Tag Archives: media player

FCC Asks Amazon & eBay to Help Eliminate Pirate Media Box Sales

Post Syndicated from Andy original https://torrentfreak.com/fcc-asks-amazon-ebay-to-help-eliminate-pirate-media-box-sales-180530/

Over the past several years, anyone looking for a piracy-configured set-top box could do worse than search for one on Amazon or eBay.

Historically, people deploying search terms including “Kodi” or “fully-loaded” were greeted by page after page of Android-type boxes, each ready for illicit plug-and-play entertainment consumption following delivery.

Although the problem persists on both platforms, people are now much less likely to find infringing devices than they were 12 to 24 months ago. Under pressure from entertainment industry groups, both Amazon and eBay have tightened the screws on sellers of such devices. Now, however, both companies have received requests to stem sales from a completetey different direction.

In a letter to eBay CEO Devin Wenig and Amazon CEO Jeff Bezos first spotted by Ars, FCC Commissioner Michael O’Rielly calls on the platforms to take action against piracy-configured boxes that fail to comply with FCC equipment authorization requirements or falsely display FCC logos, contrary to United States law.

“Disturbingly, some rogue set-top box manufacturers and distributors are exploiting the FCC’s trusted logo by fraudulently placing it on devices that have not been approved via the Commission’s equipment authorization process,” O’Rielly’s letter reads.

“Specifically, nine set-top box distributors were referred to the FCC in October for enabling the unlawful streaming of copyrighted material, seven of which displayed the FCC logo, although there was no record of such compliance.”

While O’Rielly admits that the copyright infringement aspects fall outside the jurisdiction of the FCC, he says it’s troubling that many of these devices are used to stream infringing content, “exacerbating the theft of billions of dollars in American innovation and creativity.”

As noted above, both Amazon and eBay have taken steps to reduce sales of pirate boxes on their respective platforms on copyright infringement grounds, something which is duly noted by O’Rielly. However, he points out that devices continue to be sold to members of the public who may believe that the devices are legal since they’re available for sale from legitimate companies.

“For these reasons, I am seeking your further cooperation in assisting the FCC in taking steps to eliminate the non-FCC compliant devices or devices that fraudulently bear the FCC logo,” the Commissioner writes (pdf).

“Moreover, if your company is made aware by the Commission, with supporting evidence, that a particular device is using a fraudulent FCC label or has not been appropriately certified and labeled with a valid FCC logo, I respectfully request that you commit to swiftly removing these products from your sites.”

In the event that Amazon and eBay take action under this request, O’Rielly asks both platforms to hand over information they hold on offending manufacturers, distributors, and suppliers.

Amazon was quick to respond to the FCC. In a letter published by Ars, Amazon’s Public Policy Vice President Brian Huseman assured O’Rielly that the company is not only dedicated to tackling rogue devices on copyright-infringement grounds but also when there is fraudulent use of the FCC’s logos.

Noting that Amazon is a key member of the Alliance for Creativity and Entertainment (ACE) – a group that has been taking legal action against sellers of infringing streaming devices (ISDs) and those who make infringing addons for Kodi-type systems – Huseman says that dealing with the problem is a top priority.

“Our goal is to prevent the sale of ISDs anywhere, as we seek to protect our customers from the risks posed by these devices, in addition to our interest in protecting Amazon Studios content,” Huseman writes.

“In 2017, Amazon became the first online marketplace to prohibit the sale of streaming media players that promote or facilitate piracy. To prevent the sale of these devices, we proactively scan product listings for signs of potentially infringing products, and we also invest heavily in sophisticated, automated real-time tools to review a variety of data sources and signals to identify inauthentic goods.

“These automated tools are supplemented by human reviewers that conduct manual investigations. When we suspect infringement, we take immediate action to remove suspected listings, and we also take enforcement action against sellers’ entire accounts when appropriate.”

Huseman also reveals that since implementing a proactive policy against such devices, “tens of thousands” of listings have been blocked from Amazon. In addition, the platform has been making criminal referrals to law enforcement as well as taking civil action (1,2,3) as part of ACE.

“As noted in your letter, we would also appreciate the opportunity to collaborate further with the FCC to remove non-compliant devices that improperly use the FCC logo or falsely claim FCC certification. If any FCC non-compliant devices are identified, we seek to work with you to ensure they are not offered for sale,” Huseman concludes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Pirate IPTV Sellers Sign Abstention Agreements Under Pressure From BREIN

Post Syndicated from Andy original https://torrentfreak.com/pirate-iptv-sellers-sign-abstention-agreement-under-pressure-from-brein-180528/

Earlier this month, Dutch anti-piracy outfit BREIN revealed details of its case against Netherlands-based company Leaper Beheer BV.

BREIN’s complaint, which was filed at the Limburg District Court in Maastricht, claimed that
Leaper sold access to unlicensed live TV streams and on-demand movies. Around 4,000 live channels and 1,000 movies were included in the package, which was distributed to customers in the form of an .M3U playlist.

BREIN said that distribution of the playlist amounted to a communication to the public in contravention of the EU Copyright Directive. In its defense, Leaper argued that it is not a distributor of content itself and did not make anything available that wasn’t already public.

In a detailed ruling the Court sided with BREIN, noting that Leaper communicated works to a new audience that wasn’t taken into account when the content’s owners initially gave permission for their work to be distributed to the public.

The Court ordered Leaper to stop providing access to the unlicensed streams or face penalties of 5,000 euros per IPTV subscription sold, link offered, or days exceeded, to a maximum of one million euros. Further financial penalties were threatened for non-compliance with other aspects of the ruling.

In a fresh announcement Friday, BREIN revealed that three companies and their directors (Leaper included) have signed agreements to cease-and-desist, in order to avert summary proceedings. According to BREIN, the companies are the biggest sellers of pirate IPTV subscriptions in the Netherlands.

In addition to Leaper Beheer BV, Growler BV, DITisTV and their respective directors are bound by a number of conditions in their agreements but primarily to cease-and-desist offering hyperlinks or other technical means to access protected works belonging to BREIN’s affiliates and their members.

Failure to comply with the terms of the agreement will see the companies face penalties of 10,000 euros per infringement or per day (or part thereof).

DITisTV’s former website now appears to sell shoes and a search for the company using Google doesn’t reveal many flattering results. Consumer website Consumentenbond.nl enjoys the top spot with an article reporting that it received 300 complaints about DITisTV.

“The complainants report that after they have paid, they have not received their order, or that they were not given a refund if they sent back a malfunctioning media player. Some consumers have been waiting for their money for several months,” the article reads.

According to the report, DiTisTV pulled the plug on its website last June, probably in response to the European Court of Justice ruling which found that selling piracy-configured media players is illegal.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Fully-Loaded Kodi Box Sellers Receive Hefty Jail Sentences

Post Syndicated from Andy original https://torrentfreak.com/fully-loaded-kodi-box-sellers-receive-hefty-jail-sentences-180524/

While users of older peer-to-peer based file-sharing systems have to work relatively hard to obtain content, users of the Kodi media player have things an awful lot easier.

As standard, Kodi is perfectly legal. However, when augmented with third-party add-ons it becomes a media discovery powerhouse, providing most of the content anyone could desire. A system like this can be set up by the user but for many, buying a so-called “fully-loaded” box from a seller is the easier option.

As a result, hundreds – probably thousands – of cottage industries have sprung up to service this hungry market in the UK, with regular people making a business out of setting up and selling such devices. Until three years ago, that’s what Michael Jarman and Natalie Forber of Colwyn Bay, Wales, found themselves doing.

According to reports in local media, Jarman was arrested in January 2015 when police were called to a disturbance at Jarman and Forber’s home. A large number of devices were spotted and an investigation was launched by Trading Standards officers. The pair were later arrested and charged with fraud offenses.

While 37-year-old Jarman pleaded guilty, 36-year-old Forber initially denied the charges and was due to stand trial. However, she later changed her mind and like Jarman, pleaded guilty to participating in a fraudulent business. Forber also pleaded guilty to transferring criminal property by shifting cash from the scheme through various bank accounts.

The pair attended a sentencing hearing before Judge Niclas Parry at Caernarfon Crown Court yesterday. According to local reporter Eryl Crump, the Court heard that the couple had run their business for about two years, selling around 1,000 fully-loaded Kodi-enabled devices for £100 each via social media.

According to David Birrell for the prosecution, the operation wasn’t particularly sophisticated but it involved Forber programming the devices as well as handling customer service. Forber claimed she was forced into the scheme by Jarman but that claim was rejected by the prosecution.

Between February 2013 and January 2015 the pair banked £105,000 from the business, money that was transferred between bank accounts in an effort to launder the takings.

Reporting from Court via Twitter, Crump said that Jarman’s defense lawyer accepted that a prison sentence was inevitable for his client but asked for the most lenient sentence possible.

Forber’s lawyer pointed out she had no previous convictions. The mother-of-two broke up with Jarman following her arrest and is now back in work and studying at college.

Sentencing the pair, Judge Niclas Parry described the offenses as a “relatively sophisticated fraud” carried out over a significant period. He jailed Jarman for 21 months and Forber for 16 months, suspended for two years. She must also carry out 200 hours of unpaid work.

