Tag Archives: laws

2017 Holiday Gift Guide — Backblaze Style

Post Syndicated from Yev original https://www.backblaze.com/blog/2017-holiday-gift-guide-backblaze-style/


Here at Backblaze we have a lot of folks who are all about technology. With the holiday season fast approaching, you might have all of your gift buying already finished — but if not, we put together a list of things that the employees here at Backblaze are pretty excited about giving (and/or receiving) this year.

Smart Homes:

It’s no secret that having a smart home is the new hotness, and many of the items below can be used to turbocharge your home’s ascent into the future:

Raspberry Pi
The holidays are all about eating pie — well why not get a pie of a different type for the DIY fan in your life!

Wyze Cam
An inexpensive way to keep a close eye on all your favorite people…and intruders!

Snooz
Have trouble falling asleep? Try this portable white noise machine. Also great for the office!

Amazon Echo Dot
Need a cheap way to keep track of your schedule or play music? The Echo Dot is a great entry into the smart home of your dreams!

Google Wifi
These little fellows make it easy to Wifi-ify your entire home, even if it’s larger than the average shoe box here in Silicon Valley. Google Wifi acts as a mesh router and seamlessly covers your whole dwelling. Have a mansion? Buy more!

Google Home
Like the Amazon Echo Dot, this is the Google variant. It’s more expensive (similar to the Amazon Echo) but has better sound quality and is tied into the Google ecosystem.

Nest Thermostat
This is a smart thermostat. What better way to score points with the in-laws than installing one of these bad boys in their home — and then making it freezing cold randomly in the middle of winter from the comfort of your couch!

Wearables:

Homes aren’t the only things that should be smart. Your body should also get the chance to be all that it can be:

Apple AirPods
You’ve seen these all over the place, and the truth is they do a pretty good job of making sounds appear in your ears.

Bose SoundLink Wireless Headphones
If you like over-the-ear headphones, these noise canceling ones work great, are wireless and lovely. There’s no better way to ignore people this holiday season!

Garmin Fenix 5 Watch
This watch is all about fitness. If you enjoy fitness. This watch is the fitness watch for your fitness needs.

Apple Watch
The Apple Watch is a wonderful gadget that will light up any movie theater this holiday season.

Nokia Steel Health Watch
If you’re into mixing analogue and digital, this is a pretty neat little gadget.

Fossil Smart Watch
This stylish watch is a pretty neat way to dip your toe into smartwatches and activity trackers.

Pebble Time Steel Smart Watch
Some people call this the greatest smartwatch of all time. Those people might be named Yev. This watch is great at sending you notifications from your phone, and not needing to be charged every day. Bellissimo!

Random Goods:

A few of the holiday gift suggestions that we got were a bit off-kilter, but we do have a lot of interesting folks in the office. Hopefully, you might find some of these as interesting as they do:

Wireless Qi Charger
Wireless chargers are pretty great in that you don’t have to deal with dongles. There are even kits to make your electronics “wirelessly chargeable” which is pretty great!

Self-Heating Coffee Mug
Love coffee? Hate lukewarm coffee? What if your coffee cup heated itself? Brilliant!

Yeast Stirrer
Yeast. It makes beer. And bread! Sometimes you need to stir it. What cooler way to stir your yeast than with this industrial stirrer?

Toto Washlet
This one is self explanatory. You know the old rhyme: happy butts, everyone’s happy!

Good luck out there this holiday season!

blog-giftguide-present

The post 2017 Holiday Gift Guide — Backblaze Style appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Hollywood and Netflix Ask Court to Seize Tickbox Streaming Devices

Post Syndicated from Ernesto original https://torrentfreak.com/hollywood-and-netflix-ask-court-to-seize-tickbox-streaming-devices-171209/

More and more people are starting to use Kodi-powered set-top boxes to stream video content to their TVs.

While Kodi itself is a neutral platform, sellers who ship devices with unauthorized add-ons give it a bad reputation.

According to the Alliance for Creativity and Entertainment (ACE), an anti-piracy partnership between Hollywood studios, Netflix, Amazon, and more than two dozen other companies, Tickbox TV is one of these bad actors.

Earlier this year, ACE filed a lawsuit against the Georgia-based company, which sells set-top boxes that allow users to stream a variety of popular media. The Tickbox devices use the Kodi media player and come with instructions on how to add various add-ons.

According to ACE, these devices are nothing more than pirate tools, allowing buyers to stream copyright infringing content. “TickBox promotes and distributes TickBox TV for infringing use, and that is exactly the result of its use,” they told court this week.

After the complaint was filed in October, Tickbox made some cosmetic changes to the site, removing some allegedly inducing language. The streaming devices are still for sale, however, but not for long if it’s up to the media giants.

This week ACE submitted a request for a preliminary injunction to the court, hoping to stop Tickbox’s sales activities.

“TickBox is intentionally inducing infringement, pure and simple. Plaintiffs respectfully request that the Court enter a preliminary injunction that requires TickBox to halt its flagrantly illegal conduct immediately,” they write in their application.

The companies explain that that since Tickbox is causing irreparable harm, all existing devices should be impounded.

“[A]ll TickBox TV devices in the possession of TickBox and all of its officers, directors, agents, servants, and employees, and all persons in active concert or participation or in privity with any of them are to be impounded and shall be retained by Defendant until further order of the Court,” the proposed order reads.

In addition, Tickbox should push out a software update which remove all infringing add-ons from the devices that were previously sold.

“TickBox shall, via software update, remove from all distributed TickBox TV devices all Kodi ‘Themes,’ ‘Builds,’ ‘Addons,’ or any other software that facilitates the infringing public performances of Plaintiffs’ Copyrighted Works.”

Among others, the list of allegedly infringing add-ons and themes includes Spinz, Lodi Black, Stream on Fire, Wookie, Aqua, CMM, Spanish Quasar, Paradox, Covenant, Elysium, UK Turk, Gurzil, Maverick, and Poseidon.

The filing shows that ACE is serious about its efforts to stop the sale of these type of streaming devices. Tickbox has yet to reply to the original complaint or the injunction request.

While this is the first US lawsuit of its kind, the anti-piracy conglomerate has been rather active in recent weeks. The group has successfully pressured several addon developers to quit and has been involved in enforcement actions around the globe.

A copy of the proposed preliminary injunction is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Movie Company Has No Right to Sue, Accused Pirate Argues

Post Syndicated from Ernesto original https://torrentfreak.com/movie-company-has-no-right-to-sue-accused-pirate-argues-171208/

In recent years, a group of select companies have pressured hundreds of thousands of alleged pirates to pay significant settlement fees, or face legal repercussions.

These so-called “copyright trolling” efforts have also been a common occurrence in the United States for more than half a decade, and still are today.

While copyright holders should be able to take legitimate piracy claims to court, not all cases are as strong as they first appear. Many defendants have brought up flaws, often in relation to the IP-address evidence, but an accused pirate in Oregon takes things up a notch.

Lingfu Zhang, represented by attorney David Madden, has turned the tables on the makers of the film Fathers & Daughters. The man denies having downloaded the movie but also points out that the filmmakers have signed away their online distribution rights.

The issue was brought up in previous months, but the relevant findings were only unsealed this week. They show that the movie company (F&D), through a sales agent, sold the online distribution rights to a third party.

While this is not uncommon in the movie business, it means that they no longer have the right to distribute the movie online, a right Zhang was accused of violating. This is also what his attorney pointed out to the court, asking for a judgment in favor of his client.

“ZHANG denies downloading the movie but Defendant’s current motion for summary judgment challenges a different portion of F&D’s case: Defendant argues that F&D has alienated all of the relevant rights necessary to sue for infringement under the Copyright Act,” Madden writes.

