we didn’t have any money to hire Cambridge Analytica-like companies, but even if we had, is “outsourcing” the dubious practice changing anything? If you pay someone to trick users into unknowingly giving their personal data, it’s as if you did it yourself.

This can be a very long post about technology and ethics. But it won’t, as this is a technical blog, not a philosophical one. It won’t be about philosophy – for interesting takes on the matter you can listen to Damon Horowitz’s TED talk or even go through all of Michael Sandel’s Justice lectures at Harvard. It won’t be about how companies should be ethical (e.g. following the ethical design manifesto)

Instead, it will be a short post focusing on developers and their ethical choices.

I think we have the freedom to be ethical – there’s so much demand on the job market that rejecting an offer, refusing to do something, or leaving a company for ethical reasons is something we have the luxury to do without compromising our well-being. When asked to do something unethical, we can refuse (several years ago I was asked to take part in some shady interactions related to a potential future government contract, which I refused to do). When offered jobs that are slightly better paid but would have us build abusive technology, we can turn the offer down. When a new feature requires us to breach people’s privacy, we can argue it, and ultimately not do it.

But in order to start making these ethical choices, we have to start thinking about ethics. To put ourselves in context. We, developers, are building the world of tomorrow (it sounds grandiose, but we know it’s way more mundane than that). We are the “tools” with which future products will be shaped. And yes, that’s true even for the average back-office system of an insurance company (which allows for raising the insurance for pre-existing conditions), and true for boring banking software (which allows mortgages way beyond the actual coverage the bank has), and so on.

Are these decisions ours to make? Isn’t it legislators that should define what’s allowed and what isn’t? We are just building whatever they tell us to build. Forgive me the far-fetched analogy, but Nazi Germany was an anti-humanity machine based on people who “just followed orders”. Yes, we’ll refuse, someone else will come and do it, but collective ethics gets built over time.

As Hannah Arendt had put it – “The sad truth is that most evil is done by people who never make up their minds to be good or evil.”. We may think that as developers we don’t have a say. But without us, no software can be built. So with our individual ethical stance, a certain unethical software may not be built or be successful, and that’s a stance worth considering, especially when it costs us next to nothing.

The post Developers and Ethics appeared first on Bozho's tech blog.

Predicting a Slot Machine’s PRNG

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/02/predicting_a_sl.html

Wired is reporting on a new slot machine hack. A Russian group has reverse-engineered a particular brand of slot machine — from Austrian company Novomatic — and can simulate and predict the pseudo-random number generator.

The cell phones from Pechanga, combined with intelligence from investigations in Missouri and Europe, revealed key details. According to Willy Allison, a Las Vegas­-based casino security consultant who has been tracking the Russian scam for years, the operatives use their phones to record about two dozen spins on a game they aim to cheat. They upload that footage to a technical staff in St. Petersburg, who analyze the video and calculate the machine’s pattern based on what they know about the model’s pseudorandom number generator. Finally, the St. Petersburg team transmits a list of timing markers to a custom app on the operative’s phone; those markers cause the handset to vibrate roughly 0.25 seconds before the operative should press the spin button.

“The normal reaction time for a human is about a quarter of a second, which is why they do that,” says Allison, who is also the founder of the annual World Game Protection Conference. The timed spins are not always successful, but they result in far more payouts than a machine normally awards: Individual scammers typically win more than $10,000 per day. (Allison notes that those operatives try to keep their winnings on each machine to less than $1,000, to avoid arousing suspicion.) A four-person team working multiple casinos can earn upwards of $250,000 in a single week.

The easy solution is to use a random-number generator that accepts local entropy, like Fortuna. But there’s probably no way to easily reprogram those old machines.

Analyzing WeChat

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2016/12/analyzing_wecha.html

Citizen Lab has analyzed how censorship works in the Chinese chat app WeChat:

Key Findings:

  • Keyword filtering on WeChat is only enabled for users with accounts registered to mainland China phone numbers, and persists even if these users later link the account to an International number.
  • Keyword censorship is no longer transparent. In the past, users received notification when their message was blocked; now censorship of chat messages happens without any user notice.

  • More keywords are blocked on group chat, where messages can reach a larger audience, than one-to-one chat.

  • Keyword censorship is dynamic. Some keywords that triggered censorship in our original tests were later found to be permissible in later tests. Some newfound censored keywords appear to have been added in response to current news events.

  • WeChat’s internal browser blocks China-based accounts from accessing a range of websites including gambling, Falun Gong, and media that report critically on China. Websites that are blocked for China accounts were fully accessible for International accounts, but there is intermittent blocking of gambling and pornography websites on International accounts.

Lots more details in the paper.