The pair will also face a Proceeds of Crime investigation which could see them paying large sums to the state, should any assets be recoverable.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

YouTube Won’t Put Up With Blatant Piracy Tutorials Forever

Post Syndicated from Andy original https://torrentfreak.com/youtube-wont-put-up-with-blatant-piracy-tutorials-forever-180506/

Once upon a time, Internet users’ voices would be heard in limited circles, on platforms such as Usenet or other niche platforms.

Then, with the rise of forum platforms such as phpBB in 2000 and Invision Power Board in 2002, thriving communities could gather in public to discuss endless specialist topics, including file-sharing of course.

When dedicated piracy forums began to gain traction, it was pretty much a free-for-all. People discussed obtaining free content absolutely openly. Nothing was taboo and no one considered that there would be any repercussions. As such, moderation was limited to keeping troublemakers in check.

As the years progressed and lawsuits against both sites and services became more commonplace, most sites that weren’t actually serving illegal content began to consider their positions. Run by hobbyists, most didn’t want the hassle of a multi-million dollar lawsuit, so links to pirate content began to diminish and the more overt piracy tutorials began to disappear underground.

Those that remained in plain sight became much more considered. Tutorials on how to pirate specific Hollywood blockbusters were no longer needed, a plain general tutorial would suffice. And, as communities matured and took time to understand the implications of their actions, those without political motivations realized that drawing attention to potential criminality was neither required nor necessary.

Then YouTube and social media happened and almost overnight, no one was in charge and anyone could say whatever they liked.

In this new reality, there were no irritating moderator-type figures removing links to this and that, and nobody warning people against breaking rules that suddenly didn’t exist anymore. In essence, previously tight-knit and street-wise file-sharing and piracy communities not only became fragmented, but also chaotic.

This meant that anyone could become a leader and in some cases, this was the utopia that many had hoped for. Not only couldn’t the record labels or Hollywood tell people what to do anymore, discussion site operators couldn’t either. For those who didn’t abuse the power and for those who knew no better, this was a much-needed breath of fresh air. But, like all good things, it was unlikely to last forever.

Where most file-sharing of yesterday was carried out by hobbyist enthusiasts, many of today’s pirates are far more casual. They’re just as thirsty for content, but they don’t want to spend hours hunting for it. They want it all on a plate, at the flick of a switch, delivered to their TV with a minimum of hassle.

With online discussions increasingly seen as laborious and old-fashioned, many mainstream pirates have turned to easy-to-consume videos. In support of their Kodi media player habits, YouTube has become the educational platform of choice for millions.

As a result, there is now a long line of self-declared Kodi piracy specialists scooping up millions of views on YouTube. Their videos – which in many cases are thinly veiled advertisements for third party addons, Kodi ‘builds’, illegal IPTV services, and obscure Android APKs – are now the main way for a new generation to obtain direct advice on pirating.

Many of the videos are incredibly blatant, like the past 15 years of litigation never happened. All the lessons learned by the phpBB board operators of yesteryear, of how to achieve their goals of sharing information without getting shut down, have been long forgotten. In their place, a barrage of daily videos designed to generate clicks and affiliate revenue, no matter what the cost, no matter what the risk.

It’s pretty clear that these videos are at least partly responsible for the phenomenal uptick in Kodi and Android-based piracy over the past few years. In that respect, many lovers of free content will be eternally grateful for the service they’ve provided. But like many piracy movements over the years, people shouldn’t get too attached to them, at least in their current form.

Thanks to the devil-may-care approach of many influential YouTubers, it won’t be long before a whole new set of moderators begin flexing their muscles. While your average phpBB moderator could be reasoned with in order to get a second chance, a determined and largely faceless YouTube will eject offenders without so much as a clear explanation.

When this happens (and it’s only a question of time given the growing blatancy of many tutorials) YouTubers will not only lose their voices but their revenue streams too. While YouTube’s partner programs bring in some welcome cash, the profitable affiliate schemes touted on these channels for external products will also be under threat.

Perhaps the most surprising thing in this drama-waiting-to-happen is that many of the most popular YouTubers can hardly be considered young and naive. While some are of more tender years, most – with their undoubted skill, knowledge and work ethic – should know better for their 30 or 40 years on this planet. Yet not only do they make their names public, they feature their faces heavily in their videos too.

Still, it’s likely that it will take some big YouTube accounts to fall before YouTubers respond by shaving the sharp edges off their blatant promotion of illegal activity. And there’s little doubt that those advertising products (which is most of them) will have to do so sooner rather than later.

Just this week, YouTube made it clear that it won’t tolerate people making money from the promotion of illegal activities.

“YouTube creators may include paid endorsements as part of their content only if the product or service they are endorsing complies with our advertising policies,” YouTube told the BBC.

“We will be working with creators going forward so they better understand that in video promotions [they] must not promote dishonest activity.”

That being said, like many other players in the piracy and file-sharing space over the past 18 years, YouTubers will eventually begin to learn that not only can the smart survive, they can flourish too.

Sure, there will be people out there who’ll protest that free speech allows citizens to express themselves in a manner of their choosing. But try PM’ing that to YouTube in response to a strike, and see how that fares.

When they say you’re done, the road back is a long one.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Roku Removes USTVnow Service Following “3rd Party” Copyright Complaint

Post Syndicated from Andy original https://torrentfreak.com/roku-removes-ustvnow-service-following-3rd-party-copyright-complaint-180329/

Earlier this week, customers of the popular Roku streaming media player began complaining about a problem with the product, specifically in connection with USTVnow.

USTVnow promotes itself as a service targeted at American expats and the military, offering “a wide range of live American channels to watch on their computer, mobile device or television.”

Indeed, USTVnow offers a fairly comprehensive service, with eight channels (including ABC and FOX) on its free tier and 24 channels on its premium $29.00 per month package.

USTVnow’s top package

Having USTVnow available via Roku helps to spread the free tier and drive business to the paid tier but, as of this week, that’s stopped happening. USTVnow has been completely removed from the Roku platform, much to the disappointment of customers.

“I spoke to Roku support and [they told me] that USTVNOW is no longer available for Roku at this time,” a user in Roku’s forums complained.

In response, a Roku engineer said that “Roku has been asked to remove this channel by the content rights owner”, which was as confusing as it was informative.

USTVnow endorses the Roku product, actively promotes it on the front page of its site, and provides helpful setup guides.

So, in an effort to get to the bottom of the problem, TorrentFreak contacted Roku, asking for details. The company responded quickly.

“Yes, that is correct, the channel was removed from our platform,” Roku spokesperson Tricia Misfud confirmed.

“When we receive a notice regarding copyright infringement we are swift to review which in this case resulted in us removing the channel.”

Roku pointed us to its copyright infringement page which details its policies and actions when a complaint is received. However, that didn’t really help to answer why it would remove USTVnow when USTVnow promotes the Roku service.

So we asked Roku again to elaborate on who filed the notice and on what grounds.

“The notice was in regards to the copyright of the content,” came the response.

While not exactly clear, this suggested that USTVnow wasn’t the problem but someone else. Was it a third-party perhaps? If so, who, and what was the content being complained about?

“It was from a third party,” came the vague response.

With USTVnow completely unavailable via Roku, there are some pretty annoyed customers out there. However, it seems clear that at least for now, the company either can’t or won’t reveal the precise details of the complaint.

It could conceivably be from one of the major channels offered in the USTVnow package but equally, it could be a DMCA notice from a movie or TV show copyright holder who objects to their content being distributed on the device, or even USTVnow itself.

USTVnow has a deal with Nittany Media to provide streaming services based on Nittany’s product but there is always a potential for a licensing problem somewhere, potentially big ones too.

We’ll update this article if and when more information becomes available.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

McAfee Security Experts Weigh-in Weirdly With “Fresh Kodi Warning”

Post Syndicated from Andy original https://torrentfreak.com/mcafee-security-experts-weigh-in-weirdly-with-fresh-kodi-warning-180311/

Over the past several years, the last couple in particular, piracy has stormed millions of homes around the world.

From being a widespread but still fairly geeky occupation among torrenters, movie and TV show piracy can now be achieved by anyone with the ability to click a mouse or push a button on a remote control. Much of this mainstream interest can be placed at the feet of the Kodi media player.

An entirely legal platform in its own right, Kodi can be augmented with third-party add-ons that enable users to access an endless supply of streaming media. As such, piracy-configured Kodi installations are operated by an estimated 26 million people, according to the MPAA.

This popularity has led to much interest from tabloid newspapers in the UK which, for reasons best known to them, choose to both promote and demonize Kodi almost every week. While writing about news events is clearly par for the course, when one considers some of the reports, their content, and what inspired them, something doesn’t seem right.

This week The Express, which has published many overly sensational stories about Kodi in recent times, published another. The title – as always – promised something special.

Sounds like big news….

Reading the text, however, reveals nothing new whatsoever. The piece simply rehashes some of the historic claims that have been leveled at Kodi that can easily apply to any Internet-enabled software or system. But beyond that, some of its content is pretty weird.

The piece is centered on comments from two McAfee security experts – Chief Scientist Raj Samani and Chief Consumer Security Evangelist Gary Davis. It’s unclear whether The Express approached them for comment (if they did, there is no actual story for McAfee to comment on) or whether McAfee offered the comments and The Express built a story around them. Either way, here’s a taster.