The filmmakers opposed the request and pointed out that they still had some rights. However, this is irrelevant according to the defense, since the distribution rights are not owned by them, but by a company that’s not part of the lawsuit.

“Plaintiff claims, for example, that it still owns the right to exploit the movie on airlines and oceangoing vessels. That may or may not be true – Plaintiff has not submitted any evidence on the question – but ZHANG is not accused of showing the movie on an airplane or a cruise ship.

“He is accused of downloading it over the Internet, which is an infringement that affects only an exclusive right owned by non-party DISTRIBUTOR 2,” Madden adds.

Interestingly, an undated addendum to the licensing agreement, allegedly created after the lawsuit was started, states that the filmmakers would keep their “anti-piracy” rights, as can be seen below.

Anti-Piracy rights?

This doesn’t save the filmmaker, according to the defense. The “licensor” who keeps these anti-piracy and enforcement rights refers to the sales agent, not the filmmaker, Madden writes. In addition, the case is about copyright infringement, and despite the addendum, the filmmakers don’t have the exclusive rights that apply here.

“Plaintiff represented to this Court that it was the ‘proprietor of all copyrights and interests need to bring suit’ […] notwithstanding that it had – years earlier – transferred away all its exclusive rights under Section 106 of the Copyright Act,” the defense lawyer concludes.

“Even viewing all Plaintiff’s agreements in the light most favorable to it, Plaintiff holds nothing more than a bare right to sue, which is not a cognizable right that may be exercised in the courts of this Circuit.”

While the court has yet to decide on the motion, this case could turn into a disaster for the makers of Fathers & Daughters.

If the court agrees that they don’t have the proper rights, defendants in other cases may argue the same. It’s easy to see how their entire trolling scheme would then collapse.

The original memorandum in support of the motion for summary judgment is available here (pdf) and a copy of the reply brief can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

DAST vs SAST – Dynamic Application Security Testing vs Static

Post Syndicated from Darknet original https://www.darknet.org.uk/2017/12/dast-vs-sast-dynamic-application-security-testing-vs-static/?utm_source=rss&utm_medium=social&utm_campaign=darknetfeed

DAST vs SAST – Dynamic Application Security Testing vs Static

In security testing, much like most things technical there are two very contrary methods, Dynamic Application Security Testing or DAST and Static Application Security Testing or SAST.

Dynamic testing relying on a black-box external approach, attacking the application in it’s running state as a regular malicious attacker would.

Static testing is more white-box looking at the source-code of the application for potential flaws.

Personally, I don’t see them as ‘vs’ each other, but more like they compliment each other – it’s easy to have SAST tests as part of your CI/CD pipeline with tools like Code Climate.

Read the rest of DAST vs SAST – Dynamic Application Security Testing vs Static now! Only available at Darknet.

Dutch Film Distributor Wins Right To Chase Pirates, Store Data For 5 Years

Post Syndicated from Andy original https://torrentfreak.com/dutch-film-distributor-wins-right-to-chase-pirates-store-data-for-5-years-171208/

For many years, Dutch Internet users were allowed to download copyrighted content without reprisals, provided it was for their own personal use.

In 2014, however, the European Court of Justice ruled that the country’s “piracy levy” to compensate rightsholders was unlawful. Almost immediately, the government announced a downloading ban.

In March 2016, anti-piracy outfit BREIN followed up by obtaining permission from the Dutch Data Protection Authority to track and store the personal data of alleged BitTorrent pirates. This year, movie distributor Dutch FilmWorks (DFW) made a similar application.

The company said that it would be pursuing alleged pirates to deter future infringement but many suspected that securing cash settlements was its main aim. That was confirmed in August.

“[The letter to alleged pirates] will propose a fee. If someone does not agree [to pay], the organization can start a lawsuit,” said DFW CEO Willem Pruijsserts

“In Germany, this costs between €800 and €1,000, although we find this a bit excessive. But of course it has to be a deterrent, so it will be more than a tenner or two,” he added.

But despite the grand plans, nothing would be possible without first obtaining the necessary permission from the Data Protection Authority. This Wednesday, however, that arrived.

“DFW has given sufficient guarantees for the proper and careful processing of personal data. This means that DFW has been given a green light from the Data Protection Authority to collect personal data, such as IP addresses, from people downloading from illegal sources,” the Authority announced.

Noting that it received feedback from four entities during the six-week consultation process following the publication of its draft decision during the summer, the Data Protection Authority said that further investigations were duly carried out. All input was considered before handing down the final decision.

The Authority said it was satisfied that personal data would be handled correctly and that the information collected and stored would be encrypted and hashed to ensure integrity. Furthermore, data will not be retained for longer than is necessary.

“DFW has stated…that data from users with Dutch IP addresses who were involved in the exchange of a title owned by DFW, but in respect of which there is no intention to follow up on that within three months after receipt, will be destroyed,” the decision reads.

For any cases that are active and haven’t been discarded in the initial three-month period, DFW will be allowed to hold alleged pirates’ data for a maximum of five years, a period that matches the time a company has to file a claim under the Dutch Civil Code.

“When DFW does follow up on a file, DFW carries out further research into the identity of the users of the IP addresses. For this, it is necessary to contact the Internet service providers of the subscribers who used the IP addresses found in the BitTorrent network,” the Authority notes.

According to the decision, once DFW has a person’s details it can take any of several actions, starting with a simple warning or moving up to an amicable cash settlement. Failing that, it might choose to file a full-on court case in which the distributor seeks an injunction against the alleged pirate plus compensation and costs.

Only time will tell what strategy DFW will deploy against alleged pirates but since these schemes aren’t cheap to run, it’s likely that simple warning letters will be seriously outnumbered by demands for cash settlement.

While it seems unlikely that the Data Protection Authority will change its mind at this late stage, it’s decision remains open to appeal. Interested parties have just under six weeks to make their voices heard. Failing that, copyright trolling will hit the Netherlands in the weeks and months to come.

The full decision can be found here (Dutch, pdf) via Tweakers

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Resilient TVAddons Plans to Ditch Proactive ‘Piracy’ Screening

Post Syndicated from Ernesto original https://torrentfreak.com/resilient-tvaddons-plans-to-ditch-proactive-piracy-screening-171207/

After years of smooth sailing, this year TVAddons became a poster child for the entertainment industry’s war on illicit streaming devices.

The leading repository for unofficial Kodi addons was sued for copyright infringement in the US by satellite and broadcast provider Dish Network. Around the same time, a similar case was filed by Bell, TVA, Videotron, and Rogers in Canada.

The latter case has done the most damage thus far, as it caused the addon repository to lose its domain names and social media accounts. As a result, the site went dead and while many believed it would never return, it made a blazing comeback after a few weeks.

Since the original TVAddons.ag domain was seized, the site returned on TVaddons.co. And that was not the only difference. A lot of the old add-ons, for which it was unclear if they linked to licensed content, were no longer listed in the repository either.

TVAddons previously relied on the DMCA to shield it from liability but apparently, that wasn’t enough. As a result, they took the drastic decision to check all submitted add-ons carefully.

“Since complying with the law is clearly not enough to prevent frivolous legal action from being taken against you, we have been forced to implement a more drastic code vetting process,” a TVAddons representative told us previously.

Despite the absence of several of the most used add-ons, the repository has managed to regain many of its former users. Over the past month, TVAddons had over 12 million unique users. These all manually installed the new repository on their devices.

“We’re not like one of those pirate sites that are shut down and opens on a new domain the next day, getting users to actually manually install a new repo isn’t an easy feat,” a TVAddons representative informs TorrentFreak.

While it’s still far away from the 40 million unique users it had earlier this year, before the trouble began, it’s still a force to be reckoned with.

Interestingly, the vast majority of all TVAddons traffic comes from the United States. The UK is second at a respectable distance, followed by Canada, Germany, and the Netherlands.

While many former users have returned, the submission policy changes didn’t go unnoticed. The relatively small selection of add-ons is a major drawback for some, but that’s about to change as well, we are informed.

TVAddons plans to return to the old submission model where developers can upload their code more freely. Instead of proactive screening, TVAddons will rely on a standard DMCA takedown policy, relying on copyright holders to flag potentially infringing content.

“We intend on returning to a standard DMCA compliant add-on submission policy shortly, there’s no reason why we should be held to a higher standard than Facebook, Twitter, YouTube or Reddit given the fact that we don’t even host any form of streaming content in the first place.

“Our interim policy isn’t pragmatic, it’s nearly impossible for us to verify the global licensing of all forms of protected content. When you visit a website, there’s no way of verifying licensing beyond trusting them based on reputation.”

The upcoming change doesn’t mean that TVAddons will ignore its legal requirements. If they receive a legitimate takedown notice, proper action will be taken, as always. As such, they would operate in the same fashion as other user-generated sites.

“Right now our interim addon submission policy is akin to North Korea. We always followed the law and will always continue to do so. Anytime we’ve received a legitimate complaint we’ve acted upon it in an expedited manner.

“Facebook, Twitter, Reddit and other online communities would have never existed if they were required to approve the contents of each user’s submissions prior to public posting.”

The change takes place while the two court cases are still pending. TVAddons is determined to keep up this fight. Meanwhile, they are also asking the public to support the project financially.

While some copyright holders, including those who are fighting the service in court, might not like the change, TVAddons believes that this is well within their rights. And with support from groups such as the Electronic Frontier Foundation, they don’t stand alone in this.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

ISPs and Movie Industry Prepare Canadian Pirate Site Blocking Deal

Post Syndicated from Ernesto original https://torrentfreak.com/isps-and-movie-industry-prepare-canadian-pirate-site-blocking-deal-171205/

ISP blocking has become a prime measure for the entertainment industry to target pirate sites on the Internet.

In recent years sites have been blocked throughout Europe, in Asia, and even Down Under.

In most countries, these blockades are ordered by local courts, which compel Internet providers to restrict access to certain websites. In Canada, however, there’s a plan in the works to allow for website blockades without judicial oversight.

A coalition of movie industry companies and ISPs, including Bell, Rogers, and Cineplex are discussing a proposal to implement such measures. The Canadian blocklist would be maintained by a new non-profit organization called “Internet Piracy Review Agency” (IPRA) and enforced through the CTRC, Canadaland reports.

The plan doesn’t come as a total surprise as Bell alluded to a nationwide blocking mechanism during a recent Government hearing. What becomes clear from the new plans, however, is that the telco is not alone.

The new proposal is being discussed by various stakeholders including ISPs and local movie companies. As in other countries, major American movie companies are also in the loop, but they will not be listed as official applicants when the plan is submitted to the CRTC.

Canadian law professor Micheal Geist is very critical of the plans. Although the proposal would only cover sites that “blatantly, overwhelmingly or structurally” engage in or facilitate copyright infringement, this can be a blurry line.

“Recent history suggests that the list will quickly grow to cover tougher judgment calls. For example, Bell has targeted TVAddons, a site that contains considerable non-infringing content,” Geist notes.

“It can be expected that many other sites disliked by rights holders or broadcasters would find their way onto the block list,” he adds.

While the full list of applicants is not ready yet, it is expected that the coalition will file its proposal to the CRTC before the end of the month.

Thus far, the Government appears to be reluctant in its response. In comments to Canadaland spokesperson Karl Sasseville stressed that Canada maintains committed to an open Internet.

“Our government supports an open internet where Canadians have the ability to access the content of their choice in accordance to Canadian laws,” Sasseville says. “While other parts of the world are focused on building walls, we’re focused on opening doors‎.”

As we’ve seen in the past, “net neutrality” and website blocking are not mutually exclusive. Courts around the world, also in Canada, have ordered content to be blocked, open Internet or not. However, bypassing the judicial system may prove to be a problem.

Professor Geist is happy with the Government’s comments and notes that legal basis for the proposal is thin.

He stresses that the ISPs involved in these plans should seriously consider if they want to continue down this path, which isn’t necessarily in the best interest of their customers.

“The government rightly seems dismissive of the proposal in the Canadaland report but as leading Internet providers, Bell and Rogers should be ashamed for leading the charge on such a dangerous, anti-speech and anti-consumer proposal,” Geist concludes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Epic Games Settles First Copyright Case Against Fortnite Cheater

Post Syndicated from Ernesto original https://torrentfreak.com/epic-games-settles-first-copyright-case-against-fortnite-cheater-171201/

Frustrated by thousands of cheaters who wreak havoc in Fortnite’s “Battle Royale,” game publisher Epic Games decided to take several of them to court.

One of the defendants is Minnesota resident Charles Vraspir, a.k.a. “Joreallean,”

The game publisher accused him of copyright infringement and breach of contract, by injecting unauthorized computer code in order to cheat.

According to Epic’s allegations, Vraspir was banned at least nine times but registered new accounts to continue his cheating. In addition, he was also suspected of having written code for the cheats.

“Defendant’s cheating, and his inducing and enabling of others to cheat, is ruining the game playing experience of players who do not cheat,” Epic games wrote.

While the complaint included all the elements for an extensive legal battle, both sides chose to resolve the case without much of a fight. Yesterday, they informed the court that a settlement had been reached.

Epic Games’ counsel asked the court to enter the agreement as well as a permanent injunction, which both have agreed on.

The proposed injunction, signed today, forbids Vraspir from carrying out any copyright infringements in the future, to destroy all cheats, and to never cheat again.

Among other things, he is prohibited from “creating, writing, developing, advertising, promoting, and/or distributing anything that infringes Epic’s works now or hereafter protected by any of Epic’s copyrights.”

While there is no mention of a settlement fee or fine, Vraspir will have to pay $5,000 if he breaches the agreement.

From the injunction

Based on the swift settlement, it can be assumed that Epic Games is not aiming to bankrupt the cheaters. Instead, it’s likely that the company wants to set an example and deter others from cheating in the future.

In addition to the settlement, Epic Games also responded to the mother of the 14-year-old cheater who was sued in a separate case. After we first covered the news last week it was quickly picked up by mainstream media, and it hasn’t gone unnoticed by the game publisher either.

The mother accused Epic of taking a minor to court and making his personal info known to the public.

In a response this week, the company notes that it had no idea of the age of the defendant when it filed the complaint. In addition, Epic notes that by handing over his full name and address in the unredacted letter, she exposed her son.

The rules dictate that filings mentioning an individual known to be a minor should use the minor’s initials only, not the full name as the mother did. While the mother may have waived this protection with her letter, Epic says it will stick to the initials going forward.

“Although there is an argument that by submitting the Letter to the Court containing Defendant’s name and address, Defendant’s mother waived this protection […] we plan to include only Defendant’s initials or redact his name entirely in all future filings with the Court, including this letter.”

Given the quick settlement in the Vraspir case, it’s likely that the case against the 14-year-old boy will also be resolved without much additional damage. That is, if both sides can come to an agreement.

A copy of the stipulation and injunction is available here (pdf). The reply to the mother can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Warrant Protections against Police Searches of Our Data

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/11/warrant_protect.html

The cell phones we carry with us constantly are the most perfect surveillance device ever invented, and our laws haven’t caught up to that reality. That might change soon.