“Kodi has been pretty open about the fact that it’s a streaming site but my view has always been if I use Netflix I know that I’m not going to get any issues, if I use Amazon I’m not going to get any issues,” Samani told the publication.

Ok, stop right there. Kodi admits that it’s a streaming site? Really? Kodi is a piece of software. It’s a media player. It can do many things but Kodi is not a streaming site and no one at Kodi has ever labeled it otherwise. To think that neither McAfee nor the publication caught that one is a bit embarrassing.

The argument that Samani was trying to make is that services like Netflix and Amazon are generally more reliable than third-party sources and there are few people out there who would argue with that.

“Look, ultimately you’ve got to do the research and you’ve got to decide if it’s right for you but personally I don’t use [Kodi] and I know full well that by not using [Kodi] I’m not going to get any issues. If I pay for the service I know exactly what I’m going to get,” he said.

But unlike his colleague who doesn’t use Kodi, Gary Davis has more experience.

McAfee’s Chief Consumer Security Evangelist admits to having used Kodi in the past but more recently decided not to use it when the security issues apparently got too much for him.

“I did use [Kodi] but turned it off as I started getting worried about some of the risks,” he told The Express.

“You may search for something and you may get what you are looking for but you may get something that you are not looking for and that’s where the problem lies with Kodi.”

This idea, that people search for a movie or TV show yet get something else, is bewildering to most experienced Kodi users. If this was indeed the case, on any large scale, people wouldn’t want to use it anymore. That’s clearly not the case.

Also, incorrect content appearing is not the kind of security threat that the likes of McAfee tend to be worried about. However, Davis suggests things can get worse.

“I’m not saying they’ve done anything wrong but if somebody is able to embed code to turn on a microphone or other things or start sending data to a place it shouldn’t go,” he said.

The sentence appears to have some words missing and struggles to make sense but the suggestion is that someone’s Kodi installation could be corrupted to the point that someone people could hijack the user’s microphone.

We are not aware of anything like that happening, ever, via Kodi. There are instances where that has happened completely without it in a completely different context, but that seems here nor there. By the same count, everyone should stop using Windows perhaps?

The big question is why these ‘scary’ Kodi non-stories keep getting published and why experts are prepared to weigh-in on them?

It would be too easy to quickly put it down to some anti-piracy agenda, even though there are plenty of signs that anti-piracy groups have been habitually feeding UK tabloids with information on that front. Indeed, a source at a UK news outlet (that no longer publishes such stories) told TF that they were often prompted to write stories about Kodi and streaming in general, none with a positive spin.

But if it was as simple as that, how does that explain another story run in The Express this week heralding the launch of Kodi’s ‘Leia’ alpha release?

If Kodi is so bad as to warrant an article telling people to avoid it FOREVER on one day, why is it good enough to be promoted on another? It can only come down to the number of clicks – but the clickbait headline should’ve given that away at the start.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Google Won’t Take Down ‘Pirate’ VLC With Five Million Downloads

Post Syndicated from Andy original https://torrentfreak.com/google-wont-take-down-pirate-vlc-with-five-million-downloads-180206/

VLC is the media player of choice for Internet users around the globe. Downloaded for desktop at least 2,493,000,000 times since February 2005, VLC is an absolute giant. And those figures don’t even include GNU/Linux, iOS, Android, Chrome OS or Windows Phone downloads either.

Aside from its incredible functionality, VLC (operated by the VideoLAN non-profit) has won the hearts of Internet users for other key reasons, not least its commitment to being free and open source software. While it’s true to say that VLC doesn’t cost a penny, the term ‘free’ actually relates to the General Public License (GPL) under which it’s distributed.

The GPL aims to guarantee that software under it remains ‘free’ for all current and future users. To benefit from these protections, the GPL requires people who modify and redistribute software to afford others the same freedoms by informing them of the requirement to make source code available.

Since VLC is extremely popular and just about as ‘free’ as software can get, people get extremely defensive when they perceive that a third-party is benefiting from the software without adhering to the terms of the generous GPL license. That was the case beginning a few hours ago when veteran Reddit user MartinVanBallin pointed out a piece of software on the Google Play Store.

“They took VLC, put in ads, didn’t attribute VLC or follow the open source license, and they’re using Media Player Classics icon,” MartinVanBallin wrote.

The software is called 321 Media Player and has an impressive 4.5 score from more than 101,000 reviews. Despite not mentioning VLC or the GPL, it is based completely on VLC, as the image below (and other proof) shows.

VLC Media Player 321 Media Player

TorrentFreak spoke with VideoLAN President Jean-Baptiste Kempf who confirmed that the clone is in breach of the GPL.

“The Android version of VLC is under the license GPLv3, which requires everything inside the application to be open source and sharing the source,” Kempf says.

“This clone seems to use a closed-source advertisement component (are there any that are open source?), which is a clear violation of our copyleft. Moreover, they don’t seem to share the source at all, which is also a violation.”

Perhaps the most amazing thing is the popularity of the software. According to stats provided by Google, 321 Media Player has amassed between five and ten million downloads. That’s not an insignificant amount when one considers that unlike VLC, 321 Media Player contains revenue-generating ads.

Using GPL-licensed software for commercial purposes is allowed providing the license terms are strictly adhered to. Kempf informs TF that VideoLAN doesn’t mind if this happens but in this case, the GPL is not being respected.

“A fork application which changes some things is an interesting thing, because they maybe have something to give back to our community. The application here, is just a parasite, and I think they are useless and dangerous,” Kempf says.

All that being said, turning VLC itself into adware is something the VideoLAN team is opposed to. In fact, according to questions answered by Kempf last September, the team turned down “several tens of millions of euros” to turn their media player into an ad-supported platform.

“Integrating crap, adware and spyware with VLC is not OK,” Kempf informs TF.

TorrentFreak contacted the developer of 321 Media Player for comment but at the time of publication, we were yet to receive a response. We also asked for a copy of the source code for 321 Media Player as the GPL requires, but that wasn’t forthcoming either.

In the meantime, it appears that a small army of Reddit users are trying to get something done about the ‘rogue’ app by reporting it as an “inappropriate copycat” to Google. Whether this will have any effect remains to be seen but according to Kempf, tackling these clone versions has proven extremely difficult in the past.

“We reported this application already more than three times and Google refuses to take it down,” he says.

“Our experience is that it is very difficult to take these kinds of apps down, even if they embed spyware or malware. Maybe it is because it makes money for Google.”

Finally, Kempf also points to the obviously named “Indian VLC Player” on Google Play. Another VLC clone with up to 500,000 downloads, this one appears to breach both copyright and trademark law.

“We remove applications that violate our policies, such as apps that are illegal,” a Google spokesperson informs TorrentFreak.

“We don’t comment on individual applications; you can check out our policies for more information.”

Update: The app has now been removed from Google Play

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

New Kodi Addon Tool Might Carry Interesting Copyright Liability Implications

Post Syndicated from Andy original https://torrentfreak.com/new-kodi-addon-tool-might-carry-interesting-copyright-liability-implications-180124/

Kodi is the now ubiquitous media player taking the world by storm. In itself it’s a great piece of software but augmented with third-party software it can become a piracy powerhouse.

This software, known collectively as ‘add-ons’, enables Kodi to do things it was never designed for such as watching pirated movies, TV shows, and live sports. As a result, it’s the go-to media platform for millions around the globe, but for those distributing the add-ons, there can be risks attached.

As one of the most prominent Kodi-related sites around, TVAddons helped to distribute huge numbers of add-ons. The platform insists that if any add-on infringed copyright, it was only too willing to remove them under a DMCA-like regime. Last year, however, it became clear that copyright holders would prefer to sue TVAddons (1,2) than ask for takedowns.

With those lawsuits still ongoing, the site was left with a dilemma. Despite add-ons being developed and uploaded by third-parties, rightsholders are still trying to hold TVAddons responsible for what those add-ons can do. It’s a precarious situation that has led to TVAddons not having its own repository/repo (a place where the addons are stored for users to download) since the site ran into trouble last summer.

Now, however, the site has just launched a new tool which not only provides some benefits for users looking for addons, but also attempts to shift some liability for potential infringement away from the service and onto a company with much broader shoulders.

TVAddons’ Github Browser was released yesterday and is available via the platform’s Indigo tool. Its premise is simple.

Since many third-party Kodi add-ons are developed and first made available on Github, the world’s leading software development platform, why don’t users install them directly from there instead?

The idea is that this might reduce liability for distributors like TVAddons but could also present benefits for users, as they can be assured that they’re getting add-ons directly from the source.

Github Browser welcome screen

“Before the GitHub Browser, when an end user wanted to install a particular addon, they’d first have to download the necessary repository from either Fusion Installer or an alternative,” a TV addons spokesperson informs TF.

“This new feature gives the end user the ability to easily install any Kodi addon, and empowers developers to distribute their addons independently, without having to align themselves with a particular release group or web site.”

Aside from the benefits to users, it also means that TVAddons can provide its users with access to third-party add-ons without having to curate, store, or distribute them itself. In future, storage and distribution aspects can be carried out by Github, which has actually been the basic behind-the-scenes position for some time.