This week, the Supreme Court will hear a case with profound implications on your security and privacy in the coming years. The Fourth Amendment’s prohibition of unlawful search and seizure is a vital right that protects us all from police overreach, and the way the courts interpret it is increasingly nonsensical in our computerized and networked world. The Supreme Court can either update current law to reflect the world, or it can further solidify an unnecessary and dangerous police power.

The case centers on cell phone location data and whether the police need a warrant to get it, or if they can use a simple subpoena, which is easier to obtain. Current Fourth Amendment doctrine holds that you lose all privacy protections over any data you willingly share with a third party. Your cellular provider, under this interpretation, is a third party with whom you’ve willingly shared your movements, 24 hours a day, going back months — even though you don’t really have any choice about whether to share with them. So police can request records of where you’ve been from cell carriers without any judicial oversight. The case before the court, Carpenter v. United States, could change that.

Traditionally, information that was most precious to us was physically close to us. It was on our bodies, in our homes and offices, in our cars. Because of that, the courts gave that information extra protections. Information that we stored far away from us, or gave to other people, afforded fewer protections. Police searches have been governed by the “third-party doctrine,” which explicitly says that information we share with others is not considered private.

The Internet has turned that thinking upside-down. Our cell phones know who we talk to and, if we’re talking via text or e-mail, what we say. They track our location constantly, so they know where we live and work. Because they’re the first and last thing we check every day, they know when we go to sleep and when we wake up. Because everyone has one, they know whom we sleep with. And because of how those phones work, all that information is naturally shared with third parties.

More generally, all our data is literally stored on computers belonging to other people. It’s our e-mail, text messages, photos, Google docs, and more ­ all in the cloud. We store it there not because it’s unimportant, but precisely because it is important. And as the Internet of Things computerizes the rest our lives, even more data will be collected by other people: data from our health trackers and medical devices, data from our home sensors and appliances, data from Internet-connected “listeners” like Alexa, Siri, and your voice-activated television.

All this data will be collected and saved by third parties, sometimes for years. The result is a detailed dossier of your activities more complete than any private investigator –­ or police officer –­ could possibly collect by following you around.

The issue here is not whether the police should be allowed to use that data to help solve crimes. Of course they should. The issue is whether that information should be protected by the warrant process that requires the police to have probable cause to investigate you and get approval by a court.

Warrants are a security mechanism. They prevent the police from abusing their authority to investigate someone they have no reason to suspect of a crime. They prevent the police from going on “fishing expeditions.” They protect our rights and liberties, even as we willingly give up our privacy to the legitimate needs of law enforcement.

The third-party doctrine never made a lot of sense. Just because I share an intimate secret with my spouse, friend, or doctor doesn’t mean that I no longer consider it private. It makes even less sense in today’s hyper-connected world. It’s long past time the Supreme Court recognized that a months’-long history of my movements is private, and my e-mails and other personal data deserve the same protections, whether they’re on my laptop or on Google’s servers.

This essay previously appeared in the Washington Post.

Details on the case. Two opinion pieces.

I signed on to two amicus briefs on the case.

EDITED TO ADD (12/1): Good commentary on the Supreme Court oral arguments.

Sky’s Pirate Site-Blocking Move is Something For North Korea, ISPs Say

Post Syndicated from Andy original https://torrentfreak.com/skys-pirate-site-blocking-move-is-something-for-north-korea-isps-say-171129/

Entertainment companies have been taking legal action to have pirate sites blocked for more than a decade so it was only a matter of time before New Zealand had a taste of the action.

It’s now been revealed that Sky Network Television, the country’s biggest pay-TV service, filed a complaint with the High Court in September, demanding that four local Internet service providers block subscriber access to several ‘pirate’ sites.

At this point, the sites haven’t been named, but it seems almost inevitable that the likes of The Pirate Bay will be present. The ISPs are known, however. Spark, Vodafone, Vocus and Two Degrees control around 90% of the Kiwi market so any injunction handed down will affect almost the entire country.

In its application, Sky states that pirate sites make available unauthorized copies of its entertainment works, something which not only infringes its copyrights but also undermines its business model. But while this is standard fare in such complaints, the Internet industry backlash today is something out of the ordinary.

ISPs in other jurisdictions have fought back against blocking efforts but few have deployed the kind of language being heard in New Zealand this morning.

Vocus Group – which runs the Orcon, Slingshot and Flip brands – is labeling Sky’s efforts as “gross censorship and a breach of net neutrality”, adding that they’re in direct opposition to the idea of a free and open Internet.

“SKY’s call that sites be blacklisted on their say so is dinosaur behavior, something you would expect in North Korea, not in New Zealand. It isn’t our job to police the Internet and it sure as hell isn’t SKY’s either, all sites should be equal and open,” says Vocus Consumer General Manager Taryn Hamilton.

But in response, Sky said Vocus “has got it wrong”, highlighting that site-blocking is now common practice in places such as Australia and the UK.

“Pirate sites like Pirate Bay make no contribution to the development of content, but rather just steal it. Over 40 countries around the world have put in place laws to block such sites, and we’re just looking to do the same,” the company said.

The broadcaster says it will only go to court to have dedicated pirate sites blocked, ones that “pay nothing to the creators” while stealing content for their own gain.

“We’re doing this because illegal streaming and content piracy is a major threat to the entertainment, creative and sporting industries in New Zealand and abroad. With piracy, not only is the sport and entertainment content that we love at risk, but so are the livelihoods of the thousands of people employed by these industries,” the company said.

“Illegally sharing or viewing content impacts a vast number of people and jobs including athletes, actors, artists, production crew, customer service representatives, event planners, caterers and many, many more.”

ISP Spark, which is also being targeted by Sky, was less visibly outraged than some of its competitors. However, the company still feels that controlling what people can see on the Internet is a slippery slope.

“We have some sympathy for this given we invest tens of millions of dollars into content ourselves through Lightbox. However, we don’t think it should be the role of ISPs to become the ‘police of the internet’ on behalf of other parties,” a Spark spokesperson said.

Perhaps unsurprisingly, Sky’s blocking efforts haven’t been well received by InternetNZ, the non-profit organization which protects and promotes Internet use in New Zealand.

Describing the company’s application for an injunction as an “extreme step”, InternetNZ Chief Executive Jordan Carter said that site-blocking works against the “very nature” of the Internet and is a measure that’s unlikely to achieve its goals.

“Site blocking is very easily evaded by people with the right skills or tools. Those who are deliberate pirates will be able to get around site blocking without difficulty,” Carter said.

“If blocking is ordered, it risks driving content piracy further underground, with the help of easily-deployed and common Internet tools. This could well end up making the issues that Sky are facing even harder to police in the future.”

What most of the ISPs and InternetNZ are also agreed on is the need to fight piracy with competitive, attractive legal offerings. Vocus says that local interest in The Pirate Bay has halved since Netflix launched in New Zealand, with traffic to the torrent site sitting at just 23% of its peak 2013 levels.

“The success of Netflix, iTunes and Spotify proves that people are willing to pay to access good-quality content. It’s pretty clear that SKY doesn’t understand the internet, and is trying a Hail Mary to turnaround its sunset business,” Vocus Consumer General Manager Taryn Hamilton said.

The big question now is whether the High Court has the ability to order these kinds of blocks. InternetNZ has its doubts, noting that it should only happen following a parliamentary mandate.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Torrent Site Blocking Endangers Freedom of Expression, ISP Warns

Post Syndicated from Ernesto original https://torrentfreak.com/torrent-site-blocking-endangers-freedom-expression-isp-warns-171128/

LinkoManija.net is the most visited BitTorrent site in Lithuania. The private tracker has been around for more than a decade and has made quite a name for itself.

While it’s a ‘closed’ community, that name hardly applies anymore considering that it’s the 32nd most-visited site in Lithuania, beating the likes of Twitter, eBay, and even Pornhub.

Over the past several years, Linkomanija has endured its fair share of copyright-related troubles. This includes a multi-million dollar lawsuit launched by Microsoft, which failed to put the site out of business.

Last week the Lithuanian Copyright Protection Association (LATGA) had more success. The anti-piracy group went to court demanding that local ISPs block access to the site. It won.

The Vilnius Regional Court subsequently issued an order which requires Internet providers including Telia, Bitė, LRTC, Cgates, Init, Balticum TV, to start blocking access to the popular torrent tracker.

“We are glad that our courts follow the precedents set in European Courts and are following their practices,” Jonas Liniauskas, head of LATGA told 15min.

“We really hope that internet providers will not fight the decision and that they have finally decided whether they are ready to fight against pirates who take away their customers, or want to continue to contribute to the illegal exploitation of works on the Internet by providing high-speed Internet access to pirated websites.”

LATGA’s lawyer, Andrius Iškauskas, pointed out that the torrent site was operating as a commercial venture. Between 2013 and 2016 it collected hundreds of thousands of euros through donations from its users.

Internet provider Telia is not happy with the verdict and says it endangers people’s freedom of expression and speech. While the company doesn’t condone piracy, sites such as Linkomanija are also used legitimately by copyright holders to share their work.

Telia pointed out in court that the anti-piracy group represented only 28 copyright holders and listed less than 100 works for which links were posted on Linkomanija.net. Despite these relatively small numbers, ISPs must block access to the entire site.

In response, LATGA’s lawyer pointed out that any rightsholders who legally distribute their content through Linkomania can easily find other suitable alternatives, such as YouTube, Spotify, and many more.

While the verdict is a blow to millions of users, the fight may not be over yet. The ISPs have 30 days to appeal the decision of the Vilnius Regional Court. According to Telia, this is likely to happen.

“We are currently analyzing the solution. It is very likely that it will be submitted to the higher court because the dispute is complex. This case can become case-law and determine when content is blocked on the Internet. This includes the possible restriction of freedom of expression and speech” the ISP notes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Mashup Site Hit With Domain Suspension Following IFPI Copyright Complaint

Post Syndicated from Andy original https://torrentfreak.com/mashup-site-hit-with-domain-suspension-following-ifpi-copyright-complaint-171127/

Mashups are musical compositions, usually made up of two or more tracks seamlessly blended together, which bring something fresh and new to the listener.

There are hundreds of stunning examples online, many created in hobbyist circles, with dedicated communities sharing their often brilliant work.

However, the majority of mashups have something in common – they’re created without any permission from the copyright holders’ of the original tracks. As such they remain controversial, as mashup platform Sowndhaus has just discovered.

This Canada-based platform allows users to upload, share and network with other like-minded mashup enthusiasts. It has an inbuilt player, somewhat like Soundcloud, through which people can play a wide range of user-created mashups. However, sometime last Tuesday, Sowndhaus’ main domain, Sowndhaus.com, became unreachable.

Sowndhaus: High-quality mashups

The site’s operators say that they initially believed there was some kind of configuration issue. Later, however, they discovered that their domain had been “purposefully de-listed” from its DNS servers by its registrar.

“DomainBox had received a DMCA notification from the IFPI (International Federation of the Phonographic Industry) and immediately suspended our .com domain,” Sowndhaus’ operators report.

At this point it’s worth noting that while Sowndhaus is based and hosted in Canada, DomainBox is owned by UK-based Mesh Digital Limited, which is in turn owned by GoDaddy. IFPI, however, reportedly sent a US-focused DMCA notice to the registrar which noted that the music group had “a good faith belief” that activity on Sowndhaus “is not authorized by the copyright owner, its agent, or the law.”

While mashups have always proved controversial, Sowndhaus believe that they operate well within Canadian law.

“We have a good faith belief that the audio files allegedly ‘infringing copyright’ in the DMCA notification are clearly transformative works and meet all criteria for ‘Non-commercial User-generated Content’ under Section 29.21 of the Copyright Act (Canada), and as such are authorized by the law,” the site says.

“Our service, servers, and files are located in Canada which has a ‘Notice and Notice regime’ and where DMCA (a US law) has no jurisdiction. However, the jurisdiction for our .com domain is within the US/EU and thus subject to its laws.”

Despite a belief that the site operates lawfully, Sowndhaus took a decision to not only take down the files listed in IFPI’s complaint but also to ditch its .com domain completely. While this convinced DomainBox to give control of the domain back to the mashup platform, Sowndhaus has now moved to a completely new domain (sowndhaus.audio), to avoid further issues.

“We neither admit nor accept that any unlawful activity or copyright infringement with respect to the DMCA claim had taken place, or has ever been permitted on our servers, or that it was necessary to remove the files or service under Section 29.21 of the Copyright Act (Canada) with which we have always been, and continue to be, in full compliance,” the site notes.

“The use of copyright material as Non-commercial User-generated Content is authorized by law in Canada, where our service resides. We believe that the IFPI are well aware of this, are aware of the jurisdiction of our service, and therefore that their DMCA notification is a misrepresentation of copyright.”

Aside from what appears to have been a rapid suspension of Sowndhaus’ .com domain, the site says that it is being held to a higher standard of copyright protection that others operating under the DMCA.

Unlike YouTube, for example, Sowndhaus says it pro-actively removes files found to infringe copyright. It also bans users who use the site to commit piracy, as per its Terms of Service.

“This is a much stronger regime than would be required under the DMCA guidelines where users generally receive warnings and strikes before being banned, and where websites complying with the DMCA and seeking to avoid legal liability do not actively seek out cases of infringement, leading to some cases of genuine piracy remaining undetected on their services,” the site says.

However, the site remains defiant in respect of the content it hosts, noting that mashups are transformative works that use copyright content “in new and creative ways to form new works of art” and as such are legal for non-commercial purposes.

That hasn’t stopped it from being targeted by copyright holders in the past, however.

This year three music-based organizations (IFPI, RIAA, and France’s SCPP) have sent complaints to Google about the platform, targeting close to 200 URLs. However, at least for more recent complaints, Google hasn’t been removing the URLs from its indexes.

Complaints sent to Google about Sowndhaus in 2017<

Noting that corporations are using their powers “to hinder, stifle, and silence protected new forms of artistic expression with no repercussions”, Sowndhaus says that it is still prepared to work with copyright holders but wishes they would “reconsider their current policies and accept non-commercial transformative works as legitimate art forms with legal protections and/or exemptions in all jurisdictions.”

While Sowndhaus is now operating from a new domain, the switch is not without its inconveniences. All URLs with links to files on sowndhaus.com are broken but can be fixed by changing the .com to .audio.

DomainBox did not respond to TorrentFreak’s request for comment.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Uber Data Hack

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/11/uber_data_hack.html

Uber was hacked, losing data on 57 million driver and rider accounts. The company kept it quiet for over a year. The details are particularly damning:

The two hackers stole data about the company’s riders and drivers ­– including phone numbers, email addresses and names — from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data, the employees said.

Uber acquiesced to the demands, and then went further. The company tracked down the hackers and pushed them to sign nondisclosure agreements, according to the people familiar with the matter. To further conceal the damage, Uber executives also made it appear as if the payout had been part of a “bug bounty” — a common practice among technology companies in which they pay hackers to attack their software to test for soft spots.

And almost certainly illegal:

While it is not illegal to pay money to hackers, Uber may have violated several laws in its interaction with them.

By demanding that the hackers destroy the stolen data, Uber may have violated a Federal Trade Commission rule on breach disclosure that prohibits companies from destroying any forensic evidence in the course of their investigation.