“GitHub has always been the leading host of Kodi addons, and also respects the law. The difference is, they are big enough to not be bullied by draconian legal maneuvers used by big corporations to censor the internet. We also felt that developers should be able to develop without having to comply with our rules, or any other Kodi web site’s rules for that matter,” TVAddons explain.

The screenshot of the Github Browser below reveals a text-heavy interface that will probably mean little to the low-level user of Kodi who bought his device already setup from a seller. However, those more familiar with the way Kodi functions will recognize that the filenames relate to add-ons which can now be directly installed via the browser.

The Github Browser

While the approach may seem basic or even inaccessible at first view, that wrongfully discounts the significant resources available to the sprawling third-party Kodi add-on community.

Dozens of specialist blogs and thousands of YouTube videos report in detail on the most relevant addons, providing all of the details users will need to identify and locate the required software. Developer usernames could be a good starting point, TVAddons suggests.

“We have already seen many social media posts, blogs and developers advertising their GitHub usernames in order to make it easier for users to find them,” the site explains.

From our tests, it appears that users really have to do all the work themselves. There doesn’t appear to be any add-on curation and users must know what they’re looking for in advance. Indeed, entering the Github usernames of developers who produce software that has nothing to do with Kodi can still present zip file results in the browser. Whether this will prove problematic later on will remain to be seen.

While most keen users won’t have a problem using the Github Browser, there is the question of whether redirecting the focus to the development platform will cause copyright holders to pay more attention to Github.

This has certainly happened in the past, such as when the Federation Against Copyright Theft targeted the SportsDevil add-on and had it removed from Github. It’s also worth noting that Github doesn’t appear to challenge takedown requests, so add-ons could be vulnerable if the heat gets turned up.

Nevertheless, TVAddons believes that the open source nature of most addons coupled with Github’s relative strength means that they’ll be able to stand up to most threats.

“Open source code lives on forever, it’s impossible to scrub the internet of freely distributed legitimate code. I think that GitHub is in a better position to legitimately assess and enforce the DMCA than us. They won’t be sued out of nowhere in circumvention of the DMCA in similar fashion to what we have been the victim of,” TVAddons says.

Several years ago, when The Pirate Bay got rid of torrents and relied on magnet links instead, the platform became much more compact, thus saving on bandwidth. The lack of a repository at TVAddons has also had benefits for the site. Previously it was consuming around 3PB (3,000,000 gigabytes) of bandwidth a month, with a hosting provider demanding $25,000 per month not to discontinue business.

Finally, the team says it is working on new browser features for the future, including repository distribution over torrents. Only time will tell how this new system will be viewed by copyright holders but even with add-on hosting taken care of externally, any form of curation could be instantly frowned upon, with serious consequences.

Details of the browser can be found here.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Is Your Kodi Setup Being Spied On?

Post Syndicated from Andy original https://torrentfreak.com/is-your-kodi-setup-being-spied-on-180101/

As quite possibly the most people media player on earth, Kodi is installed on millions of machines – around 38 million according to the MPAA. The software has a seriously impressive range of features but one, if not configured properly, raises security issues for Kodi users.

For many years, Kodi has had a remote control feature, whereby the software can be remotely managed via a web interface.

This means that you’re able to control your Kodi setup installed on a computer or set-top box using a convenient browser-based interface on another device, from the same room or indeed anywhere in the world. Earlier versions of the web interface look like the one in the image below.

The old Kodi web-interface – functional but basic

But while this is a great feature, people don’t always password-protect the web-interface, meaning that outsiders can access their Kodi setups, if they have that person’s IP address and a web-browser. In fact, the image shown above is from a UK Kodi user’s setup that was found in seconds using a specialist search engine.

While the old web-interface for Kodi was basically a remote control, things got more interesting in late 2016 when the much more functional Chorus2 interface was included in Kodi by default. It’s shown in the image below.

Chorus 2 Kodi Web-Interface

Again, the screenshot above was taken from the setup of a Kodi user whose setup was directly open to the Internet. In every way the web-interface of Kodi acts as a web page, allowing anyone with the user’s IP address (with :8080 appended to the end) to access the user’s setup. It’s no different than accessing Google with an IP address (216.58.216.142), instead of Google.com.

However, Chorus 2 is much more comprehensive that its predecessors which means that it’s possible for outsiders to browse potentially sensitive items, including their addons if a password hasn’t been enabled in the appropriate section in Kodi.

Kodi users probably don’t want this seen in public

While browsing someone’s addons isn’t the most engaging thing in the world, things get decidedly spicier when one learns that the Chorus 2 interface allows both authorized and unauthorized users to go much further.

For example, it’s possible to change Kodi’s system settings from the interface, including mischievous things such as disabling keyboards and mice. As seen (or not seen) in the redacted section in the image below, it can also give away system usernames, for example.

Access to Kodi settings – and more

But aside from screwing with people’s settings (which is both pointless and malicious), the Chorus 2 interface has a trick up its sleeve. If people’s Kodi setups contain video or music files (which is what Kodi was originally designed for), in many cases it’s possible to play these over the web interface.

In basic terms, someone with your IP address can view the contents of your video library on the other side of the world, with just a couple of clicks.

The image below shows that a Kodi setup has been granted access to some kind of storage (network or local disk, for example) and it can be browsed, revealing movies. (To protect the user, redactions have been made to remove home video titles, network, and drive names)

Network storage accessed via Chorus 2

The big question is, however, whether someone accessing a Kodi setup remotely can view these videos via a web browser. Answer: Absolutely.

Clicking through on each piece of media reveals a button to the right of its title. Clicking that reveals two options – ‘Queue in Kodi’ (to play on the installation itself) or ‘Download’, which plays/stores the content via a remote browser located anywhere in the world. Chrome works like a charm.

Queue to Kodi or watch remotely in a browser

While this is ‘fun’ and potentially useful for outsiders looking for content, it’s not great if it’s your system that’s open to the world. The good news is that something can be done about it.

In their description for Chorus 2, the Kodi team explain all of its benefits of the interface but it appears many people don’t take their advice to introduce a new password. The default password and username are both ‘kodi’ which is terrible for security if people leave things the way they are.

If you run Kodi, now is probably the time to fix the settings, disable the web interface if you don’t use it, or enable stronger password protection if you do.

Change that password – now

Just recently, Kodi addon repository TVAddons issued a warning to people using jailbroken Apple TV 2 devices. That too was a default password issue and one that can be solved relatively easily.

“People need to realize that their Kodi boxes are actually mini computers and need to be treated as such,” a TVAddons spokesperson told TF.

“When you install a build, or follow a guide from an unreputable source, you’re opening yourself up to potential risk. Since Kodi boxes aren’t normally used to handle sensitive data, people seem to disregard the potential risks that are posed to their network.”

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Our ‘Kodi Box’ Is Legal & Our Users Don’t Break the Law, TickBox Tells Hollywood

Post Syndicated from Andy original https://torrentfreak.com/our-kodi-box-is-legal-our-users-dont-break-the-law-tickbox-tells-hollywood-171229/

Georgia-based TickBox TV is a provider of set-top boxes that allow users to stream all kinds of popular content. Like other similar devices, Tickboxes use the popular Kodi media player alongside instructions how to find and use third-party addons.

Of course, these types of add-ons are considered a thorn in the side of the entertainment industries and as a result, Tickbox found itself on the receiving end of a lawsuit in the United States.

Filed in a California federal court in October, Universal, Columbia Pictures, Disney, 20th Century Fox, Paramount Pictures, Warner Bros, Amazon, and Netflix accused Tickbox of inducing and contributing to copyright infringement.

“TickBox sells ‘TickBox TV,’ a computer hardware device that TickBox urges its customers to use as a tool for the mass infringement of Plaintiffs’ copyrighted motion pictures and television shows,” the complaint reads.

“TickBox promotes the use of TickBox TV for overwhelmingly, if not exclusively, infringing purposes, and that is how its customers use TickBox TV. TickBox advertises TickBox TV as a substitute for authorized and legitimate distribution channels such as cable television or video-on-demand services like Amazon Prime and Netflix.”

The copyright holders reference a TickBox TV video which informs customers how to install ‘themes’, more commonly known as ‘builds’. These ‘builds’ are custom Kodi-setups which contain many popular add-ons that specialize in supplying pirate content. Is that illegal? TickBox TV believes not.

In a response filed yesterday, TickBox underlined its position that its device is not sold with any unauthorized or illegal content and complains that just because users may choose to download and install third-party programs through which they can search for and view unauthorized content, that’s not its fault. It goes on to attack the lawsuit on several fronts.

TickBox argues that plaintiffs’ claims, that TickBox can be held secondarily liable under the theory of contributory infringement or inducement liability as described in the famous Grokster and isoHunt cases, is unlikely to succeed. TickBox says the studios need to show four elements – distribution of a device or product, acts of infringement by users of Tickbox, an object of promoting its use to infringe copyright, and causation.

“Plaintiffs have failed to establish any of these four elements,” TickBox’s lawyers write.

Firstly, TickBox says that while its device can be programmed to infringe, it’s the third party software (the builds/themes containing addons) that do all the dirty work, and TickBox has nothing to do with them.

“The Motion spends a great deal of time describing these third-party ‘Themes’ and how they operate to search for and stream videos. But the ‘Themes’ on which Plaintiffs so heavily focus are not the [TickBox], and they have absolutely nothing to do with Defendant. Rather, they are third-party modifications of the open-source media player software [Kodi] which the Box utilizes,” the response reads.