The company may have also violated state breach disclosure laws by not disclosing the theft of Uber drivers’ stolen data. If the data stolen was not encrypted, Uber would have been required by California state law to disclose that driver’s license data from its drivers had been stolen in the course of the hacking.

Uber was hacked, losing data on 57 million driver and rider accounts. They kept it quiet for over a year. The details are particularly damning:

The two hackers stole data about the company’s riders and drivers ­- including phone numbers, email addresses and names -­ from a third-party server and then approached Uber and demanded $100,000 to delete their copy of the data, the employees said.

Uber acquiesced to the demands, and then went further. The company tracked down the hackers and pushed them to sign nondisclosure agreements, according to the people familiar with the matter. To further conceal the damage, Uber executives also made it appear as if the payout had been part of a “bug bounty” ­- a common practice among technology companies in which they pay hackers to attack their software to test for soft spots.

And almost certainly illegal:

While it is not illegal to pay money to hackers, Uber may have violated several laws in its interaction with them.

By demanding that the hackers destroy the stolen data, Uber may have violated a Federal Trade Commission rule on breach disclosure that prohibits companies from destroying any forensic evidence in the course of their investigation.

The company may have also violated state breach disclosure laws by not disclosing the theft of Uber drivers’ stolen data. If the data stolen was not encrypted, Uber would have been required by California state law to disclose that driver’s license data from its drivers had been stolen in the course of the hacking.

Rightscorp: Revenue From Piracy Settlements Down 48% in 2017

Post Syndicated from Andy original https://torrentfreak.com/rightscorp-revenue-from-piracy-settlements-down-48-in-2017-171125/

For the past several years, anti-piracy outfit Rightscorp has been trying to turn piracy into profit. The company monitors BitTorrent networks, captures IP addresses, then attempts to force ISPs to forward cash settlement demands to its subscribers.

Unlike other companies operating in the same area, Rightscorp has adopted a “speeding fine” type model, where it asks for $20 to $30 to make a supposed lawsuit go away, instead of the many hundreds demanded by its rivals. To date, this has resulted in the company closing more than 230,000 cases of infringement.

But despite the high numbers, the company doesn’t seem to be able to make it pay. Rightscorp’s latest set of financial results covering the three months ended September 30, 2017, show how bad things have got on the settlement front.

During the period in question, Rightscorp generated copyright settlement revenues of $45,848, an average of just $15,282 per month. That represents a decrease of 67% when compared to the $139,834 generated during the same period in 2016.

When looking at settlement revenues year to date, Rightscorp generated $184,362 in 2017, a decrease of 48% when compared to $354,160 generated during the same nine-month period in 2016.

But as bleak as these figures are, things get much worse. Out of these top-line revenues, Rightscorp has to deal with a whole bunch of costs before it can put anything into its own pockets. For example, in exchange for the right to pursue pirates, Rightscorp agrees to pay around 50% of everything it generates from settlements back to copyright holders.

So, for the past three months when it collected $45,848 from BitTorrent users, it must pay out $22,924 to copyright holders. Last year, in the same period, it paid them $69,143. For the year to date (nine months ended September 30, 2017), the company paid $92,181 to copyright holders, that’s versus $174,878 for the same period last year.

Whichever way you slice it, Rightscorp settlement model appears to be failing. With revenues from settlements down by almost half thus far this year, one has to question where this is all going, especially with BitTorrent piracy volumes continuing to fall in favor of other less traceable methods such as streaming.

However, Rightscorp does have a trick up its sleeve that is helping to keep the company afloat. As previously reported, the company has amassed a lot of intelligence on pirate activity which clearly has some value to copyright holders.

That data is currently being utilized by both BMG and the RIAA, who are using it as evidence in copyright liability lawsuits filed against ISPs Cox and Grande Communications, where each stand accused of failing to disconnect repeat infringers.

This selling of ‘pirate’ data is listed by Rightscorp in its financial reports as “consulting services” and thus far at least, it’s proving to be a crucial source of income.

“During the three months ended September 30, 2017, we generated revenues of $76,666 from consulting services rendered under service arrangements with prominent trade organizations,” Rightscorp reports.

“Under the agreements, the Company is providing certain data and consultation regarding copyright infringements on such organizations’ respective properties. During the three months ended September 30, 2016, we had no consulting services revenue.”

Year to date, the numbers begin to add up. In the nine months ended September 30, 2017, Rightscorp generated revenues of $224,998 from this facet of their business, that’s versus zero revenue in 2016.

It’s clear that without this “consulting” revenue, Rightscorp would be in an even worse situation than it is today. In fact, it appears that these services, provided to the likes of the RIAA, are now preventing the company from falling into the abyss. All that being said, there’s no guarantee that won’t happen anyway.

To the nine months ended September 30, 2017, Rightscorp recorded a net loss of $1,448,899, which is even more than the $1,380,698 it lost during the same period last year. As a result, the company had just $3,147 left in cash at the end of September. That crisis was eased by issuing 2.5 million shares to an investor for a purchase price just $50,000. But to keep going, Rightscorp will need more money – much more.

“Management believes that the Company will need an additional $250,000 to $500,000 in 2017 to fund operations based on our current operating plans,” it reports, noting that there is “substantial doubt” whether Rightscorp can continue as a going concern.

But despite all the bad news, Rightscorp manages to survive and at least in the short-term, the piracy data it has amassed holds value, beyond basic cash settlement letters. The question is, for how long?

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Supreme Court Will Decide if ISP Can Charge Money to Expose Pirates

Post Syndicated from Ernesto original https://torrentfreak.com/supreme-court-to-decide-if-isp-can-charge-money-to-expose-pirates-171124/

Movie studio Voltage Pictures is no stranger to suing BitTorrent users.

The company has filed numerous lawsuits against alleged pirates in the United States, Europe, Canada and Australia, and is estimated to have made a lot of money doing so.

Voltage and other copyright holders who initiate these cases generally rely on IP addresses as evidence. This information is collected from BitTorrent swarms and linked to an ISP using an IP-database.

With this information in hand, they then ask the courts to direct Internet providers to hand over the personal details of the associated account holders, in order to go after the alleged pirates.

In Canada, this so-called copyright trolling practice hasn’t been without controversy.

Last year Voltage Pictures launched a “reverse class action” to demand damages from an unspecified number of Internet users whom they accuse of sharing films, including The Cobbler, Pay the Ghost, Good Kill, Fathers and Daughters, and American Heist.

The application of a reverse class action in a copyright case was unprecedented in itself. In a single swoop, many of Internet subscribers were at risk of having their personal details exposed. However, Internet provider Rogers was not willing to hand over this information freely.

Instead, Rogers demanded compensation for every IP-address lookup, as is permitted by copyright law. The provider asked for $100 per hour of work, plus taxes, to link the addresses to subscriber accounts.

The Federal Court agreed that the charges were permitted under the Copyright Act. However, when Voltage Pictures appealed the decision, this was reversed. The Appeals Court noted that there’s currently no fixed maximum charge defined by law. As long as this is the case, ISPs can charge no fees at all, the argument was.

In addition, the court stressed that it’s important for copyright holders to be able to protect their rights in the digital era.

“The internet must not become a collection of safe houses from which pirates, with impunity, can pilfer the products of others’ dedication, creativity and industry,” the appeal court Justice David Stratas wrote.

Not happy with the decision, Rogers decided to take the matter to the Supreme Court, which just decided that it will hear the case.

The Supreme Court hasn’t given an explanation for its decision to take the case. For the accused BitTorrent pirates in Canada, it’s certainly one to watch though.