TickBox says its device is merely a small computer, not unlike a smartphone or tablet. Indeed, when it comes to running the ‘pirate’ builds listed in the lawsuit, a device supplied by one of the plaintiffs can accomplish the same task.

“Plaintiffs have identified certain of these thirdparty ‘builds’ or ‘Themes’ which are available on the internet and which can be downloaded by users to view content streamed by third-party websites; however, this same software can be installed on many different types of devices, even one distributed by affiliates of Plaintiff Amazon Content Services, LLC,” the company adds.

Referencing the Grokster case, TickBox states that particular company was held liable for distributing a device (the Grokster software) “with the object of promoting its use to infringe copyright.” In the isoHunt case, it argues that the provision of torrent files satisfied the first element of inducement liability.

“In contrast, Defendant’s product – the Box – is not software through which users can access unauthorized content, as in Grokster, or even a necessary component of accessing unauthorized content, as in Fung [isoHunt],” TickBox writes.

“Defendant offers a computer, onto which users can voluntarily install legitimate or illegitimate software. The product about which Plaintiffs complain is third-party software which can be downloaded onto a myriad of devices, and which Defendant neither created nor supplies.”

From defending itself, TickBox switches track to highlight weaknesses in the studios’ case against users of its TickBox device. The company states that the plaintiffs have not presented any evidence that buyers of the TickBox streaming unit have actually accessed any copyrighted material.

Interestingly, however, the company also notes that even if people had streamed ‘pirate’ content, that might not constitute infringement.

First up, the company notes that there are no allegations that anyone – from TickBox itself to TickBox device owners – ever violated the plaintiffs’ exclusive right to perform its copyrighted works.

TickBox then further argues that copyright law does not impose liability for viewing streaming content, stating that an infringer is one who violates any of the exclusive rights of the copyright holder, in this case, the right to “perform the copyrighted work publicly.”

“Plaintiffs do not allege that Defendant, Defendant’s product, or the users of Defendant’s product ‘transmit or otherwise communicate a performance’ to the public; instead, Plaintiffs allege that users view streaming material on the Box.

“It is clear precedent [Perfect 10 v Google] in this Circuit that merely viewing copyrighted material online, without downloading, copying, or retransmitting such material, is not actionable.”

Taking this argument to its logical conclusion, TickBox insists that if its users aren’t infringing copyright, it’s impossible to argue that TickBox induced its customers to violate the plaintiffs’ rights. In that respect, plaintiffs’ complaints that TickBox failed to develop “filtering tools” to diminish its customers’ infringing activity are moot, since in TickBox’s eyes no infringement took place.

TickBox also argues that unlike in Grokster, where the defendant profited when users’ accessed infringing content, it does not. And, just to underline the earlier point, it claims that its place in the market is not to compete with entertainment companies, it’s actually to compete with devices such as Amazon’s Firestick – another similar Android-powered device.

Finally, TickBox notes that it has zero connection with any third-party sites that transmit copyrighted works in violation of the plaintiffs’ rights.

“Plaintiff has not alleged any element of contributory infringement vis-à-vis these unknown third-parties. Plaintiff has not alleged that Defendant has distributed any product to those third parties, that Defendant has committed any act which encourages those third parties’ infringement, or that any act of Defendant has, in fact, caused those third parties to infringe,” its response adds.

But even given the above defenses, TickBox says that it “voluntarily took steps” to remove links to the allegedly infringing Kodi builds from its device, following the plaintiffs’ lawsuit. It also claims to have modified its advertising and webpage “to attempt to appease Plaintiffs and resolve their complaint amicably.”

Given the above, TickBox says that the plaintiffs’ application for injunction is both vague and overly broad and would impose “imperssible hardship” on the company by effectively shutting it down while requiring it to “hack into and delete content” which TickBox users may have downloaded to their boxes.

TickBox raises some very interesting points around some obvious weaknesses so it will be intriguing to see how the Court handles its claims and what effect that has on the market for these devices in the US. In particular, the thorny issue of how they are advertised and promoted, which is nearly always the final stumbling block.

A copy of Tickbox’s response is available here (pdf), via Variety

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

The Truth Behind the “Kodi Boxes Can Kill Their Owners” Headlines

Post Syndicated from Andy original https://torrentfreak.com/the-truth-behind-the-kodi-boxes-can-kill-their-owners-headlines-171118/

Another week, another batch of ‘Kodi Box Armageddon’ stories. This time it hasn’t been directly about the content they can provide but the physical risks they pose to their owners.

After being primed in advance, the usual British tabloids jumped into action early Thursday, noting that following tests carried out on “illicit streaming devices” (aka Android set-top devices), 100% of them failed to meet UK national electrical safety regulations.

The tests were carried out by Electrical Safety First, a charity which was prompted into action by anti-piracy outfit Federation Against Copyright Theft.

“A series of product safety tests on popular illicit streaming devices entering the UK have found that 100% fail to meet national electrical safety regulations,” a FACT statement reads.

“The news is all the more significant as the Intellectual Property Office (IPO) estimates that more than one million of these illegal devices have been sold in the UK in the last two years, representing a significant risk to the general public.”

After reading many sensational headlines stating that “Kodi Boxes Might Kill Their Owners”, please excuse us for groaning. This story has absolutely nothing – NOTHING – to do with Kodi or any other piece of software. Quite obviously, software doesn’t catch fire.

So, suspecting that there might be more to this than meets the eye, we decided to look beyond the press releases into the actual Electrical Safety First (ESF) report. While we have no doubt that ESF is extremely competent in its field (it is, no question), the front page of its report is disappointing.

Despite the items sent for testing being straightforward Android-based media players, the ESF report clearly describes itself as examining “illicit streaming devices”. It’s terminology that doesn’t describe the subject matter from an electrical, safety or technical perspective but is pretty convenient for FACT clients Sky and the Premier League.

Nevertheless, the full picture reveals rather more than most of the headlines suggest.

First of all, it’s important to know that ESF tested just nine devices out of the million or so allegedly sold in the UK during the past two years. Even more importantly, every single one of those devices was supplied to ESF by FACT.

Now, we’re not suggesting they were hand-picked to fail but it’s clear that the samples weren’t provided from a neutral source. Also, as we’ll learn shortly, it’s possible to determine in advance if an item will fail to meet UK standards simply by looking at its packaging and casing.

But perhaps even more intriguing is that the electrical testing carried out by ESF related primarily not to the set-top boxes themselves, but to their power supplies. ESF say so themselves.

“The product review relates primarily to the switched mode power supply units for the connection to the mains supply, which were supplied with the devices, to identify any potential risks to consumers such as electric shocks, heating and resistance to fire,” ESF reports.

The set-top boxes themselves were only assessed “in terms of any faults in the marking, warnings and instructions,” the group adds.

So, what we’re really talking about here isn’t dangerous illicit streaming devices set-top boxes, but the power supply units that come with them. It might seem like a small detail but we’ll come to the vast importance of this later on.

Firstly, however, we should note that none of the equipment supplied by FACT complied with Schedule 1 of the Electrical Equipment (Safety) Regulations 1994. This means that they failed to have the “Conformité Européene” or CE logo present. That’s unacceptable.

In addition, none of them lived up the requirements of Schedule 3 of the Electrical Equipment (Safety) Regulations 1994 either, which in part requires the manufacturer’s brand name or trademark to be “clearly printed on the electrical equipment or, where that is not possible, on the packaging.” (That’s how you can tell they’ll definitely fail UK standards, before sending them for testing)

Also, none of the samples were supplied with “sufficient safety or warning information to ensure the safe and correct use, assembly, installation or maintenance of the equipment.” This represents ‘a technical breach’ of the regulations, ESF reports.

Finally, several of the samples were considered to be a potential risk to their users, either via electric shock and/or fire. That’s an important finding and people who suspect they have such devices at home should definitely take note.

However, the really important point isn’t mentioned in the tabloids, probably since it distracts from the “Kodi Armageddon” narrative which underlies the whole study and subsequent reports.

ESF says that one of the key issues is that the set-top boxes come unbranded, something which breaches safety regulations while making it difficult for consumers to assess whether they’re buying a quality product. Crucially, this is not exclusively a set-top box problem, it is much, MUCH bigger.

“Issues with power supply units or unbranded and counterfeit chargers go beyond illicit streaming devices. In the last year, issues have been reported with other consumer electrical devices, such as laptop chargers and counterfeit phone chargers,” the same ESF report reveals.

“The total annual online sales of mains plug-in chargers is estimated to be in the region of 1.8 million and according to Electrical Safety First, it is likely that most of these sales involve cheap, unbranded chargers.”

So, we looked into this issue of problem power supplies and chargers generally, to see where this report fits into the bigger picture. It transpires it’s a massive problem, all over the UK, across a wide range of products. In fact, Trading Standards reports that 99% of non-genuine Apple chargers bought online “fail a basic safety test”.

But buying from reputable High Street retailers doesn’t help either.

During the past year, Poundworld was fined for selling – wait for it – 72,000 dangerous chargers. Home Bargains was also fined for selling “thousands” of power adaptors that fail to meet UK standards.

“All samples provided failed to comply with Electrical Equipment Safety Regulations and were not marked with the manufacturer’s name,” Trading Standards reports.

That sounds familiar.

So, there you have it. Far from this being an isolated “Kodi Box Crisis” as some have proclaimed, this is a broad issue affecting imported electrical items in general. On this basis, one can’t help but think the tabloids missed a trick here. Think of the power of this headline:

ALL UNBRANDED ELECTRICAL EQUIPMENT CAN KILL, DISCONNECT EVERYTHING

or, alternatively:

PIRATES URGED TO SWITCH TO BRANDED AMAZON FIRESTICKS, SAFER FOR KODI

Perhaps not….

The ESF report can be found here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

MPAA: Almost 70% of 38 Million Kodi Users Are Pirates

Post Syndicated from Andy original https://torrentfreak.com/mpaa-almost-70-of-38-million-kodi-users-are-pirates-171104/

As torrents and other forms of file-sharing resolutely simmer away in the background, it is the streaming phenomenon that’s taking the Internet by storm.

This Tuesday, in a report by Canadian broadband management company Sandvine, it was revealed that IPTV traffic has grown to massive proportions.

Sandvine found that 6.5% of households in North American are now communicating with known TV piracy services. This translates to seven million subscribers and many more potential viewers. There’s little doubt that IPTV and all its variants, Kodi streaming included, are definitely here to stay.

The topic was raised again Wednesday during a panel discussion hosted by the Copyright Alliance in conjunction with the Creative Rights Caucus. Titled “Copyright Pirates’ New Strategies”, the discussion’s promotional graphic indicates some of the industry heavyweights in attendance.

The Copyright Alliance tweeted points from the discussion throughout the day and soon the conversation turned to the streaming phenomenon that has transformed piracy in recent times.

Previously dubbed Piracy 3.0 by the MPAA, Senior Vice President, Government and Regulatory Affairs Neil Fried was present to describe streaming devices and apps as the latest development in TV and movie piracy.

Like many before him, Fried explained that the Kodi platform in its basic form is legal. However, he noted that many of the add-ons for the media player provide access to pirated content, a point proven in a big screen demo.

Kodi demo by the MPAA via Copyright Alliance

According to the Copyright Alliance, Fried then delivered some interesting stats. The MPAA believes that there are around 38 million users of Kodi in the world, which sounds like a reasonable figure given that the system has been around for 15 years in various guises, including during its XBMC branding.

However, he also claimed that of those 38 million, a substantial 26 million users have piracy addons installed. That suggests around 68.5% or seven out of ten of all Kodi users are pirates of movies, TV shows, and other media. Taking the MPAA statement to its conclusion, only 12 million Kodi users are operating the software legitimately.

TorrentFreak contacted XBMC Foundation President Nathan Betzen for his stance on the figures but he couldn’t shine much light on usage.

“Unfortunately I do not have an up to date number on users, and because we don’t watch what our users are doing, we have no way of knowing how many do what with regards to streaming. [The MPAA’s] numbers could be completely correct or totally made up. We have no real way to know,” Betzen said.

That being said, the team does have the capability to monitor overall Kodi usage, even if they don’t publish the stats. This was revealed back in June 2011 when Kodi was still called XBMC.

“The addon system gives us the opportunity to measure the popularity of addons, measure user base, estimate the frequency that people update their systems, and even, ultimately, help users find the more popular addons,” the team wrote.

“Most interestingly, for the purposes of this post, is that we can get a pretty good picture of how many active XBMC installs there are without having to track what each individual user does.”

Using this system, the team concluded there were roughly 435,000 active XBMC instances around the globe in April 2011, but that figure was to swell dramatically. Just three months later, 789,000 XBMC installations had been active in the previous six weeks.

What’s staggering is that in 2017, the MPAA claims that there are now 38 million users of Kodi, of which 26 million are pirates. In the absence of any figures from the Kodi team, TF asked Kodi addon repository TVAddons what they thought of the MPAA’s stats.

“We’ve always banned the use of analytics within Kodi addons, so it’s really impossible to make such an estimate. It seems like the MPAA is throwing around numbers without much statistical evidence while mislabelling Kodi users as ‘pirate’ in the same way that they have mislabelled legitimate services like CloudFlare,” a spokesperson said.

“As far as general addon use goes, before our repository server (which contained hundreds of legitimate addons) was unlawfully seized, it had about 39 million active users per month, but even we don’t know how many users downloaded which addons. We never allowed for addon statistics for users because they are invasive to privacy and breed unhealthy competition.”

So, it seems that while there is some dispute over the number of potential pirates, there does at least appear to be some consensus on the number of users overall. The big question, however, is how groups like the MPAA will deal with this kind of unauthorized infringement in future.

At the moment the big push is to paint pirate platforms as dangerous places to be. Indeed, during the discussion this week, Copyright Alliance CEO Keith Kupferschmid claimed that users of pirate services are “28 times more likely” to be infected with malware.

Whether that strategy will pay off remains unclear but it’s obvious that at least for now, Piracy 3.0 is a massive deal, one that few people saw coming half a decade ago but is destined to keep growing.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

EFF: The War on General-Purpose Computing Turns on the Streaming Media Box Community

Post Syndicated from corbet original https://lwn.net/Articles/735166/rss

The EFF highlights
a number of attacks
against distributors of add-ons for the Kodi streaming media system.
These lawsuits by big TV incumbents seem to have a few goals: to
expand the scope of secondary copyright infringement yet again, to force
major Kodi add-on distributors off of the Internet, and to smear and
discourage open source, freely configurable media players by focusing on
the few bad actors in that ecosystem. The courts should reject these
expansions of copyright liability, and TV networks should not target
neutral platforms and technologies for abusive lawsuits.

Live Mayweather v McGregor Streams Will Thrive On Torrents Tonight

Post Syndicated from Andy original https://torrentfreak.com/live-mayweather-v-mcgregor-streams-will-thrive-on-torrents-tonight-170826/

Tonight, August 26, at the T-Mobile Arena in Las Vegas, Floyd Mayweather Jr. will finally meet UFC lightweight champion Conor McGregor in what is being billed as the biggest fight in boxing history.

Although tickets for inside the arena are still available for those with a lot of money to burn, most fans will be viewing on a screen of some kind, whether that’s in a cinema, sports bar, or at home in front of a TV.

The fight will be available on Showtime in the United States but the promoters also say they’ve done their best to make it accessible to millions of people in dozens of countries, with varying price tags dependent on region. Nevertheless, due to generally high prices, it’s likely that untold thousands around the world will attempt to watch the fight without paying.

That will definitely be possible. Although Showtime has won a pre-emptive injunction to stop some sites offering the fight, many hundreds of others are likely to fill in the gaps, offering generally lower-quality streams to the eager masses. Whether all of these sites will be able to cope with what could be unprecedented demand will remain to be seen, but there is one method that will thrive under the pressure.

Torrent technology is best known for offering content after it’s aired, whether that’s the latest episode of Game of Thrones or indeed a recording of the big fight scheduled for the weekend. However, what most ‘point-and-click’ file-sharers won’t know is that there’s a torrent-based technology that offers live sporting events week in, week out.

Without going into too many technical details, AceStream / Ace Player HD is a torrent engine built into the ever-popular VLC media player. It’s available on Windows, Android and Linux, costs nothing to install, and is incredibly easy to use.

Where regular torrent clients handle both .torrent files and magnet links, AceStream relies on an AceStream Content ID to find streams to play instead. This ID is a hash value (similar to one seen in magnet links, but prefaced with ‘acestream://’) which relates to the stream users want to view.

Once found, these can be copied to the user’s clipboard and pasted into the ‘Open Ace Stream Content ID’ section of the player’s file menu. Click ‘play’ and it’s done – it really is that simple.

AceStream is simplicity itself

Of course, any kind of content – both authorized and unauthorized – can be streamed and shared using AceStream and there are hundreds of live channels available, some in very high quality, 24/7. Inevitably, however, there’s quite an emphasis on premium content from sports broadcasters around the world, with fresh links to content shared on a daily basis.

The screenshot below shows a typical AceStream Content ID indexing site, with channels on the left, AceStream Content IDs in the center, plus language and then stream speed on the far right. (Note: TF has redacted the links since many will still be live at time of publication)

A typical AceSteam Content ID listing

While streams of most major TV channels are relatively easy to find, specialist channels showing PPV events are a little bit more difficult to discover. For those who know where to look, however, the big fight will be only a cut-and-paste away and in much better quality than that found on most web-based streaming portals.

All that being said, for torrent enthusiasts the magic lies in the ability of the technology to adapt to surging demand. While websites and streams wilt under the load Saturday night, it’s likely that AceStream streams will thrive under the pressure, with viewers (downloaders/streamers) also becoming distributors (uploaders) to others watching the event unfold.

With this in mind, it’s worth noting that while AceStream is efficient and resilient, using it to watch infringing content is illegal in most regions, since simultaneous uploading also takes place. Still, that’s unlikely to frighten away enthusiasts, who will already be aware of the risks and behind a VPN.

Ace Streams do have an Achilles heel though. Unlike a regular torrent swarm, where the initial seeder can disappear once a full copy of the movie or TV show is distributed around other peers, AceStreams are completely reliant on the initial stream seeder at all times. If he or she disappears, the live stream dies and it is all over. For this reason, people looking to stream often have a couple of extra stream hashes standing by.