The case will in large part determine how profitable the copyright trolling scheme is in Canada. When ISPs can charge a substantial fee for the IP-address lookups the efforts might not bring in enough money through settlements, making them less likely to continue.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Swiss Copyright Law Proposals: Good News for Pirates, Bad For Pirate Sites

Post Syndicated from Andy original https://torrentfreak.com/swiss-copyright-law-proposals-good-news-for-pirates-bad-for-pirate-sites-171124/

While Switzerland sits geographically in the heart of Europe, the country is not part of the European Union, meaning that its copyright laws are often out of touch with those of the countries encircling it.

For years this has meant heavy criticism from the United States, whose trade representative has put Switzerland on the Watch List, citing weaknesses in the country’s ability to curb online copyright infringement.

“The decision to place Switzerland on the Watch List this year is premised on U.S. concerns regarding specific difficulties in Switzerland’s system of online copyright protection and enforcement,” the USTR wrote in 2016.

Things didn’t improve in 2017. Referencing the so-called Logistep Decision, which found that collecting infringers’ IP addresses is unlawful, the USTR said that Switzerland had effectively deprived copyright holders of the means to enforce their rights online.

All of this criticism hasn’t fallen on deaf ears. For the past several years, Switzerland has been deeply involved in consultations that aim to shape future copyright law. Negotiations have been prolonged, however, with the Federal Council aiming to improve the situation for creators without impairing the position of consumers.

A new draft compromise tabled Wednesday is somewhat of a mixed bag, one that is unlikely to please the United States overall but could prove reasonably acceptable to the public.

First of all, people will still be able to ‘pirate’ as much copyrighted material as they like, as long as that content is consumed privately and does not include videogames or software, which are excluded. Any supposed losses accrued by the entertainment industries will be compensated via a compulsory tax of 13 Swiss francs ($13), levied on media playback devices including phones and tablets.

This freedom only applies to downloading and streaming, meaning that any uploading (distribution) is explicitly ruled out. So, while grabbing some streaming content via a ‘pirate’ Kodi addon is just fine, using BitTorrent to achieve the same is ruled out.

Indeed, rightsholders will be able to capture IP addresses of suspected infringers in order to file a criminal complaint with authorities. That being said, there will no system of warning notices targeting file-sharers.

But while the authorization of unlicensed downloads will only frustrate an already irritated United States, the other half of the deal is likely to be welcomed.

Under the recommendations, Internet services will not only be required to remove infringing content from their platforms, they’ll also be compelled to prevent that same content from reappearing. Failure to comply will result in prosecution. It’s a standard that copyright holders everywhere are keen for governments to adopt.

Additionally, the spotlight will fall on datacenters and webhosts that have a reputation for being popular with pirate sites. It’s envisioned that such providers will be prevented from offering services to known pirate sites, with the government clearly stating that services with piracy at the heart of their business models will be ripe for action.

But where there’s a plus for copyright holders, the Swiss have another minus. Previously it was proposed that in serious cases authorities should be able to order the ISP blocking of “obviously illegal content or sources.” That proposal has now been dropped, meaning no site-blocking will be allowed.

Other changes in the draft envision an extension of the copyright term from 50 to 70 years and improved protection for photographic works. The proposals also feature increased freedoms for researchers and libraries, who will be able to use copyrighted works without obtaining permission from rightsholders.

Overall the proposals are a pretty mixed bag but as Minister of Justice Simonetta Sommaruga said Wednesday, if no one is prepared to compromise, no one will get anything.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

170 ‘Pirate’ IPTV Vendors Throw in the Towel Facing Legal Pressure

Post Syndicated from Ernesto original https://torrentfreak.com/170-pirate-iptv-vendors-throw-the-in-the-towel-facing-legal-pressure-171121/

Pirate streaming boxes are all the rage this year. Not just among the dozens of millions of users, they are on top of the anti-piracy agenda as well.

Dubbed Piracy 3.0 by the MPAA, copyright holders are trying their best to curb this worrisome trend. In the Netherlands local anti-piracy group BREIN is leading the charge.

Backed by the major film studios, the organization booked a significant victory earlier this year against Filmspeler. In this case, the European Court of Justice ruled that selling or using devices pre-configured to obtain copyright-infringing content is illegal.

Paired with the earlier GS Media ruling, which held that companies with a for-profit motive can’t knowingly link to copyright-infringing material, this provides a powerful enforcement tool.

With these decisions in hand, BREIN previously pressured hundreds of streaming box vendors to halt sales of hardware with pirate addons, but it didn’t stop there. This week the group also highlighted its successes against vendors of unauthorized IPTV services.

“BREIN has already stopped 170 illegal providers of illegal media players and/or IPTV subscriptions. Even providers that only offer illegal IPTV subscriptions are being dealt with,” BREIN reports.

In addition to shutting down the trade in IPTV services, the anti-piracy group also removed 375 advertisements for such services from various marketplaces.

“This is illegal commerce. If you wait until you are warned, you are too late,” BREIN director Tim Kuik says.

“You can be held personally liable. You can also be charged and criminally prosecuted. Willingly committing commercial copyright infringement can lead to a 82,000 euro fine and 4 years imprisonment,” he adds.

While most pirate IPTV vendors threw in the towel voluntarily, some received an extra incentive. Twenty signed a settlement with BREIN for varying amounts, up to tens of thousands of euros. They all face further penalties if they continue to sell pirate subscriptions.

In some cases, the courts were involved. This includes the recent lawsuit against MovieStreamer, that was ordered to stop its IPTV hyperlinking activities immediately. Failure to do so will result in a 5,000 euro per day fine. In addition, the vendor was also ordered to pay legal costs of 17,527 euros.

While BREIN has booked plenty of successes already, as exampled here, the pirate streaming box problem is far from solved. The anti-piracy group currently has one case pending in court, but more are likely to follow in the near future.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Kodi-Addon Developer Launches Fundraiser to Fight “Copyright Bullies”

Post Syndicated from Ernesto original https://torrentfreak.com/kodi-addon-developer-launches-fundraiser-to-fight-copyright-bullies-171120/

Earlier this year, American satellite and broadcast provider Dish Network targeted two well-known players in the third-party Kodi add-on ecosystem.

In a complaint filed in a federal court in Texas, add-on ZemTV and the TVAddons library were accused of copyright infringement. As a result, both are facing up to $150,000 for each offense.

While the case was filed in Texas, neither of the defendants live there, or even in the United States. The owner and operator of TVAddons is Adam Lackman, who resides in Montreal, Canada. ZemTV’s developer Shahjahan Durrani is even further away in London, UK.

Over the past few months, Lackman has spoken out in public on several occasions, but little was known about the man behind ZemTV. Today, however, he also decided to open up, asking for support in his legal battle against the Dish Network.

Shahjahan Durrani, Shani for short, doesn’t hide the fact that he was the driving force behind the Kodi-addons ZemTV, LiveStreamsPro, and F4MProxy. While the developer has never set foot in Texas, he is willing to defend himself. Problem is, he lacks the funds to do so.

“I’ve never been to Texas in my life, I’m from London, England,” Shani explains. “Somehow a normal chap like me is expected to defend himself against a billion dollar media giant. I don’t have the money to fight this on my own, and hope my friends will help support my fight against the expansion of copyright liability.”

Shani’s fundraiser went live a few hours ago and the first donations are now starting to come in. He has set a target of $8,500 set for his defense fund so there is still a long way to go.

Speaking with TorrentFreak, Shani explains that he got into Kodi addon development to broaden his coding skills and learn Python. ZemTV was a tool to watch recorded shows from zemtv.com, which he always assumed were perfectly legal, on his Apple TV. Then, he decided to help others to do the same.

“The reason why I published the addon was that I saw it as a community helping each other out, and this was my way to give back. I never received any money from anybody and I wanted to keep it pure and free,” Shani tells us.