But for big fans (who also have the money to spend, of course), the decision to pirate rather than pay is one not to be taken lightly. The fight will be a huge spectacle that will probably go down in history as the biggest combat sports event of all time. If streams go down early, that moment will be gone forever, so forget telling your kids about the time you watched McGregor knock out Mayweather in Round Two.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Kodi Security Risk Emerges After TVAddons Shutdown

Post Syndicated from Andy original https://torrentfreak.com/kodi-security-risk-emerges-after-tvaddons-shutdown-170723/

Formerly known as XBMC, the popularity of the entirely legal Kodi media player has soared in recent years.

Controversial third-party addons that provide access to infringing content have thrust Kodi into the mainstream and the product is now a household name.

Until recently, TVAddons.ag was the leading repository for these addons. During March, the platform had 40 million unique users connected to the site’s servers, together transferring an astounding petabyte of addons and updates.

Everything was going well until news broke last month that the people behind TVAddons were being sued in a federal court in Texas. Shortly after the site went dark and hasn’t been back since.

This was initially a nuisance to the millions of Kodi devices that relied on TVAddons for their addons and updates. With the site gone, none were forthcoming. However, the scene recovered relatively quickly and for users who know what they’re doing, addons are now available from elsewhere.

That being said, something very unusual happened this week. Out of the blue, several key TVAddons domains were transferred to a Canadian law firm. TVAddons, who have effectively disappeared, made no comment. The lawyer involved, Daniel Drapeau, ignored requests for an explanation.

While that’s unusual enough, there’s a bigger issue at play here for millions of former TVAddons users who haven’t yet wiped their devices or upgraded them to work with other repositories.

Without going into huge technical detail, any user of an augmented Kodi device that relied on TVAddons domains (TVAddons.ag, Offshoregit.com) for updates can be reasonably confident that the domains their device is now accessing are not controlled by TVAddons anymore. That is not good news.

When a user installs a Kodi addon or obtains an update, the whole system is based on human trust. People are told about a trustworthy source (repository or ‘repo’) and they feel happy getting their addons and updates from it.

However, any person in control of a repo can make a Kodi addon available that can do pretty much anything. When that’s getting free movies, people tend to be happy, but when that’s making a botnet out of set-top boxes, enthusiasm tends to wane a bit.

If the penny hasn’t yet dropped, consider this.

TVAddons’ domains are now being run by a law firm which refuses to answer questions but has the power to do whatever it likes with them, within the law of course. Currently, the domains are lying dormant and aren’t doing anything nefarious, but if that position changes, millions of people will have absolutely no idea anything is wrong.

TorrentFreak spoke to Kodi Project Manager Nathan Betzen who agrees that the current security situation probably isn’t what former TVAddons users had in mind.

“These are unsandboxed Python addons. The person [in control of] the repo could do whatever they wanted. You guys wrote about the addon that created a DDoS event,” Betzen says.

“If some malware author wanted, he could easily install a watcher that reports back the user’s IP address and everything they were doing in Kodi. If the law firm is actually an anti-piracy group, that seems like the likeliest thing I can think of,” he adds.

While nothing can be ruled out, it seems more likely that the law firm in question has taken control of TVAddons’ domains in order to put them out of action, potentially as part of a settlement in the Dish Network lawsuit. However, since it refuses to answer any questions, everything is open to speculation.

Another possibility is that the domains are being held pending sale, which then raises questions over who the buyer might be and what their intentions are. The bottom line is we simply do not know and since nobody is talking, it might be prudent to consider the worst case scenario.

“If it’s just a holding group, then people [in control of the domain/repo] could do whatever they can think of. Want a few million incredibly inefficient bit mining boxes?” Betzen speculates.

While this scenario is certainly a possibility, one would at least like to think of it as unlikely. That being said, plenty of Internet security fails can be attributed to people simply hoping for the best when things go bad. That rarely works.

On the plus side, Betzen says that since Python code is usually pretty easy to read, any nefarious action could be spotted by vigilant members of the community fairly quickly. However, Martijn Kaijser from Team Kodi warns that it’s possible to ship precompiled Python code instead of the readable versions.

“You can’t even see what’s in the Python files and what they do,” he notes.

Finally, there’s a possibility that TVAddons may be considering some kind of comeback. Earlier this week a new domain – TVAddons.co – was freshly registered, just after the old domains shifted to the law firm. At this stage, however, nothing is known about the site’s plans.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Check Point: Hacked in Translation

Post Syndicated from corbet original https://lwn.net/Articles/723696/rss

Check Point has issued an
advisory
that a number of video-player applications can be compromised
via specially crafted subtitles. “By crafting malicious subtitle
files, which are then downloaded by a victim’s media player, attackers can
take complete control over any type of device via vulnerabilities found in
many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time
and strem.io. We estimate there are approximately 200 million video players
and streamers that currently run the vulnerable software, making this one
of the most widespread, easily accessed and zero-resistance vulnerability
reported in recent years.

Peeqo – The GIF Bot

Post Syndicated from Alex Bate original https://www.raspberrypi.org/blog/peeqo-the-gif-bot/

Peeqo is a conversational UI that answers only in GIFs. For those who know me, it’s essentially the physical version of 90% of my text messages with friends and colleagues.

I’m sure that future historians will look back on 2016 (if they dare acknowledge its presence) as the year we returned to imagery as our main form of social interaction. Once upon a time, we communicated stories and emotions via drawings on cave walls and hieroglyphs etched into stone. Throw in a few thousand years of language evolution, and we’re right back to where we started, albeit with a few added frames of movement.

So whether you pronounce it GIF with a ‘Guh’ or GIF with a ‘Juh’, you’re sure to have come across one in your everyday life. After all, they make for a much better visual response than the boring old word format we’ve grown accustomed to.

So it’s no surprise that when programmer and developer Abhishek Singh introduced Reddit to Peeqo, he managed to peak-o* our GIF interest right away.

Peeqo was Singh’s thesis project at the New York University Tisch School of the Arts. It was his attempt to merge the three things he loves: making things by hand, animated movies, and the GIF.

Some of you may be aware of Slack, a team messaging system used by businesses, groups, and charities (*ahem*) across the globe. One of Slack’s many features is the ability to pull GIFs from the popular GIF database GIPHY and display them in response to text conversation. Peeqo uses this same premise, searching keywords on the site to pull the correct response to your verbal communication with the bot.

(It’s a great lesson in making sure you use correct keywords when saving images to the web for public use, as some of the responses don’t always fit the mood. An example, which I will leave you to find, would be a specific Team America GIF that Liz has banned me from using in the Comms Team channel.)

Peeqo sits on your desk and uses the Google Speech API to detect the use of the wake word ‘Peeqo’ via one of four microphones, then it uses api.ai to search GIPHY for the correct response to your query. All of this runs with a Raspberry Pi at its heart, while two Arduinos work to control the LED notification ring atop its head and the servo motor that dictates the body’s movement. Peeqo also acts as a great bridge into home automation, controlling lights and other smart devices in your home or office, along with acting as a media player and new best friend work-based assistant.

I won’t go into the technical details of the build, but if you’re interested, an almost fully GIF-powered walkthrough of Peeqo is available here.

As is the case with so many of you lovely makers out there, Singh aims to make the entire project open-source; you can sign up for a notification as to when this will happen here.

Until then, here’s Abhishek explaining his project in more detail.

Abhishek Singh – PEEQO – YOUR DELIGHTFUL ROBOT ASSISTANT

Peeqo is a personal desktop robotic assistant who expresses himself through GIFs. Designed for people who spend long hours at their desks, this pint sized robot helps with essential work tasks and provides little moments of delight and entertainment often needed to get through the day. https://itp.nyu.edu/thesis2016/project/abhishek-singh http://peeqo.com

 

*Peak-o? Oh wow. Wow. I’m sorry. I’m so sorry. I’ll get my coat.

 

The post Peeqo – The GIF Bot appeared first on Raspberry Pi.

The Compute Module – now in an NEC display near you

Post Syndicated from Eben Upton original https://www.raspberrypi.org/blog/compute-module-nec-display-near-you/

Back in April 2014, we launched the Compute Module to provide hardware developers with a way to incorporate Raspberry Pi technology into their own products. Since then we’ve seen it used to build home media players, industrial control systems, and everything in between.

Earlier this week, NEC announced that they would be adding Compute Module support to their next-generation large-format displays, starting with 40″, 48″ and 55″ models in January 2017 and eventually scaling all the way up to a monstrous 98″ (!!) by the end of the year. These are commercial-grade displays designed for use in brightly-lit public spaces such as schools, offices, shops and railway stations.

Believe it or not these are the small ones

Believe it or not, these are the small ones.

NEC have already lined up a range of software partners in retail, airport information systems, education and corporate to provide presentation and signage software which runs on the Compute Module platform. You’ll be seeing these roll out in a lot of locations that you visit frequently.

Each display has an internal bay which accepts an adapter board loaded with either the existing Compute Module, or the upcoming Compute Module 3, which incorporates the BCM2837 application processor and 1GB of LPDDR2 memory found on the Raspberry Pi 3 Model B. We’re expecting to do a wider release of Compute Module 3 to everybody around the end of the year.

The Compute Module in situ

The Compute Module in situ

We’ve been working on this project with NEC for over a year now, and are very excited that it’s finally seeing the light of day. It’s an incredible vote of confidence in the Raspberry Pi Compute Module platform from a blue-chip hardware vendor, and will hopefully be the first of many.

Now, here’s some guy to tell you more about what’s going on behind the screens you walk past every day on your commute.

‘The Power to Surprise’ live stream at Display Trends Forum 2016 – NEC Teams Up With Raspberry Pi

NEC Display Solutions today announced that it will be sharing an open platform modular approach with Raspberry Pi, enabling a seamless integration of Raspberry Pi’s devices with NEC’s displays. NEC’s leading position in offering the widest product range of display solutions matches perfectly with the Raspberry Pi, the organisation responsible for developing the award-winning range of low-cost, high-performance computers.

The post The Compute Module – now in an NEC display near you appeared first on Raspberry Pi.

The latest update to Raspbian

Post Syndicated from Simon Long original https://www.raspberrypi.org/blog/another-update-raspbian/

No exciting new hardware announcement to tie it to this time, but we’ve just released a new version of our Raspbian image with some (hopefully) useful features. Read on for all the details of what has changed…

Bluetooth

When the Pi 3 launched back in February, we’d not had time to do much in terms of getting access to the new onboard Bluetooth hardware. There was a working software stack, but the UI was non-existent.

I’d hoped to be able to use one of the existing Linux Bluetooth UIs, but on trying them all, none were really what I was looking for in terms of usability and integration with the look and feel of the desktop. I really didn’t want to write one from scratch, but that ended up being what I did, which meant a fun few weeks trying to make head or tail of the mysteries of BlueZ and D-Bus. After a few false starts, I finally got something I felt was usable, and so there is now a Bluetooth plugin for the lxpanel taskbar.

btmenu

On the taskbar, to the left of the network icon, there is now a Bluetooth icon. Clicking this opens a menu which allows you to make the Pi discoverable by other devices, or to add or remove a Bluetooth device. Selecting the ‘Add Device…’ option opens a window which will gradually populate with any discoverable Bluetooth devices which are in range – just select the one you want to pair with and press the ‘Pair’ button.

btdialog

You will then be guided through the pairing procedure, the nature of which depends on the device. With many devices (such as mice or speakers), pairing is entirely automatic and requires no user interaction; on others you may be asked to enter a code or to confirm that a code displayed on a remote device matches that shown on the Pi. Follow the prompts, and (all being well), you should be rewarded with a dialog telling you that pairing was successful.

Paired devices are listed at the end of the Bluetooth menu – these menu entries can be used to connect or disconnect a paired device. To remove a pairing completely, use the ‘Remove Device…’ option in the menu.

Bluetooth support is limited at this stage; you can pair with pretty much anything, but you can only usefully connect to devices which support either the Human Interface Device or Audio Sink services – in other words, mice, keyboards and other UI devices, and speakers and headsets.

Devices should reconnect after a reboot or on powering up your Pi, but bear in mind that keyboards and mice may need you to press a key or click the mouse button to wake them from sleep when first used after a power-up.

The Bluetooth UI should also work with an external Bluetooth dongle on platforms other than Pi 3 – I’ve successfully tested it with a Targus dongle on all the earlier platforms.

Bluetooth audio

The UI now supports the use of Bluetooth speakers and headsets for audio output, with a few caveats, about which more below.

To connect an audio device, you pair it as described above – it will then be listed in the audio device menu, accessible by right-clicking the speaker icon on the taskbar.

audiomen

Selecting a Bluetooth device from the audio device menu will cause it to be selected as the default audio output device – there will be a few seconds’ pause while the connection is established. You can then use the volume control on the taskbar to control it, as for standard wired audio devices.

There is one issue with the support for Bluetooth audio, however. Due to the way the Bluetooth stack has been written, Bluetooth devices do not appear to the system as standard ALSA audio devices – they require the use of an intermediate audio layer called PulseAudio. The PulseAudio magic is all built into the UI – you don’t need to worry about setting it up – but the problem is that not all applications are able to send audio to the PulseAudio interface, and therefore cannot output audio over Bluetooth.

Most applications work just fine – videos and music work in the Epiphany and Iceweasel browsers, as does the command-line mplayer music player and the vlc media player. But at present neither Scratch nor Sonic Pi can output audio over Bluetooth – we are working with the authors of these programs to address this and are hopeful that both can be made compatible, so please bear with us!

The use of PulseAudio has one other effect that may cause issues for a small number of users – specifically, if you are already using PulseAudio for anything other than interfacing with Bluetooth devices. This plugin will automatically stop the PulseAudio service whenever a standard ALSA device is selected. If you are using PulseAudio for your own purposes, it would be best to remove the volumealsa plugin from the taskbar completely to avoid this – just right-click anywhere on the taskbar, choose ‘Add/Remove Panel Items’, and remove the “Volume Control (ALSA)” item from the list.

SD card copier

One query which comes up a lot on the forums is about the best way to back up your Pi. People also want to know how to migrate their Raspbian install to a new SD card which is larger or smaller than the one they are using at the moment. This has been difficult with the command-line tools that we’ve recommended in the past, so there is now a new application to help with this, and you’ll find it in the menu under ‘Accessories’.

sdcc

The SD Card Copier application will copy Raspbian from one card to another – that’s pretty much all it does – but there are several useful things that you can do as a result. To use it, you will need a USB SD card writer.

To take a common example: what if you want to back up your existing Raspbian installation? Put a blank SD card in your USB card writer and plug it into your Pi, and then launch SD Card Copier. In the ‘Copy From Device’ box, select “Internal SD Card”, and then select the USB card writer in the ‘Copy To Device’ box (where it will probably be the only device listed). Press ‘Start’, watch the messages on the screen and wait – in ten or fifteen minutes, you should have a clone of your current installation on the new SD card. You can test it by putting the newly-copied card into the Pi’s SD card slot and booting it; it should boot and look exactly the same as your original installation, with all your data and applications intact.

You can run directly from the backup, but if you want to recover your original card from your backup, simply reverse the process – boot your Pi from the backup card, put the card to which you want to restore into the SD card writer, and repeat the process above.

The program does not restrict you to only copying to a card the same size as the source; you can copy to a larger card if you are running out of space on your existing one, or even to a smaller card (as long as it has enough space to store all your files – the program will warn you if there isn’t enough space). It has been designed to work with Raspbian and NOOBS images; it may work with other OSes or custom card formats, but this can’t be guaranteed.

The only restriction is that you cannot write to the internal SD card reader, as that would overwrite the OS you are actually running, which would cause bad things to happen.

Please also bear in mind that everything on the destination card will be overwritten by this program, so do make sure you’ve got nothing you want to keep on the destination card before you hit Start!

pigpio

This image includes the pigpio library from abyz.co.uk – this provides a unified way of accessing the Pi’s GPIO pins from Python, C and other languages. It removes the need to use sudo in programs which want to access the GPIOs, and as a result Scratch now runs sudo-less for everyone.

Geany

One of the tools which is really useful for professional programmers is a good text editor – the simple editor provided with LXDE is fine for small tasks, but not really suitable for serious work.

geany

The image now includes the Geany editor, which is much better suited to big projects – it offers features like syntax highlighting, automatic indentation and management of multiple files. There’s good online help built into the program itself, or have a look at the Geany website.

New versions of applications

There are new versions of many of the standard programs included in the image, including Scratch, Sonic Pi, Node-RED, BlueJ and PyPy. Please see the relevant individual websites or changelists for details of what has changed in each of these.

New kernel

The Linux kernel has been upgraded to version 4.4. This change should have no noticeable effect for most users, but it does force the use of device tree; if you’ve been hacking about with your Raspbian install, particularly in terms of installing new hardware, you may find reading this forum post useful.

Tweaks

There are a lot of small user interface tweaks throughout the system which you may notice. Some of these include:

• A new Shutdown Options dialog

shutdown

• The Mouse and Keyboard Settings dialog now allows you to set the delay between double-clicks of the mouse button

mandk

• The Raspberry Pi Configuration dialog now allows you to enable or disable the single-wire interface, and to enable or disable remote access to the pigpio daemon

rcgui

• Right-clicking the Wastebasket icon on the desktop now gives the option to empty the wastebasket

ewaste

• The keyboard shortcut Ctrl-Alt-T can now be used to open a Terminal window

Finally, there are a couple of setup-related features:

• When flashing a new Raspbian image, the file system will automatically be expanded to use all the space on the card when it is first booted.

• If a wpa_supplicant.conf file is placed into the /boot/ directory, this will be moved to the /etc/wpa_supplicant/ directory the next time the system is booted, overwriting the network settings; this allows a Wifi configuration to be preloaded onto a card from a Windows or other machine that can only see the boot partition.

There are also a host of fixes for minor bugs in various parts of the system, and some general cleaning-up of themes and text.

How do I get it?

A full image and a NOOBS installer are available from the Downloads page on this website.

If you are running the current Jessie image, it can be updated to the new version by running

sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get install piclone geany usb-modeswitch

As ever, your feedback on the new release is very welcome – feel free to comment here or in the forums.

The post The latest update to Raspbian appeared first on Raspberry Pi.