ZemTV was a passive service, simply scraping content from a third party source, he explains. The addon provided an interface but did not host or control any allegedly infringing content directly.

“I had no involvement nor control over any of the websites or content sources that were allegedly accessible through ZemTV. I did not host nor take part in the sharing of any form of streaming media. As an open source developer, I should not be held liable for the potential abuse of my code,” the developer stresses.

Dish Network sees things differently, of course. In its complaint, the company accused Shani of illegally retransmitting their copyright protected channels while asking for donations to maintain the project.

The case is perhaps not as straightforward as either side presents it. However, it is in the best interests of the general public that both sides are properly heard. This is the first case against a Kodi-addon developer and the outcome will set an important precedent.

“This lawsuit is part of a targeted effort to destroy the Kodi addon community. The fight is rigged against the little guy, they are trying to make something illegal that shouldn’t be illegal. They tried to do it with the VCR, and now years and years later they are trying to do it with Kodi.

“Since I am the only addon developer to date who is actually fighting the wrath of big media bullies, it is crucial that I win my case,” Shani adds.

Going forward, the ZemTV developer believes that copyright holders are better off going after the content providers directly. If the sources are down, any problematic addons will also stop working. Rightholders can even work with addon developers and use addons to find infringing content providers.

“I think the copyright holders should target the sources, it’s as simple as that,” Shani tells us.

The fundraiser campaign is now public on Generosity.com. At the time of writing the ticker sits at $50, so there is still a long way to go before the developer can organize a proper defense.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Why Linus is right (as usual)

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/11/why-linus-is-right-as-usual.html

People are debating this email from Linus Torvalds (maintainer of the Linux kernel). It has strong language, like:

Some security people have scoffed at me when I say that security
problems are primarily “just bugs”.
Those security people are f*cking morons.
Because honestly, the kind of security person who doesn’t accept that
security problems are primarily just bugs, I don’t want to work with.

I thought I’d explain why Linus is right.
Linus has an unwritten manifesto of how the Linux kernel should be maintained. It’s not written down in one place, instead we are supposed to reverse engineer it from his scathing emails, where he calls people morons for not understanding it. This is one such scathing email. The rules he’s expressing here are:
  • Large changes to the kernel should happen in small iterative steps, each one thoroughly debugged.
  • Minor security concerns aren’t major emergencies; they don’t allow bypassing the rules more than any other bug/feature.
Last year, some security “hardening” code was added to the kernel to prevent a class of buffer-overflow/out-of-bounds issues. This code didn’t address any particular 0day vulnerability, but was designed to prevent a class of future potential exploits from being exploited. This is reasonable.
This code had bugs, but that’s no sin. All code has bugs.
The sin, from Linus’s point of view, is that when an overflow/out-of-bounds access was detected, the code would kill the user-mode process or kernel. Linus thinks it should have only generated warnings, and let the offending code continue to run.
Of course, that would in theory make the change of little benefit, because it would no longer prevent 0days from being exploited.
But warnings would only be temporary, the first step. There’s likely to be be bugs in the large code change, and it would probably uncover bugs in other code. While bounds-checking is a security issue, its first implementation will always find existing code having latent bounds bugs. Or, it’ll have “false-positives” triggering on things that aren’t actually the flaws its looking for. Killing things made these bugs worse, causing catastrophic failures in the latest kernel that didn’t exist before. Warnings, however, would have equally highlighted the bugs, but without causing catastrophic failures. My car runs multiple copies of Linux — such catastrophic failures would risk my life.
Only after a year, when the bugs have been fixed, would the default behavior of the code be changed to kill buggy code, thus preventing exploitation.
In other words, large changes to the kernel should happen in small, manageable steps. This hardening hasn’t existed for 25 years of the Linux kernel, so there’s no emergency requiring it be added immediately rather than conservatively, no reason to bypass Linus’s development processes. There’s no reason it couldn’t have been warnings for a year while working out problems, followed by killing buggy code later.
Linus was correct here. No vuln has appeared in the last year that this code would’ve stopped, so the fact that it killed processes/kernels rather than generated warnings was unnecessary. Conversely, because it killed things, bugs in the kernel code were costly, and required emergency patches.
Despite his unreasonable tone, Linus is a hugely reasonable person. He’s not trying to stop changes to the kernel. He’s not trying to stop security improvements. He’s not even trying to stop processes from getting killed That’s not why people are moronic. Instead, they are moronic for not understanding that large changes need to made conservatively, and security issues are no more important than any other feature/bug.

Update: Also, since most security people aren’t developers, they are also a bit clueless how things actually work. Bounds-checking, which they define as purely a security feature to stop buffer-overflows is actually overwhelmingly a debugging feature. When you turn on bounds-checking for the first time, it’ll trigger on a lot of latent bugs in the code — things that never caused a problem in the past (like reading past ends of buffers) but cause trouble now. Developers know this, security “experts” tend not to. These kernel changes were made by security people who failed to understand this, who failed to realize that their changes would uncover lots of bugs in existing code, and that killing buggy code was hugely inappropriate.

Update: Another flaw developers are intimately familiar with is how “hardening” code can cause false-positives, triggering on non-buggy code. A good example is where the BIND9 code crashed on an improper assert(). This hardening code designed to prevent exploitation made things worse by triggering on valid input/code.

Update: No, it’s probably not okay to call people “morons” as Linus does. They may be wrong, but they usually are reasonable people. On the other hand, security people tend to be sanctimonious bastards with rigid thinking, so after he has dealt with that minority, I can see why Linus treats all security people that way.

Pirate Site Owner Found Guilty, But He Can Keep The Profits

Post Syndicated from Ernesto original https://torrentfreak.com/pirate-site-owner-found-guilty-can-keep-profits/

Traditionally, Sweden has been rather tough on people who operate file-sharing sites, with The Pirate Bay case as the prime example.

In 2009, four people connected to the torrent site were found guilty of assisting copyright infringement. They all received stiff prison sentences and millions of dollars in fines.

The guilty sentence was upheld in an appeal. While the prison terms of Peter Sunde, Fredrik Neij and Carl Lundström were reduced to eight, ten and four months respectively, the fines swelled to $6.5 million.

This week another torrent related filesharing case concluded in Sweden, but with an entirely different outcome. IDG reports that the 47-year-old operator of Filmfix was sentenced to 120 hours of community service.

Filmfix.se offered community-curated links to a wide variety of pirated content hosted by external sources, including torrent sites. The operator charged users 10 Swedish Krona per month to access the service, which is little over a dollar at the current exchange rate.

With thousands of users, Filmfix provided a decent income. The site was active for more than six years and between April 2012 and October 2013 alone it generated over $88,000 in revenue. Interestingly, the court decided that the operator can keep this money.

Filmfix

While the District Court convicted the man for facilitating copyright infringement, there was no direct link between the subscription payments and pirated downloads. The paying members also had access to other unrelated features, such as the forums and chat.

Henrik Pontén, head of the local Rights Alliance, which reported the site to the police, stated that copyright holders have not demanded any damages. They may, however, launch a separate civil lawsuit in the future.

The man’s partner, who was suspected of helping out and owned the company where Filmfix’s money went to, was acquitted entirely by the District Court.

The 120-hours of community service stands in stark contrast to the prison sentences and millions of dollars in fines in The Pirate Bay case, despite there being quite a few similarities. Both relied on content uploaded by third parties and didn’t host any infringing files directly.

The lower sentence may in part be due to a fresh Supreme Court ruling in Sweden. In the case against an operator of the now-defunct private torrent tracker Swepirate, the Court recently ruled that prison sentences should not automatically be presumed in file-sharing cases.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons