Tag Archives: news

Piracy and File-Sharing Traffic Surges Amidst Covid-19 Crisis

Post Syndicated from Ernesto original https://torrentfreak.com/piracy-and-filesharing-traffic-surges-amidst-covid-19-crisis-200408/

The coronavirus pandemic has drastically changed the lives of hundreds of millions of people around the world.

In every continent, local governments have imposed restrictive measures, urging people to stay inside as much as possible.

As a result of these restrictions, Internet traffic has gone up. More people are working from home over remote connections while others pass the time by looking for online news and entertainment.

Traffic to several legal streaming services has gone up significantly. YouTube, in particular, has gained a lot of traffic. In March, traffic management company Sandvine reported a global 10% increase in traffic to the streaming site, which helped it surpass Netflix for the first time.

The effects of the Covid-19 crisis are not limited to legal entertainment consumption, however. A few weeks ago we already signaled that interest in pirate sites had gone up in regions where a lockdown had been imposed. Using a variety of data sources, we can now show that piracy and file-sharing traffic is impacted around the world.

We start with China, where the virus impacted daily life first. Mid-January the new coronavirus started to make headlines and on January 23, 2020, authorities in Wuhan announced a quarantine and prevented travel in and out of the region. In the days that followed, more restrictions followed in China.

Looking at the number of Chinese visitors to pirate sites, from December to the end of February, we see that these measures had a clear impact. The data in question come from piracy tracking from MUSO and were kindly shared with TorrentFreak.

The graph below shows that a sharp increase in pirate site visits started on January 24, reaching a peak on the 27th. Pirate site traffic started to drop off a bit after that, but at the end of February, it was still roughly 20% more than before the Coronavirus measures started.

Chinese pirate site visits

While MUSO’s data are valuable, they only run to the end of February, while the measures in most other countries started around mid-March.

To cover the global trend we, therefore, obtained the number of daily BitTorrent downloads, as measured by iknowwhatyoudownload.com. This service tracks millions of files that are available on public torrent sites, including The Pirate Bay and YTS.

The worldwide torrent download estimates show a clear increase from March 6 to April 6. They started off by hovering around 12 million daily recorded downloads and went up to 16 million a month later, which is a 33% increase.

Tracked torrent downloads worldwide

This spike is also visible at the torrent tracker level. The operator of OpenTrackr.org, a widely used content-neutral tracker, informs us that he sees an uptick in the total number of connections as well as the number of connected peers.

OpenTrackr.org recently implemented a technical change, which makes it hard to compare numbers over a longer period of time. However, the number of connected peers were increasing both before and after the change.

As shown below, between March 31 and April 6, the peer count went up from little over 24 million to more than 26 million during the daily peak.

Peer count on OpenTrackr

The data presented throughout this article clearly suggest that the coronavirus outbreak is increasing piracy and file-sharing traffic. This is visible on a global level, but we expect the country-specific trends to be even more pronounced.

We are still processing some additional data to shed some more light on local trends and hope to highlight these in a future article.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Russia Wants New Fines For Platforms That Don’t Remove Pirated Content Fast Enough

Post Syndicated from Andy original https://torrentfreak.com/russia-wants-new-fines-for-platforms-that-dont-remove-pirated-content-fast-enough-200408/

Given Russia’s historically weak response to the availability of pirated content online, the past seven years have seen a dramatic turnaround.

While the laws of the United States, Russia’s most vocal critic, have remained largely static, Russia implemented new anti-piracy legislation in 2013 and has continually updated it. One of its major weapons is an expedited process to force platforms to remove content or face permanent blocking by ISPs.

Under the current system and following a request by copyright holders, telecoms watchdog Roscomnadzor can order platforms and hosts to remove or block access to pirated content. This action must be taken three days after a related court process and can result in fines of 700,000 rubles (US$9,240) or up to 3,000,000 rubles (US$39,600) for repeat offenders. However, some targets are not responsive enough, or responsive at all, so the government plans to make that a more costly option.

According to a regulation filing spotted by Kommersant, the Ministry of Culture wants to address these issues with amendments to the law. The bills, precise details of which are yet to be revealed by the government, are tweaks to the Code of Administrative Offenses. They propose new fines for failure to comply with the instructions of Roscomnadzor to remove content and a reduction of the window of opportunity to remove content following a request.

In comments made by a representative from the Ministry, Russia’s anti-piracy legislation needs to be tightened up, with the department citing the length of the legal procedure to have content blocked as a concern. The issue of extrajudicial processes against anonymous site owners will also need to be addressed, since by their very nature they tend to be less responsive. Kommersant sources describe violations following Roscomnadzor’s orders as “frequent”.

At this stage there is no detail on the scale of any new fines, nor is the government providing an indication on how quickly content should be removed in the future. Furthermore, while legitimate platforms can probably be forced to act more quickly, ‘pirate’ sites likely won’t respond as required and won’t be responsive to fines, critics say.

“How can a pirate who is hiding his legal entity and identity be fined?” questioned one Kommersant source. Nevertheless, industry players are hoping that should new fines be introduced, they will be of a magnitude to act as a real deterrent against non-compliance.

The government has already penciled in a date of December 20, 2020, for the new amendments to come into force, so more detail should become available in the weeks to come. Whether they will have the desired effect will remain to be seen. In the meantime, however, the anti-piracy memorandum continues in the background.

The actions of the major companies party to the agreement don’t render content inaccessible at the source but according to recent reports, they are having considerable success in making pirated material harder to find in search engines.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Company Registers YTS and Popcorn Time Trademarks to Promote Legal Streaming

Post Syndicated from Ernesto original https://torrentfreak.com/company-registers-yts-and-popcorn-time-trademarks-to-promote-legal-streaming-200407/

Copyright holders can take a wide variety of measures to address piracy, with some being more effective than others.

Hawaiian attorney Kerry Culpepper has tried different approaches. Given his profession, most of these take place in the legal realm.

That includes lawsuits against downloaders and owners of well-known pirate sites and apps, including YTS, MKVcage, Cotomovies, Popcorn Time, and Showbox. These actions have resulted in some successes, with sites and apps shutting down or paying thousands of dollars in settlements.

However, the piracy problem isn’t easy to defeat. This is why Culpepper recently added another option to his anti-piracy toolbox. Through the recently incorporate Hawaiian company 42 Ventures, he helped to register several piracy-related trademarks.

The current trademark portfolio of the company includes the popular brands “YTS,” “Popcorn Time,” and “Terrarium.” In addition, 42 Ventures also claimed the trademark for the Showbox arrow logo.

All trademarks are registered under the same description, “downloadable computer software for downloading and streaming multimedia content images, videos and audio.” The same description also applies to the pirate sites and apps.

The fact that one of the most prolific anti-piracy lawyers is connected to these trademarks, opens the door to new enforcement options. That also appears to be the goal here.

For example, just a few days ago, a popular Popcorn Time fork had its Twitter account suspended, following a trademark claim. The Popcorn Time Facebook page was also taken down, possibly following a similar complaint.

TorrentFreak spoke to Culpepper, who confirmed that 42 Ventures is actively enforcing its trademarks. According to the lawyer, the company’s ultimate goal is to promote legal streaming.

“42 has partnered with various content providers to deliver a platform of LEGAL streaming media. One or more of these providers have been providing content since 2009 under same or related trademark,” Culpepper writes.

“42 greatly values its Intellectual Property and has taken steps to protect its valuable rights and will continue to do so in the future,” he adds.

The trademarks were only recently registered which brings up the issue of prior use. Popcorn Time, Terrarium, and YTS have been using their brands for years, and could technically object to any enforcement efforts.

42 Ventures, however, stresses that it has its own legal “Popcorn Time” website at Popcorntime4u.com, which links to content from the YouTube channel Popcorned Planet.

The Popcorn Planet channel is operated by Andy Signore who’s also known as the creator of the popular YouTube channel Screen Junkies. This may also explain why 42 Ventures registered the trademarks for “Movies Fights” and “Honest Trailers,” which are titles of shows that are linked to Screen Junkies and Popcorned Planet.

TorrentFreak reached out to Popcorned Planet for a comment on the matter but, at the time of writing, we have yet to hear back.

With the trademarks in hand, 42 Ventures has been successful in shutting down some piracy-related social media channels. In addition, it resolved some issues privately behind closed doors. The company isn’t officially operated by a copyright holder, but part of its goal is to prevent piracy.

Interestingly, this isn’t the first time a third-party has registered a Popcorn Time trademark for enforcement purposes. A few years ago movie distributor Dutch Filmworks registered Popcorn Time’s logo and word trademarks at the Benelux Office for Intellectual Property. As far as we know, these haven’t been actively enforced.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Movie Company Boss Urges US Senators to Make Streaming Piracy a Felony

Post Syndicated from Ernesto original https://torrentfreak.com/movie-company-boss-urges-us-senators-to-make-streaming-piracy-a-felony-200406/

The Senate Judiciary Subcommittee on Intellectual Property is actively looking for options through which the US can better address online piracy.

During a hearing last month, various experts voiced their opinions. They specifically addressed measures taken by other countries and whether these could work in the US, or not.

Pirate site blocking and upload filtering emerged as the main topics during this hearing. While pros and cons were discussed, movie industry insiders including Millennium Media co-president Jonathan Yunger framed these measures as attainable and effective.

After the hearing, senators asked various follow-up questions on paper. Last week we reported how former MEP Julia Reda answered these by stressing the importance of affordable legal options. Yunger, however, takes another approach.

In his answers, which were published before the weekend, he reiterates the power of website blocking. In addition, Yunger also brings a second, previously unmentioned issue to the forefront: criminal penalties for streaming piracy.

“The second thing that we could easily do in the United States is close the legal loophole that currently allows streaming – which accounts for the vast majority of piracy today – to be treated as a misdemeanor rather than a felony,” Yunger writes.

Under US law, streaming and downloading piracy are seen as two different offenses. Not just from a technical point of view, but also in the way they are punished. Streaming is seen as a misdemeanor, with a maximum penalty of one year in prison, while other forms are a felony, which can lead to five years of jail time.

Lawmakers tried to change this with the Commercial Felony Streaming Act in 2011, and later with the SOPA and PIPA bills. These bills all failed and as a result the gap between streaming and traditional file-sharing remains today.

In his answers, Yunger notes that ‘this loophole’ was completely accidental as streaming wasn’t a thing yet when the DMCA was enacted. Putting it on par with other forms of piracy would greatly help to address the streaming piracy problem.

“If we could make this adjustment to the law, it would effectively shut down a cottage criminal industry of websites, app developers, and set top box sellers in America who are profiting enormously from illegal streams of movies, television shows, and live events,” Yunger notes.

“These streaming services are an existential threat to our industry. Both the Department of Justice and the Copyright Office have recognized this threat to creativity and the American economy and have supported this change to the law,” he adds.

Millennium Media’s co-president says that there are dozens, if not hundreds, of Americans who’ve made a business out of criminal streaming. This isn’t a surprise for the Department of Justice. However, it’s harder to effectively prosecute these people under current law.

“We must change existing law to create a more powerful deterrent for Americans to engage in streaming piracy, and to allow the DoJ to prosecute these criminals who are engaged in massive levels of infringement with the same felony penalties that apply to illegal downloading and distribution,” Yunger notes.

These comments are not entirely new. Several copyright holders and industry groups have argued the same in recent years. Thus far, this hasn’t resulted in any legislative changes, but it looks like pressure is building.

In a way, it feels like history is repeating itself. Almost ten years ago, the same arguments were being made. At the time, website blocking and felony steaming made their way into concrete bills. These were eventually ‘shelved’ after massive public protests, but according to Yunger and others, it might be a good idea to reintroduce them, perhaps in a more modern form.

A copy of Jonathan Yunger’s full responses to the Senator’s questions is available here (pdf).

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

uTorrent is the Most Used BitTorrent Client By Far

Post Syndicated from Ernesto original https://torrentfreak.com/utorrent-is-the-most-used-bittorrent-client-by-far-200405/

The file-sharing landscape has changed dramatically over the past decade. To a certain degree, this is also true for the BitTorrent ecosystem.

Popular sites such as KickassTorrents. Torrentz.eu, and ExtraTorrent are no more, and the original YTS and EZTV groups have been long disappeared as well.

While sites have come and gone, there’s still one torrent client that the public at large prefers. When we last looked at the market share of BitTorrent clients, more than ten years ago now, uTorrent was already firmly in the lead. Today, this is no different.

With help from iknowwhatyoudownload we looked at over 25 million logged BitTorrent connections on a single day last week. This reveals that more than two-thirds (68.6%) of these were using uTorrent’s desktop version.

The vast majority of these users were updated to the most recent 3.5.5 release, but dozens of older versions are in use as well. Although no longer officially supported, there are also hundreds of thousands of people who still use uTorrent for Mac.

The most popular Mac client, however, appears to be Transmission. This is a notable change compared to a decade ago when its market share was much lower. Although Transmission also has a beta Windows release, that userbase is believed to be relatively small.

Below is an overview of all software with at least 0.1% market share* which translates to roughly 25,000 logged connections.

BitTorrent Client Market Share, March 2020
RankingClientMarket Share
torrentfreak.com
1uTorrent68.6%
2BitTorrent6.6%
3Libtorrent (uTorrent Web e.a.)6.3%
4Transmission5.1%
5MediaGet3.7%
6qBitTorrent3.4%
7Zona3.3%
8Deluge0.9%
9Bitcomet0.6%
10BiglyBT0.3%
11FDM0.2%
12BitSpirit0.2%
13BitLord0.1%

The table shows more good news for uTorrent’s parent company BitTorrent Inc., as the Mainline BitTorrent client takes second place with 6.6%. This client has a different name but is developed by the same company. It’s also pretty much identical to uTorrent in terms of code and features.

Aside from the sheer dominance of uTorrent, the appearance of Libtorrent also stands out. Although very popular, this is not a torrent client but a library that is used by a wide variety of torrent applications.

The most-used Libtorrent version is 1.2.2.0. Some follow up research revealed that this is used by the latest version of uTorrent Web. Instead of its own ‘client ID,’ the latest web version of uTorrent, which is being pushed as the main option now, identifies as Libtorrent. This means that uTorrent’s market share is even higher than the reported 69%.

Other surprising entries in the list of most-used clients are Zona and MediaGet. Both applications offer downloading and streaming functionality with an easy-to-use interface. While they are available in English, their userbases are mainly from Russia.

The list is further completed by qBitTorrent, Deluge, Free Download Manager (FDM), and BiglyBT. The latter is operated by former developers of Vuze, which was the second most-used torrent client ten years ago, but is no longer actively developed.

Other clients that were found in our sample but didn’t make the 0.1% cut are Tribler, Frostwire, Tixati, tTorrent, aTorrent, and PicoTorrent. These may still have thousands of active users on any given day, but their use pales in comparison to the top clients.

That is also true for Popcorn Time, which generated quite a bit of press attention over the years. None of the Popcorn Time forks, which identity as ‘webtorrent,’ were anywhere close to the top of the list.

The Popcorn Time observation also highlights an important caveat. The data presented here represents clients from users who are actively sharing files. If a client, such as Popcorn Time, stops seeding after a movie is done, it will no longer be logged in the following days. As such, clients used by people who continue to seed files may be somewhat overrepresented.

We are planning to repeat these and similar analyses more frequently in the future, so we can spot more trends. However, it’s quite clear that uTorrent is not going to give up its top spot anytime soon.

*BitTorrent clients are identified through the ‘client ID’ which is publicly broadcasted to trackers and over DHT. The totals reported here are based on a sample of the client IDs with at least 10,000 connections. After that, different versions of the same client were added up.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Accused Pirate Walks Free After Bank Statements Show he Was Not at Home

Post Syndicated from Ernesto original https://torrentfreak.com/accused-pirate-walks-free-after-bank-statements-show-he-was-not-at-home-200404/

In recent years, millions of file-sharers all over the world have been pressed to pay hefty settlement fees, or face their day in court.

The process was pioneered in Germany where it turned into an industry in itself, and copyright holders later went after alleged pirates in the US, Canada, the UK, Sweden and elsewhere.

These so-called “copyright trolls” are also active in Denmark. While some ISPs have protested what they describe as ‘mafia-like‘ practices, well over 150,000 Internet subscribers are believed to have been targeted. A massive number, for a population of fewer than six million people.

While a large percentage of the targeted users choose to settle, some cases are litigated. In court, the judgments can vary quite a bit. When defendants have a secured Wifi network they can be held liable, but the Copenhagen City Court recently dismissed all claims against an accused pirate, despite having a secure WiFi connection.

The man, who was a student living in Odense at the time of the offense, was sued by a movie company. The name of the company is redacted in court records but the defendant stood accused of sharing a pirated film from his IP-address during the summer of 2015.

More than two years later, the movie company sent the suspected pirate a letter requesting a settlement. However, the man denied the allegations, after which the matter made its way to court.

Since the evidence showed that the pirated movie was indeed linked to the defendant’s IP-address on a properly secured network, the movie company thought it had a strong case. However, the defendant continued to deny the allegations and presented some strong counter-evidence in return.

Although his memory of that day, years ago, wasn’t crystal clear, bank records showed that the man used his payment card at 7:59 PM, roughly 160 kilometers from his home, while the download was logged at 6:39 PM.

Based on the evidence, as well as the defendant’s testimony that he took his computer with him, the Copenhagen City Court agreed that he was probably not at home when the offense was logged. Although it’s not indisputable, the court found it unlikely that the man shared the movie himself.

“The court finds that the defendant [through the bank records] and his explanation that he had his computer with him, has shown concrete circumstances that with great certainty exclude the possibility that he himself was present at the address, or via his computer, picked up the movie at the address while he was not at home.

“The defendant hereby disproves the presumption that he himself shared or downloaded the movie at the time, which is why the case is dismissed,” the Copenhagen City Court adds.

The ruling will add to the growing list of jurisprudence in the piracy realm. As mentioned by Lexology, several file-sharing cases in Denmark are currently on hold, pending judgments from the Eastern High Court, which is likely to further clarify when account holders can be held liable.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Russia Pirate Sites Dump 1XBET in Favor of Identical Yet Legal 1XStavka

Post Syndicated from Andy original https://torrentfreak.com/russia-pirate-sites-dump-1xbet-in-favor-of-identical-yet-legal-1xstavka-200404/

Since 2018, pirates around the world have become familiarized with the term ‘1XBET’.

Included in the titles of thousands of pirate video filenames and advertised on dozens of pirate sites, the Russia-based gambling company has been controversial, if nothing else.

In a report published last year by research company Mediascope, the scale of 1XBET’s advertising budget became even more apparent. While Google and PepsiCo took first and second places in a study charting online advertising spend in Russia, 1XBET came in third, ahead of food giant Danone and even Universal Pictures.

Mediascope has just published the results of its latest research which reveals yet another interesting development. 1XBET is no longer one of the most prolific online advertisers, far from it in fact. With PepsiCo taking the top sport, gambling platform 1XBET, which is illegal in Russia, has plummeted to 20th place.

Mediascope data (credit: RBC)

Obtained by RBC, the study reveals that despite not holding licenses with Russia’s Federal Tax Service, 1XBET sharply increased its advertising activity in early 2019. However, as the year progressed, the platform took its foot off the gas, dropping out of the top 10 and putting it at imminent risk of disappearing from the top 20.

While this development in isolation might have been welcomed by anti-piracy groups, there is a twist to the story. Leaping into the top six online advertisers in Russia is 1XStavka, a platform that is not only legal (it has licenses from the Tax Service) but is visually identical to 1XBET.

Only adding to the problem is that 1XStavka is now advertising on pirate sites and according to Alexei Byrdin of anti-piracy group Internet Video Association, that’s proving more profitable for them. It’s also making enforcement more difficult.

Byrdin told RBC that dealing with 1XStavka is a safer option than dealing with 1XBET because the latter is effectively banned in Russia. When a gambling platform is unlicensed, the Tax Service and telecoms watchdog Roscomnadzor can quickly restrict access – not only to the service itself but also locations where it’s advertised.

This means after filling out a simple form, the Internet Video Association (IVA) can get sites blocked easily, something they did to tackle 1XBET and its ads during the course of 2019. Since 1XStavka is licensed, however, the process becomes more difficult, even though by advertising on pirate content the company is still be breaking the law.

This leaves only the standard mechanism to have pirate sites blocked, i.e through legal action in the Moscow City Court or via the search engine deindexing measures available as part of the active anti-piracy memorandum, options currently pursued by IVA.

Finally, the report also notes a massive decrease in advertising by another known sponsor of piracy, Azino 777. In 2018, the gambling site was the top online advertiser in the region but this time around only managed 24th place.

As a result, Mediascope’s latest report concludes that despite 1XStravka’s links to ads on pirate sites, the top 10 online advertisers are all currently legal.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

RIAA Declares “Victory” in Megaupload Case Despite Not Having a Trial

Post Syndicated from Andy original https://torrentfreak.com/riaa-declares-victory-in-megaupload-case-despite-not-having-a-trial-200403/

Mention the word ‘Limewire’ to today’s file-sharers, downloaders, or streamers, and you’ll probably get a vacant stare in response. After being handed a massive defeat at the hands of the RIAA in 2010, it’s now viewed as old technology, a redundant cassette tape in a brand new hi-tech world.

But if a decade seems like a long time for a technology like Limewire, spare a thought for Megaupload. In a few months’ time, the shutdown of the site at the hands of US and New Zealand authorities (assisted by the MPAA and RIAA, of course) will be less than a year away from its own tenth anniversary.

Only a gambling man would dare to predict when or even if the multiple cases against Dotcom will ever be concluded but for chairman and RIAA CEO Mitch Glazier, none of that seems to be as crucial as it once was.

In an interview just published by Rolling Stone, Glazier recalls his time at the RIAA, covering a wide range of topics affecting the industry. In respect of copyright and piracy issues, he effectively declares victory over the German-born entrepreneur.

“We have had some huge significant victories along the way,” he told Rolling Stone.

“Going to the Supreme Court to show that music is protected online; winning that case against Kim Dotcom and the cyberlocker world to deter future Kim Dotcoms from doing the same thing.”

The statement is interesting on a number of fronts. Firstly, it’s important to note that Kim Dotcom has yet to set foot in a US court to face not only a criminal action by the US Government but also civil suits filed by Hollywood and the music industry, headed by the RIAA.

That, of course, is entirely down to the Megaupload founder. He’s been fighting tooth and nail to avoid extradition to the United States and with decades in prison on the table, who wouldn’t?

Nevertheless, a court-stamped victory in any of these procedures remains on the distant horizon. As reported last week, the cases filed by the RIAA and MPAA have been on hold for years and have just been delayed for another six months.

So, from a technical perspective at least, the RIAA hasn’t had the pleasure of “winning the case against Kim Dotcom”. However, not all victories are achieved in court. In fact, ‘gone to trial and received a verdict’ affects a tiny minority.

If the aim of the action was to destroy Megaupload, that has been achieved in no uncertain terms. Within minutes of the launch of the operation, the file-hosting site was brought to its knees and, shortly after, there was little left but a mountain of servers gathering dust. This, of course, could be the significant victory Glazier was talking about.

And there are other matters too. The deterrent effect of the Megaupload raid was considerable and in the wake of its demise, other large file-sharing sites closed down. No one really knows how many other developers changed course as a result but it wouldn’t be a surprise if ‘many’ was the answer.

Nevertheless, just a year later Dotcom launched Mega, a massive file-sharing site that is still going strong today, albeit not under his control. Given the way Mega operates, it’s unlikely it could ever be tackled in the same way as Megaupload was. In many respects, its formation was guided by the case against Megaupload, which effectively handed the platform a guidebook on how not to fall foul of the law.

As the years have ticked by since the destruction of Megaupload, the acquisition of free music hasn’t sat still. In common with many types of piracy, it continues today and presents new challenges for those seeking to mitigate its effects. While file-hosting services still provide a threat, it’s more likely these days for the RIAA to be tackling sites that help users to obtain content for free from legitimate sources like YouTube.

“Now in the stream-ripping world, we are trying to figure out from an anti-circumvention point of view how to stop somebody hacking into YouTube’s system,” Glazier explains.

This is a clear reference to so-called YouTube-ripping sites, that allow music fans to download rather than stream content. The RIAA is in a battle with these platforms using a mix of direct legal action and the sending of large volumes of DMCA anti-circumvention notices. The latter might be proving an irritant to ripping platforms but they are not being put out of business.

Interestingly, Glazier hints that the anti-circumvention notice approach, which results in URLs of stream-ripping sites being permanently delisted from Google, may have in part been prompted by issues with the RIAA’s distribution platforms, the largest of which is YouTube.

“[T]he resources required to stop [stream-ripping] create tension between us and our licensing partners, so we have to see if we can address the issue through search or some other means. The brainstorm has been ever-changing,” he reveals.

But while there are always new challenges, some things never change. Pre-release leaks are a major source of distress to the record labels and Glazier says that these “emergencies” always keep him on his toes.

“If an artist has an album coming out and it goes up on a site before that, our job is to work with the other groups around the world — 24/7, 365 days a year — to get that down so the artist can receive the benefit of the release of their product,” he says.

Leaks apparently appear in Glazier’s email marked with a “little red flag” alongside what appears to be an action plan. Given the global reach of the labels, mitigation may start off in one time zone and then shift to another, to ensure that anti-piracy personnel are on the case around the clock. And that helps to blur the lines between Glazier’s working and social life too.

“[E]very 20 minutes there will be another ping from the label: ‘Is it down yet? Is it down yet? Is it down yet?’ Because the artist is saying to the label: ‘Is it down yet? Is it down yet? Is it down yet?’,” he explains.

“It’s always emergencies at the weekend. It’s just Murphy’s Law.”

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Bulgaria Plans to Take Down Top Torrent Sites, with U.S. Assistance

Post Syndicated from Ernesto original https://torrentfreak.com/bulgaria-plans-to-take-down-top-torrent-sites-with-u-s-assistance-200403/

Last year, Bulgarian authorities carried out several sting operations to take down key players in the IPTV piracy ecosystem. It also provided key assistance in the police action against Xtream Codes.

The country’s increased efforts to protect copyright holders haven’t gone unnoticed in the United States. The U.S. Trade Representative (USTR) previously removed Bulgaria from their ‘Special 301 Watch List’ and the country hopes to keep it that way.

This week, TorrentFreak obtained a transcript from the most recent hearing on the 2020 Special 301 review. The Government of Bulgaria also sent a representative to the meeting, Ivo Konstantinov, who informed the USTR about the country’s continued progress.

In addition to mentioning IPTV sting operations and legislative developments, Konstantinov stressed that more work has to be done. Specifically, Bulgaria is working on shutting down several major torrent sites with help from U.S. law enforcement.

“Most important of all, the elephant in our room are two of the largest torrent tracking servers that are operating in our country, whose servers are outside of the country,” Bulgaria’s representative said.

“[O]ur National Police and Combat Organized Crime Unit is preparing requests for legal assistance from the U.S. side to deface them and take them down from their host services, which are here in the United States.”

Konstantinov informed the USTR that “this is coming.” No concrete dates were given but the authorities are also working on indictments, which suggests that criminal prosecutions may follow as well.

During the hearing, no websites were mentioned. However, we managed to track down several USTR filings from earlier this year which identify the two trackers as Zamunda.net and ArenaBG. Both sites are among the top 25 most-visited websites in Bulgaria.

In one document the Bulgarian Government states that it intends to “terminate the activities of the Zamunda and Arena.bg torrent trackers,” adding that “5 pre-trial proceedings were opened” for “intellectual property and tax crimes.”

Bulgaria states that U.S. assistance is required as the sites in question use American services. This includes their domain names. Zamunda currently has a .net domain and ArenaBG operates from a .com domain, for example. Both are maintained by Verisign, which is based in the US.

The domains can also be targeted by going to ICANN, which oversees the entire domain name ecosystem. This route is also covered, as the Bulgarian Prosecutor’s Office and the Organized Crime Unit will request ICANN to withdraw the associated domain names.

Yet more pieces of the puzzle fell into place when we stumbled upon another document the Bulgarian Government sent to the USTR. This shows that the U.S. Department of Justice is already actively involved and that more sites are being targeted.

The document references a business trip Bulgarian representatives made to the US last October. These officials met with US law enforcement and businesses, discussing potential anti-piracy actions.

These actions include domain seizures relating to four websites. The aforementioned Zamunda.net and ArenaBG.com, but also Zelka.org and RarBG.to. The latter is a major target, as it’s one of the most-used torrent sites worldwide.

During the trip, Matthew Lamberti from the US Department of Justice agreed to help, under the mutual legal assistance treaty, to seize the associated domain names.

“During the meeting with Mat Lamberti an agreement was reached that an MLAT will be sent by our country, regarding initiated pre-trials concerning four torrent trackers – with the aim of seizing domains, registered in the USA,” the document reads.

If all goes well, Bulgaria will also enlist assistance from other countries to seize any other associated domain names, including mirrors.

“If the planned procedure is successful and the domains are seized, our country intends to send the MPP to the other countries where the mirror domains of the above are registered.”

Bulgaria also mentioned that Cloudflare, a US-based company, is used by most of the top torrent sites in the world. The sites use the CDN provider to “conceal the actual location” of these “criminalized Internet resources.”

During the USTR meeting in Washington, Konstantinov mentioned that Cloudflare is cooperative as it helps to identify the sites’ true hosting locations. It’s now up to Bulgaria and the US to get the paperwork sorted, so domain names and possibly servers can be seized and shut down, he added.

The documents are remarkable, as they lay out in detail how Bulgaria and the US are working together to try and take down several top torrent sites. All the quotes and references, while not easy to find, have been made public by the USTR itself.

In some instances, the paperwork refers to ‘Arena.bg’ and ‘Rar.bg’ instead of ArenaBG.com and RarBG.to. While that’s confusing, the latter two are the largest sites by far and likely the main targets.

Finally, it’s interesting to note that, in this case, Bulgaria needs assistance from the US to shut target popular pirate sites. Especially, when taking into account that the US frequently points to lacking enforcement actions in other countries.

All in all, we can say that the documents clearly lay out the playbook to target the four torrent sites, but thus far, all targets are still operating as usual.

The transcript from the USTR hearing is available here (pdf) and the additional documents that were sent to the USTR can be found here (pdf) and here (pdf).

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Simplified Time-Series Analysis with Amazon CloudWatch Contributor Insights

Post Syndicated from Steve Roberts original https://aws.amazon.com/blogs/aws/simplified-time-series-analysis-with-amazon-cloudwatch-contributor-insights/

Inspecting multiple log groups and log streams can make it more difficult and time consuming to analyze and diagnose the impact of an issue in real time. What customers are affected? How badly? Are some affected more than others, or are outliers? Perhaps you performed deployment of an update using a staged rollout strategy and now want to know if any customers have hit issues or if everything is behaving as expected for the target customers before continuing further. All of the data points to help answer these questions is potentially buried in a mass of logs which engineers query to get ad-hoc measurements, or build and maintain custom dashboards to help track.

Amazon CloudWatch Contributor Insights, generally available today, is a new feature to help simplify analysis of Top-N contributors to time-series data in CloudWatch Logs that can help you more quickly understand who or what is impacting system and application performance, in real-time, at scale. This saves you time during an operational problem by helping you understand what is contributing to the operational issue and who or what is most affected. Amazon CloudWatch Contributor Insights can also help with ongoing analysis for system and business optimization by easily surfacing outliers, performance bottlenecks, top customers, or top utilized resources, all at a glance. In addition to logs, Amazon CloudWatch Contributor Insights can also be used with other products in the CloudWatch portfolio, including Metrics and Alarms.

Amazon CloudWatch Contributor Insights can analyze structured logs in either JSON or Common Log Format (CLF). Log data can be sourced from Amazon Elastic Compute Cloud (EC2) instances, AWS CloudTrail, Amazon Route 53, Apache Access and Error Logs, Amazon Virtual Private Cloud (VPC) Flow Logs, AWS Lambda Logs, and Amazon API Gateway Logs. You also have the choice of using structured logs published directly to CloudWatch, or using the CloudWatch Agent. Amazon CloudWatch Contributor Insights will evaluate these log events in real-time and display reports that show the top contributors and number of unique contributors in a dataset. A contributor is an aggregate metric based on dimensions contained as log fields in CloudWatch Logs, for example account-id, or interface-id in Amazon Virtual Private Cloud Flow Logs, or any other custom set of dimensions. You can sort and filter contributor data based on your own custom criteria. Report data from Amazon CloudWatch Contributor Insights can be displayed on CloudWatch dashboards, graphed alongside CloudWatch metrics, and added to CloudWatch alarms. For example customers can graph values from two Amazon CloudWatch Contributor Insights reports into a single metric describing the percentage of customers impacted by faults, and configure alarms to alert when this percentage breaches pre-defined thresholds.

Getting Started with Amazon CloudWatch Contributor Insights
To use Amazon CloudWatch Contributor Insights I simply need to define one or more rules. A rule is simply a snippet of data that defines what contextual data to extract for metrics reported from CloudWatch Logs. To configure a rule to identify the top contributors for a specific metric I supply three items of data – the log group (or groups), the dimensions for which the top contributors are evaluated, and filters to narrow down those top contributors. To do this, I head to the Amazon CloudWatch console dashboard and select Contributor Insights from the left-hand navigation links. This takes me to the Amazon CloudWatch Contributor Insights home where I can click Create a rule to get started.

To get started quickly, I can select from a library of sample rules for various services that send logs to CloudWatch Logs. You can see above that there are currently a variety of sample rules for Amazon API Gateway, Amazon Route 53 Query Logs, Amazon Virtual Private Cloud Flow Logs, and logs for container services. Alternatively, I can define my own rules, as I’ll do in the rest of this post.

Let’s say I have a deployed application that is publishing structured log data in JSON format directly to CloudWatch Logs. This application has two API versions, one that has been used for some time and is considered stable, and a second that I have just started to roll out to my customers. I want to know as early as possible if anyone who has received the new version, targeting the new api, is receiving any faults and how many faults are being triggered. My stable api version is sending log data to one log group and my new version is using a different group, so I need to monitor multiple log groups (since I also want to know if anyone is experiencing any error, regardless of version).

The JSON to define my rule, to report on 500 errors coming from any of my APIs, and to use account ID, HTTP method, and resource path as dimensions, is shown below.

{
  "Schema": {
    "Name": "CloudWatchLogRule",
    "Version": 1
  },
  "AggregateOn": "Count",
  "Contribution": {
    "Filters": [
      {
        "Match": "$.status",
        "EqualTo": 500
      }
    ],
    "Keys": [
      "$.accountId",
      "$.httpMethod",
      "$.resourcePath"
    ]
  },
  "LogFormat": "JSON",
  "LogGroupNames": [
    "MyApplicationLogsV*"
  ]
}

I can set up my rule using either the Wizard tab, or I can paste the JSON above into the Rule body field on the Syntax tab. Even though I have the JSON above, I’ll show using the Wizard tab in this post and you can see the completed fields below. When selecting log groups I can either select them from the drop down, if they already exist, or I can use wildcard syntax in the Select by prefix match option (MyApplicationLogsV* for example).

Clicking Create saves the new rule and makes it immediately start processing and analyzing data (unless I elect to create it in disabled state of course). Note that Amazon CloudWatch Contributor Insights processes new log data created once the rule is active, it does not perform historical inspection, so I need to build rules for operational scenarios that I anticipate happening in future.

With the rule in place I need to start generating some log data! To do that I’m going to use a script, written using the AWS Tools for PowerShell, to simulate my deployed application being invoked by a set of customers. Of those customers, a select few (let’s call them the unfortunate ones) will be directed to the new API version which will randomly fail on HTTP POST requests. Customers using the old API version will always succeed. The script, which runs for 5000 iterations, is shown below. The cmdlets being used to work with CloudWatch Logs are the ones with CWL in the name, for example Write-CWLLogEvent.

# Set up some random customer ids, and select a third of them to be our unfortunates
# who will experience random errors due to a bad api update being shipped!
$allCustomerIds = @( 1..15 | % { Get-Random })
$faultingIds = $allCustomerIds | Get-Random -Count 5

# Setup some log groups
$group1 = 'MyApplicationLogsV1'
$group2 = 'MyApplicationLogsV2'
$stream = "MyApplicationLogStream"

# When writing to a log stream we need to specify a sequencing token
$group1Sequence = $null
$group2Sequence = $null

$group1, $group2 | % {
    if (!(Get-CWLLogGroup -LogGroupName $_)) {
        New-CWLLogGroup -LogGroupName $_
        New-CWLLogStream -LogGroupName $_ -LogStreamName $stream
    } else {
        # When the log group and stream exist, we need to seed the sequence token to
        # the next expected value
        $logstream = Get-CWLLogStream -LogGroupName $_ -LogStreamName $stream
        $token = $logstream.UploadSequenceToken
        if ($_ -eq $group1) {
            $group1Sequence = $token
        } else {
            $group2Sequence = $token
        }
    }
}

# generate some log data with random failures for the subset of customers
1..5000 | % {

    Write-Host "Log event iteration $_" # just so we know where we are progress-wise

    $customerId = Get-Random $allCustomerIds

    # first select whether the user called the v1 or the v2 api
    $useV2Api = ((Get-Random) % 2 -eq 1)
    if ($useV2Api) {
        $resourcePath = '/api/v2/some/resource/path/'
        $targetLogGroup = $group2
        $nextToken = $group2Sequence
    } else {
        $resourcePath = '/api/v1/some/resource/path/'
        $targetLogGroup = $group1
        $nextToken = $group1Sequence
    }

    # now select whether they failed or not. GET requests for all customers on
    # all api paths succeed. POST requests to the v2 api fail for a subset of
    # customers.
    $status = 200
    $errorMessage = ''
    if ((Get-Random) % 2 -eq 0) {
        $httpMethod = "GET"
    } else {
        $httpMethod = "POST"
        if ($useV2Api -And $faultingIds.Contains($customerId)) {
            $status = 500
            $errorMessage = 'Uh-oh, something went wrong...'
        }
    }

    # Write an event and gather the sequence token for the next event
    $nextToken = Write-CWLLogEvent -LogGroupName $targetLogGroup -LogStreamName $stream -SequenceToken $nextToken -LogEvent @{
        TimeStamp = [DateTime]::UtcNow
        Message = (ConvertTo-Json -Compress -InputObject @{
            requestId = [Guid]::NewGuid().ToString("D")
            httpMethod = $httpMethod
            resourcePath = $resourcePath
            status = $status
            protocol = "HTTP/1.1"
            accountId = $customerId
            errorMessage = $errorMessage
        })
    }

    if ($targetLogGroup -eq $group1) {
        $group1Sequence = $nextToken
    } else {
        $group2Sequence = $nextToken
    }

    Start-Sleep -Seconds 0.25
}

I start the script running, and with my rule enabled, I start to see failures show up in my graph. Below is a snapshot after several minutes of running the script. I can clearly see a subset of my simulated customers are having issues with HTTP POST requests to the new v2 API.

From the Actions pull down in the Rules panel, I could now go on to create a single metric from this report, describing the percentage of customers impacted by faults, and then configure an alarm on this metric to alert when this percentage breaches pre-defined thresholds.

For the sample scenario outlined here I would use the alarm to halt the rollout of the new API if it fired, preventing the impact spreading to additional customers, while investigation of what is behind the increased faults is performed. Details on how to set up metrics and alarms can be found in the user guide.

Amazon CloudWatch Contributor Insights is available now to users in all commercial AWS Regions, including China and GovCloud.

— Steve

‘YouTube is Not Required to Share Email and IP-Addresses of Movie Pirates’

Post Syndicated from Ernesto original https://torrentfreak.com/youtube-is-not-required-to-share-email-and-ip-addresses-of-movie-pirates-200402/

YouTube’s users upload millions of hours of videos every month. As with any user-generated content site, this also includes copyright-infringing content.

This abuse is a thorn in the side of some copyright holders. Although they can send takedown requests to remove pirated content, some companies want to go after the infringers.

This is what happened in Germany, where the local company “Constantin Film” went after three YouTube users. These account holders had uploaded copies of the movies “Scary Movie 5” or “Parker” without permission, which were then viewed thousands of times.

The movie company demanded that Google and YouTube should share the email addresses, IP-addresses, and phone numbers that were tied to these accounts and took the matter to a local court.

Initially, this request was turned down by the Frankfurt District Court, but the Higher Regional Court later ruled that YouTube should hand over the associated email addresses, but not the IP-addresses and phone numbers.

Neither party was happy with this outcome and the case was sent to Germany’s Federal Court of Justice for another ruling. Before making a final judgment, the German court sent some questions to the EU Court of Justice, asking for input on how to interpret EU law in this matter.

While both German and EU legislation grant copyright holders the right to know who the copyright infringer is, it’s not clear what information should be handed over. Article 8 of the EU Copyright Directive from 2004 doesn’t go any further than mentioning “names and addresses” without any further specification.

To clarify the position, Germany’s Federal Court asked whether the law should be interpreted in a way that also covers email addresses, phone numbers, and IP-addresses. In an advisory opinion released by EU Advocate General Henrik Saugmandsgaard Øe, this should not be the case.

The Advocate General believes that the ‘names’ and ‘addresses’ mentioned in Article 8 should be interpreted literally. In other words, it refers to the usual meaning in everyday language, which doesn’t cover email addresses, IP-addresses, and certainly not phone numbers.

“There is little doubt that, in everyday language, the concept of a person’s ‘address’, about which the referring court asks in particular, covers only the postal address, as YouTube and Google have rightly submitted,” Saugmandsgaard Øe writes.

The Advocate General understands that Constantin Film would like this language to be updated, so it also includes digital addresses, but he adds that this is something that lawmakers must address, not the court.

“Article 8(2) […] must be interpreted as meaning that the concept of ‘names and addresses’ set out in that provision does not cover, in respect of a user who has uploaded files which infringe intellectual property rights, the email address, the telephone number, the IP address used to upload those files or the IP address used when the user’s account was last accessed.

“Accordingly, the Member States are not obliged, under that provision, to provide for the possibility, for the competent judicial authorities, to order that that information be provided in the context of proceedings concerning an infringement of an intellectual property right.”

This means that, based on this opinion, Germany’s Federal court can order YouTube and Google to hand over the names and postal addresses of the uploaders, but not the emails, IP-addresses, and phone numbers.

The Advocate General’s advice is not binding. However, in most cases the recommendations are followed by the EU Court of Justice, which will likely issue its final verdict later this year.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

ETTV Moves to New Domain Name After Operator Goes Missing

Post Syndicated from Ernesto original https://torrentfreak.com/ettv-moves-to-new-domain-name-after-operator-goes-missing-200104/

Three years ago, the torrent community was hit hard when the popular torrent site ExtraTorrent suddenly shut its doors.

The site provided a safe harbor for millions of file-sharers and was also the birthing ground for several popular releasers and distribution groups. This includes ETTV, which is short for ExtraTorrent TV.

With its home gone, ETTV decided to carry on independently by launching its own website. Over the past years, this has grown out to become a medium-sized torrent site with a dedicated and vetted group of regular uploaders.

Although the site has operated as usual in recent months, behind the scenes staff faced a critical problem. The main ETTV operator who controlled the domains, servers, and ads, suddenly went missing.

TorrentFreak spoke to ETTV administrator ‘sidekickbob’ who informed us that the operator last logged in December last year. Around the same time, he also sent out an email telling the staffer that he had experienced health issues.

After almost four months had passed without an official word from the operator, ‘sidekickbob’ decided to step into action. The first step was to disable the ads since he had no control over them. Coincidence or not, two days later someone canceled the server.

The admin doesn’t believe that ETTV’s operator did this. However, someone clearly was responding, as the server that hosted the torrents was also canceled. After paying the bills, Sidekickbob was able to get the site’s server back, but for the time being ETTV will use magnet links only.

To guarantee that he retained full control, Sidekickbob then decided to switch to a new domain name, ETTVdl.com. While he has access to the registrar login of the other domains, as well as root access to the server, he wants to prevent a ‘third-party’ from taking over.

“I redirected all traffic from ettv.to,” sidekickbob tells us, adding that the other domains are set to expire later this year.

This domain change was also communicated in the forums, without any further background detail.

Unless the original operator reappears, the ‘new’ admin will also reinstate some ads so he can pay the bills. However, sidekickbob has no intention of steering the ship any longer than needed. He is currently looking for a trusted person to take the lead, or else he will shut it down.

“It’s all left to me, and if I don’t manage to ‘transfer’ it to somebody else I will eventually shut it down, most likely at the end of this year,” he says, adding that he doesn’t have enough time to manage the site himself.

This means that ETTV’s future is highly uncertain. In any case, the new admin doesn’t simply plan to sell the site to the highest bidder. If a third-party takes over, it has to be someone with a good track record and some experience

“Ultimately my intention is to sell it to somebody that wants to run the torrent site. Preferably somebody that has experience in running a medium traffic torrent site. I’m not going to give it to some random kids,” sidekickbob concludes.

Shutting down ETTV will certainly have an impact. While the site is not crucial, the ETTV and ETHD bots supply torrents to a wide variety of even more popular torrent sites. If these go down as well, it will surely be noticed.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

RIAA Denies ‘False Takedown’ Allegations, Asks Court to Dismiss Case

Post Syndicated from Ernesto original https://torrentfreak.com/riaa-denies-false-takedown-allegations-asks-court-to-dismiss-case-200331/

Earlier this year, popular hip-hop mixtape website and app Spinrilla filed a lawsuit against the RIAA.

Spinrilla accused the music industry group of sending false DMCA takedown notices that waste resources and harm the site’s goodwill and reputation.

“False takedown notices needlessly waste Spinrilla’s time, disrupts its personnel’s work and puts at risk for terminating a user as a ‘repeat infringer’ when in fact the user uploaded non-infringing content,” Spinrilla wrote.

Yesterday the RIAA responded to the complaint in court. In its filing, the music group reminds the court of the legal history between both parties, which are involved in a separate and ongoing copyright infringement lawsuit.

According to the RIAA, the original lawsuit has demonstrated Spinrilla’s “persistent and flagrant pattern of facilitating and encouraging massive copyright infringement.” The new case is “an obvious and baseless attempt” to draw the court’s attention away from this matter.

These references clearly set the tone but are irrelevant for the new case. However, the RIAA is convinced that Spinrilla’s false DMCA notice allegations are baseless so is asking the court to dismiss the case.

Spinrilla’s complaint only referenced one file that was falsely claimed, this mix, which allegedly infringed the copyrights for the Big Sean & Jhené Aiko track ‘2 Minute Warning.’ In its reply, RIAA explains that this wasn’t a false takedown notice.

According to the music group, Spinrilla doesn’t present any evidence that the RIAA knew that the contested audio file was not infringing. In addition, it says that the site fails to allege that the contested file was actually removed, as is required for such as claim.

“[The complaint] does not allege that Spinrilla ever removed or disabled access to the sole audio file it identifies, or that Spinrilla suffered injury as a result of removing or disabling access to the file,” RIAA writes.

In addition, Spinrilla’s allegation that the music group relies on a faulty text-searching purely speculative and unsupported, RIAA notes.

RIAA’s reply comes with a declaration from Traci Crippen, the group’s Vice President of Operations, Content Protection. She mentions that the contested file was reviewed by both a Universal Music Group (UMG) employee and herself.

From Crippen’s declaration

“Before sending the takedown notice, Ms. Crippen was informed that a UMG employee listened to the Audio File and determined that it infringed copyrighted UMG sound recordings. Ms. Crippen herself then listened to the Audio File and concluded it was infringing,” RIAA writes.

Although the track in question is mostly absent of any sound, the RIAA doesn’t believe that it can be classified under fair use. And even if it is non-infringing, Spinrilla’s false takedown claims are unwarranted because Ms. Crippen had “good faith belief” that it was.

Based on these and other arguments, the RIAA asks the court to dismiss the complaint. Or alternatively, issue a summary judgment in favor of the music group because it was not aware of any wrongdoing.

Whether Spinrilla has more examples of false takedown notices is unknown. If it does, it will likely present these in reply to RIAA’s response.

A copy of RIAA’s response to Spinrilla’s complaint is available here (pdf).

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Amazon Detective – Rapid Security Investigation and Analysis

Post Syndicated from Sébastien Stormacq original https://aws.amazon.com/blogs/aws/amazon-detective-rapid-security-investigation-and-analysis/

Almost five years ago, I blogged about a solution that automatically analyzes AWS CloudTrail data to generate alerts upon sensitive API usage. It was a simple and basic solution for security analysis and automation. But demanding AWS customers have multiple AWS accounts, collect data from multiple sources, and simple searches based on regular expressions are not enough to conduct in-depth analysis of suspected security-related events. Today, when a security issue is detected, such as compromised credentials or unauthorized access to a resource, security analysts cross-analyze several data logs to understand the root cause of the issue and its impact on the environment. In-depth analysis often requires scripting and ETL to connect the dots between data generated by multiple siloed systems. It requires skilled data engineers to answer basic questions such as “is this normal?”. Analysts use Security Information and Event Management (SIEM) tools, third-party libraries, and data visualization tools to validate, compare, and correlate data to reach their conclusions. To further complicate the matters, new AWS accounts and new applications are constantly introduced, forcing analysts to constantly reestablish baselines of normal behavior, and to understand new patterns of activities every time they evaluate a new security issue.

Amazon Detective is a fully managed service that empowers users to automate the heavy lifting involved in processing large quantities of AWS log data to determine the cause and impact of a security issue. Once enabled, Detective automatically begins distilling and organizing data from AWS Guard Duty, AWS CloudTrail, and Amazon Virtual Private Cloud Flow Logs into a graph model that summarizes the resource behaviors and interactions observed across your entire AWS environment.

At re:invent 2019, we announced a preview of Amazon Detective. Today, it is our pleasure to announce its availability for all AWS Customers.

Amazon Detective uses machine learning models to produce graphical representations of your account behavior and helps you to answer questions such as “is this an unusual API call for this role?” or “is this spike in traffic from this instance expected?”. You do not need to write code, to configure or to tune your own queries.

To get started with Amazon Detective, I open the AWS Management Console, I type “detective” in the search bar and I select Amazon Detective from the provided results to launch the service. I enable the service and I let the console guide me to configure “member” accounts to monitor and the “master” account in which to aggregate the data. After this one-time setup, Amazon Detective immediately starts analyzing AWS telemetry data and, within a few minutes, I have access to a set of visual interfaces that summarize my AWS resources and their associated behaviors such as logins, API calls, and network traffic. I search for a finding or resource from the Amazon Detective Search bar and, after a short while, I am able to visualize the baseline and current value for a set of metrics.

I select the resource type and ID and start to browse the various graphs.

I can also investigate a AWS Guard Duty finding by using the native integrations within the Guard Duty and AWS Security Hub consoles. I click the “Investigate” link from any finding from AWS Guard Duty and jump directly into a Amazon Detective console that provides related details, context, and guidance to investigate and to respond to the issue. In the example below, Guard Duty reports an unauthorized access that I decide to investigate:

Amazon Detective console opens:

I scroll down the page to check the graph of failed API calls. I click a bar in the graph to get the details, such as the IP addresses where the calls originated:

Once I know the source IP addresses, I click New behavior: AWS role and observe where these calls originated from to compare with the automatically discovered baseline.

Amazon Detective works across your AWS accounts, it is a multi-account solution that aggregates data and findings from up to 1000 AWS accounts into a single security-owned “master” account making it easy to view behavioral patterns and connections across your entire AWS environment.

There are no agents, sensors, or additional software to deploy in order to use the service. Amazon Detective retrieves, aggregates and analyzes data from AWS Guard Duty, AWS CloudTrail and Amazon Virtual Private Cloud Flow Logs. Amazon Detective collects existing logs directly from AWS without touching your infrastructure, thereby not causing any impact to cost or performance.

Amazon Detective can be administered via the AWS Management Console or via the Amazon Detective management APIs. The management APIs enable you to build Amazon Detective into your standard account registration, enablement, and deployment processes.

Amazon Detective is a regional service. I activate the service in every AWS Regions in which I want to analyze findings. All data are processed in the AWS Region where they are generated. Amazon Detective maintains data analytics and log summaries in the behavior graph for a 1-year rolling period from the date of log ingestion. This allows for visual analysis and deep dives over a large data set for a long period of time. When I disable the service, all data is expunged to ensure no data remains.

There are no additional charges or upfront commitments required to use Amazon Detective. We charge per GB of data ingested from AWS AWS CloudTrail, Amazon Virtual Private Cloud Flow Logs, and AWS Guard Duty findings. Amazon Detective offers a 30-day free trial. As usual, check the pricing page for the details.

Amazon Detective is available in all commercial AWS Regions, except China. You can start to use it today.

— seb

Internet Archive’s National Emergency Library is “Vile” Says Copyright Alliance

Post Syndicated from Andy original https://torrentfreak.com/internet-archives-national-emergency-library-is-vile-says-copyright-alliance-310331/

Millions of people around the planet rely on public libraries to seek out books and the knowledge and education they provide. Libraries operating in the physical realm are bound by obvious restrictions, including that they can only lend out as many books as they have to hand.

After a book is removed from a shelf, for example, it can only be re-lent once it has been returned by the borrower. In the digital space, on the other hand, more copies can be generated in an instant, resulting in a potentially inexhaustible supply – should no artificial ‘wait’ times be implemented, of course.

The Internet Archive (IA) operates one such a library offering a massive repository of scanned books that generally restricts lending in line with “wait time” guidelines. Last week, however, the resource announced an unprecedented response to the challenges being faced by learners due to the coronavirus pandemic.

Rather than users having to wait for digital books to be ‘returned’, the IA revealed that at least until the end of June 2020, it would “suspend waitlists” for the 1.4 million books in its newly-formed National Emergency Library.

“This is a response to the scores of inquiries from educators about the capacity of our lending system and the scale needed to meet classroom demands because of the closures,” wrote IA’s Director of Open Libraries Chris Freeland.

The response among borrowers, especially given the hard times currently being faced by all, was immediately positive. “You are an angel on earth,” one wrote. “Y’all have digitized a book that one of my faculty wants his students to read (by tomorrow! when they will virtually meet the author!). Author and professor will be thrilled,” another responded.

Perhaps inevitably, however, groups representing the rights of authors were less pleased with the new ground rules. Within days the initiative was slammed by the Authors Guild, which declared that it was “appalled” by the Internet Archive’s decision to expand the scope of the library.

“IA has no rights whatsoever to these books, much less to give them away indiscriminately without consent of the publisher or author,” the Guild wrote. “We are shocked that the Internet Archive would use the Covid-19 epidemic as an excuse to push copyright law further out to the edges, and in doing so, harm authors, many of whom are already struggling.”

The group says that while large swathes of the world are suffering due to the pandemic, authors should not be deprived of sales that might otherwise have taken place, had the IA not taken the decision to give free books to all, in whatever volumes are necessary to fulfill demand. This, the Authors Guild says, is contrary to federal law and even affects in-copyright books that authors rely upon for “critical revenue”.

“Acting as a piracy site — of which there already are too many — the Internet Archive tramples on authors’ rights by giving away their books to the world,” the group wrote.

The Internet Archive believes it is staying on the right side of the law, with the process of supplying temporary copies of books to users falling under the banner of ‘Controlled Digital Lending’ (CDL). Opponents, including some authors, authors’ groups, and publishers, vigorously disagree.

The National Writers Union (NWU), for example, insists that “CDL infringes authors’ and publishers’ copyrights and deprives them of revenues that they would earn if readers obtained their works though other, legitimate channels.”

But even when considering the Public Lending Right, which already exists in several countries around the world but not the United States, NWU remain unhappy. PLR ensures that authors are paid whenever their books are borrowed from libraries (in the UK authors should receive around 8.5p for each withdrawal) but IA’s library even tramples on that concept according to NWU.

“[I]n addition to its other harms, CDL deprives authors of PLR compensation by diverting readers who would otherwise borrow books from foreign libraries to ‘borrow’ bootleg CDL copies served up from the U.S. by the Internet Archive or other U.S. institutions,” NWU adds.

But of course, physical libraries aren’t operating as they should at the moment due to the pandemic, a point not lost on the Internet Archive.

“Right now, today, there are 650 million books that tax-paying citizens have paid to access that are sitting on shelves in closed libraries, inaccessible to them. And that’s just in public libraries,” IA wrote in a response to criticism last evening, adding that statements by the Authors Guild and the Association of American Publishers “contain falsehoods that are being spread widely online.”

IA insist that the fair user doctrine underlies its system, as explained in the Position Statement on Controlled Digital Lending. The organization also reiterates that there are restrictions in place to prevent loans from being any more permanent than they were before the crisis took hold.

“Readers who borrow a book from the National Emergency Library get it for only two weeks, and their access is disabled unless they check it out again. Internet Archive also uses the same technical protections that publishers use on their ebook offerings in order to prevent additional copies from being made or redistributed,” IA explains.

But despite the fact that the Internet Archive believes it is on safe ground, yet more pro-copyright groups have been piling on in disgust. In a scathing attack on IA founder Brewster Kahle, last night the massive Copyright Alliance likened the lending library to looters taking advantage at a time of crisis.

“Unfortunately, while most people are doing the right thing and rallying in support of one another, there are also those who are taking advantage of the mayhem to throw bricks through store windows and make things much worse for those that need our help. There is no better example of this than Brewster Kahle and the Internet Archive,” Copyright Alliance chief Keith Kupferschmid wrote.

“At a time when authors, like many others, are struggling to pay the rent and put food on the table, Kahle and the Internet Archive, are throwing bricks through their windows and looting their houses.”

Noting that people including Tim Cook, Elon Musk, Mark Zuckerberg and the Clintons have all dipped into their own pockets to offer help to those in need, the library operated by Kayle is funded by “money out of the pockets of those who need it the most – American authors.”

“Under normal circumstances his actions would be reprehensible,” Kupferschmid added, “but given the current situation and Kahle’s enormous wealth, his actions are particularly vile.”

While most of the attacks on the National Emergency Library thus far have either declared it flat-out illegal or worthy of criticism for trying to expand the limits of copyright law, no one is yet putting their head above the parapet with a legal team in tow. The perils here are clear, of course.

Few copyright holders will want to get drawn into an ugly battle at a time of national crisis and even fewer will relish the prospect of emerging the other side with a defeat. Like the pandemic itself, that too would go down in history and would not be easily forgotten.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

New – Use AWS IAM Access Analyzer in AWS Organizations

Post Syndicated from Channy Yun original https://aws.amazon.com/blogs/aws/new-use-aws-iam-access-analyzer-in-aws-organizations/

Last year at AWS re:Invent 2019, we released AWS Identity and Access Management (IAM) Access Analyzer that helps you understand who can access resources by analyzing permissions granted using policies for Amazon Simple Storage Service (S3) buckets, IAM roles, AWS Key Management Service (KMS) keys, AWS Lambda functions, and Amazon Simple Queue Service (SQS) queues.

AWS IAM Access Analyzer uses automated reasoning, a form of mathematical logic and inference, to determine all possible access paths allowed by a resource policy. We call these analytical results provable security, a higher level of assurance for security in the cloud.

Today I am pleased to announce that you can create an analyzer in the AWS Organizations master account or a delegated member account with the entire organization as the zone of trust. Now for each analyzer, you can create a zone of trust to be either a particular account or an entire organization, and set the logical bounds for the analyzer to base findings upon. This helps you quickly identify when resources in your organization can be accessed from outside of your AWS Organization.

AWS IAM Access Analyzer for AWS Organizations – Getting started
You can enable IAM Access Analyzer, in your organization with one click in the IAM Console. Once enabled, IAM Access Analyzer analyzes policies and reports a list of findings for resources that grant public or cross-account access from outside your AWS Organizations in the IAM console and through APIs.

When you create an analyzer on your organization, it recognizes your organization as a zone of trust, meaning all accounts within the organization are trusted to have access to AWS resources. Access analyzer will generate a report that identifies access to your resources from outside of the organization.

For example, if you create an analyzer for your organization then it provides active findings for resource such as S3 buckets in your organization that are accessible publicly or from outside the organization.

When policies change, IAM Access Analyzer automatically triggers a new analysis and reports new findings based on the policy changes. You can also trigger a re-evaluation manually. You can download the details of findings into a report to support compliance audits.

Analyzers are specific to the region in which they are created. You need to create a unique analyzer for each region where you want to enable IAM Access Analyzer.

You can create multiple analyzers for your entire organization in your organization’s master account. Additionally, you can also choose a member account in your organization as a delegated administrator for IAM Access Analyzer. When you choose a member account as the delegated administrator, the member account has a permission to create analyzers within the organization. Additionally individual accounts can create analyzers to identify resources accessible from outside those accounts.

IAM Access Analyzer sends an event to Amazon EventBridge for each generated finding, for a change to the status of an existing finding, and when a finding is deleted. You can monitor IAM Access Analyzer findings with EventBridge. Also, all IAM Access Analyzer actions are logged by AWS CloudTrail and AWS Security Hub. Using the information collected by CloudTrail, you can determine the request that was made to Access Analyzer, the IP address from which the request was made, who made the request, when it was made, and additional details.

Now available!
This integration is available in all AWS Regions where IAM Access Analyzer is available. There is no extra cost for creating an analyzer with organization as the zone of trust. You can learn more through these talks of Dive Deep into IAM Access Analyzer and Automated Reasoning on AWS at AWS re:Invent 2019. Take a look at the feature page and the documentation to learn more.

Please send us feedback either in the AWS forum for IAM or through your usual AWS support contacts.

Channy;

Affordable Legal Options Are the Best Anti-Piracy Tool, US Senators Are Told

Post Syndicated from Ernesto original https://torrentfreak.com/affordable-legal-options-are-the-best-anti-piracy-tool-us-senators-are-told-300320/

The Senate Judiciary Subcommittee on Intellectual Property is currently in the process of finding ways through which the U.S. can better address online piracy.

The initiative, launched by U.S. Senator Thom Tillis, aims to hear experts from various sides, to get a balanced view of the challenges and opportunities.

During a hearing of the Senate Subcommittee earlier this month, key movie industry players argued that pirate site blocking and upload filtering are viable and effective options. However, not everyone agreed with this conclusion.

The senators also heard Julia Reda, former MEP for the Pirate Party, who currently works as a fellow at Harvard’s Berkman Klein Center for Internet & Society. In her initial testimony, Reda pointed out that the EU’s ‘indirect’ upload filter requirements, which are part of last year’s copyright reform, are problematic.

Reda’s comments and presentation triggered several follow up questions from senators, who asked her to address some issues in more detail. These answers, which came in a few days ago, caution against stringent measures such as site blocking and upload filters.

Responding to a question from Committee Chairman Tillis, Reda stresses that instead of focusing on restrictions and legislation, the best answer to piracy lies in the hands of copyright holders and the broader entertainment industry.

“When it comes to reducing copyright infringement online, I am convinced that the availability of affordable, attractive legal streaming services is paramount,” Reda writes, adding that legal options have made music piracy less relevant.

The former MEP acknowledges that piracy continues to be a major challenge in the TV and movie industries. However, she attributes this in large part to increased fragmentation and the lack of an affordable all-in-one video platform.

“While legal video streaming services have grown rapidly in popularity and revenue over the recent years, there is still a lack of comprehensive video streaming services that give users access to all the content they want to see in one place,” Reda writes.

“Exclusive deals between rightsholders and streaming services are much more common than in the music industry, therefore users have to choose between a large number of different streaming services with distinct offerings. Subscribing to all major streaming services is not affordable to the average consumer,” she adds.

Next up is the response to Senator Chris Coons, who asked Reda specifically about her views on website blocking and upload filtering. These measures were presented as effective anti-piracy tools by copyright holders.

Reda, however, sees things differently. While she mentions that legal scholars are best placed to evaluate the applicability in the US context, caution against site-blocking measures is warranted.

For example, it can raise free speech concerns when there is overblocking, which has happened in the EU on a few occasions.

“From a free speech perspective, it is very difficult to implement site blocking that only blocks illegal content without adversely affecting users’ rights to access legal content,” Reda writes.

In addition, blocking can make security measures more difficult. This includes the use of DNSSEC, which can be used against phishing attacks but uses the same re-routing techniques as website blockades.

Free speech is also a problem with upload filters, Reda warns. She points out that automated filters can’t check for factors such as fair use, something even the providers of filtering tools themselves openly admit.

“I don’t think there is any possibility, neither today nor in the near to medium-term future, to automate these decisions,” Reda writes.

“Therefore, upload filters for copyrighted content will always lead to many instances of overblocking of legal speech, as many examples of automated notices sent under the current notice-and-takedown regime illustrate.”

Instead, Reda again points out that facilitating the development of affordable legal sources is a more reliable strategy.

This is also the message in response to questions from Senator Richard Blumenthal, who asked whether there are any examples of statutes or technological tools that have proven to curb online piracy.

Instead of focusing on enforcements or restrictions, Reda once again turns the tables, highlighting that the entertainment industry holds the key.

“When tracking the history of online copyright infringement over the course of the last 25 years, the single most successful intervention to increase industry revenues and reduce copyright infringement has been the introduction of affordable, convenient legal alternatives.

“I believe that rather than a legislative intervention, the support of better legal offers for online content is the more successful strategy to curb online copyright infringement and produce new revenue streams,” Reda adds.

These views are obviously one side of the debate. As we previously highlighted, copyright holders see things quite differently. It will be interesting to see if and how the Senate Judiciary Subcommittee on Intellectual Property can find some common ground.

Julia Reda’s full answers to the senators’ questions are available here (pdf).

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Now Open – Third Availability Zone in the AWS Canada (Central) Region

Post Syndicated from Danilo Poccia original https://aws.amazon.com/blogs/aws/now-open-third-availability-zone-in-the-aws-canada-central-region/

When you start an EC2 instance, or store data in an S3 bucket, it’s easy to underestimate what an AWS Region is. Right now, we have 22 across the world, and while they look like dots on a global map, they are architected to let you run applications and store data with high availability and fault tolerance. In fact, each of our Regions is made up of multiple data centers, which are geographically separated into what we call Availability Zones (AZs).

Today, I am very happy to announce that we added a third AZ to the AWS Canada (Central) Region to support our customer base in Canada.

This third AZ provides customers with additional flexibility to architect scalable, fault-tolerant, and highly available applications, and will support additional AWS services in Canada. We opened the Canada (Central) Region in December 2016, just over 3 years ago, and we’ve more than tripled the number of available services as we bring on this third AZ.

Each AZ is in a separate and distinct geographic location with enough distance to significantly reduce the risk of a single event impacting availability in the Region, yet near enough for business continuity applications that require rapid failover and synchronous replication. For example, our Canada (Central) Region is located in the Montreal area of Quebec, and the upcoming new AZ will be on the mainland more than 45 kms/28 miles away from the next-closest AZ as the crow flies.

Where we place our Regions and AZs is a deliberate and thoughtful process that takes into account not only latency or distance, but also risk profiles. To keep the risk profile low, we look at decades of data related to floods and other environmental factors before we settle on a location. Montreal was heavily impacted in 1998 by a massive ice storm that crippled the power grid and brought down more than 1,000 transmission towers, leaving four million people in neighboring provinces and some areas of New York and Maine without power. In order to ensure that AWS infrastructure can withstand inclement weather such as this, half of the AZs interconnections use underground cables and are out of the impact of potential ice storms. In this way, every AZ is connected to the other two AZs by at least one 100% underground fiber path.

We’re excited to bring a new AZ to Canada to serve our incredible customers in the region. Here are some examples from different industries, courtesy of my colleagues in Canada:

Healthcare – AlayaCare delivers cloud-based software to home care organizations across Canada and all over the world. As a home healthcare technology company, they need in-country data centers to meet regulatory requirements.

Insurance – Aviva is delivering a world-class digital experience to its insurance clients in Canada and the expansion of the AWS Region is welcome as they continue to move more of their applications to the cloud.

E-LearningD2L leverages various AWS Regions around the world, including Canada to deliver a seamless experience for their clients. They have been on AWS for more than four years, and recently completed an all-in migration.

With this launch, AWS has now 70 AZs within 22 geographic Regions around the world, plus 5 new regions coming. We are continuously looking at expanding our infrastructure footprint globally, driven largely by customer demand.

To see how we use AZs in Amazon, have look at this article on Static stability using Availability Zones by Becky Weiss and Mike Furr. It’s part of the Amazon Builders’ Library, a place where we share what we’ve learned over the years.

For more information on our global infrastructure, and the custom hardware we use, check out this interactive map.

Danilo


Une troisième zone de disponibilité pour la Région AWS Canada (Centre) est lancée

Lorsque vous lancez une instance EC2, ou que vous stockez vos données dans Amazon S3, il est facile de sous-estimer l’étendue d’une région infonuagique AWS. À l’heure actuelle, nous avons 22 régions dans le monde. Bien que ces dernières ne ressemblent qu’à des petits points sur une grande carte, elles sont conçues pour vous permettre de lancer des applications et de stocker des données avec une grande disponibilité et une tolérance aux pannes. En fait, chacune de nos régions comprend plusieurs centres de données distincts, regroupés dans ce que nous appelons des zones de disponibilités.

Aujourd’hui, je suis très heureux d’annoncer que nous avons ajouté une troisième zone de disponibilité à la Région AWS Canada (Centre) afin de répondre à la demande croissante de nos clients canadiens.

Cette troisième zone de disponibilité offre aux clients une souplesse additionnelle, leur permettant de concevoir des applications évolutives, tolérantes et hautement disponibles. Cette zone de disponibilité permettra également la prise en charge d’un plus grand nombre de services AWS au Canada. Nous avons ouvert la région infonuagique en décembre 2016, il y a un peu plus de trois ans, et nous avons plus que triplé le nombre de services disponibles en lançant cette troisième zone.

Chaque zone de disponibilité AWS se situe dans un lieu géographique séparé et distinct, suffisamment éloignée pour réduire le risque qu’un seul événement puisse avoir une incidence sur la disponibilité dans la région, mais assez rapproché pour permettre le bon fonctionnement d’applications de continuité d’activités qui nécessitent un basculement rapide et une réplication synchrone. Par exemple, notre Région Canada (Centre) se situe dans la région du grand Montréal, au Québec. La nouvelle zone de disponibilité sera située à plus de 45 km à vol d’oiseau de la zone de disponibilité la plus proche.

Définir l’emplacement de nos régions et de nos zones de disponibilité est un processus délibéré et réfléchi, qui tient compte non seulement de la latence/distance, mais aussi des profils de risque. Par exemple, nous examinons les données liées aux inondations et à d’autres facteurs environnementaux sur des décennies avant de nous installer à un endroit. Ceci nous permet de maintenir un profil de risque faible. En 1998, Montréal a été lourdement touchée par la tempête du verglas, qui a non seulement paralysé le réseau électrique et engendré l’effondrement de plus de 1 000 pylônes de transmission, mais qui a également laissé quatre millions de personnes sans électricité dans les provinces avoisinantes et certaines parties dans les états de New York et du Maine. Afin de s’assurer que l’infrastructure AWS résiste à de telles intempéries, la moitié des interconnexions câblées des zones de disponibilité d’AWS sont souterraines, à l’abri des tempêtes de verglas potentielles par exemple. Ainsi, chaque zone de disponibilité est reliée aux deux autres zones par au moins un réseau de fibre entièrement souterrain.

Nous nous réjouissons d’offrir à nos clients canadiens une nouvelle zone de disponibilité pour la région. Voici quelques exemples clients de différents secteurs, gracieuseté de mes collègues canadiens :

SantéAlayaCare fournit des logiciels de santé à domicile basés sur le nuage à des organismes de soins à domicile canadiens et partout dans le monde. Pour une entreprise de technologie de soins à domicile, le fait d’avoir des centres de données au pays est essentiel et lui permet de répondre aux exigences réglementaires.

AssuranceAviva offre une expérience numérique de classe mondiale à ses clients du secteur de l’assurance au Canada. L’expansion de la région AWS est bien accueillie alors qu’ils poursuivent la migration d’un nombre croissant de leurs applications vers l’infonuagique.

Apprentissage en ligneD2L s’appuie sur diverses régions dans le monde, dont celle au Canada, pour offrir une expérience homogène à ses clients. Ils sont sur AWS depuis plus de quatre ans et ont récemment effectué une migration complète.

Avec ce lancement, AWS compte désormais 70 zones de disponibilité dans 22 régions géographiques au monde – et cinq nouvelles régions à venir. Nous sommes continuellement à la recherche de moyens pour étendre notre infrastructure à l’échelle mondiale, entre autres en raison de la demande croissante des clients.

Pour comprendre comment nous utilisons les zones de disponibilité chez Amazon, consultez cet article sur la stabilité statique à l’aide des zones de disponibilité par Becky Weiss et Mike Furr. Ce billet se retrouve dans la bibliothèque des créateurs d’Amazon, un lieu où nous partageons ce que nous avons appris au fil des années.

Pour plus d’informations sur notre infrastructure mondiale et le matériel informatique personnalisé que nous utilisons, consultez cette carte interactive.

Danilo

Anime Fans Find ‘Pirate’ Subtitles in Netflix Streams of City Hunter

Post Syndicated from Andy original https://torrentfreak.com/anime-fans-find-pirate-subtitles-in-netflix-streams-of-city-hunter-203003/

Every day massive volumes of movies and TV shows are shared on the Internet without the permission of copyright holders.

While the majority will be viewed by speakers of the default language, the addition of subtitles allows content to be consumed across continents and on a global scale.

As a result, anti-piracy groups often claim that the existence of subtitles – whether from original sources or so-called ‘fansub’ creations – helps to drive up piracy levels everywhere. So, in response, several have taken legal measures in an effort to reduce their spread.

Of course, they can’t plug all of the holes but interestingly, it’s not just unlicensed consumers and platforms that can benefit from these leaks, as an incident reported on Twitter at the weekend revealed.

When translated, the tweet in question asks the following rhetorical question: “We agree that the inscription at the top is fan-made stuff? On Netflix. Well done Dybex.”

The screenshot is from the 1999 anime movie ‘City Hunter: Death of the Vicious Criminal Ryo Saeba‘ which in common with other anime titles is alternatively titled in various regions. However, what is unusual here is the caption at the top of the screen.

Rizon.net is an IRC (Internet Relay Chat) network that has been around for approximately 17 years. Anyone can set up a channel (denoted by hashtag #channelname) for free to discuss any topic they like, uncensored. So, in this case, the caption relates to the channel #anime101 on the Rizon network, which means that the subtitles used by Netflix were obtained from an unofficial and unlicensed source.

TF visited the #anime101 channel on Rizon to ask questions but we found only a ghost town. A single user was idling in the channel so as a result, no conversation was taking place. It seems likely that the channel has been all-but-dead for some time, which raises the question of exactly how old these subtitles are.

Momo, the Twitter user who made the discovery on Netflix France, ‘credited’ Dybex with the apparent subtitling ‘oversight’. Founded in the mid-nineties, Dybex is a company involved in the distribution of anime, originally on videotapes and DVD (City Hunter was available on this format just after the turn of the century) and more recently blu-ray and platforms like Netflix.

Thanks to Netflix having different libraries in various regions, the movie isn’t available everywhere. However, we managed to access the show this morning and tracked down the precise frame reported by Momo. The French subtitles were still there but as the image below shows, the marker indicating that they had been sourced from Rizon’s #anime101 had been removed.

This development was also noted by Twitter user ViCklatereur who describes him/herself as an ‘audiovisual professional’. After confirming that the report by Momo was accurate at the weekend, now confirms that the ‘problem’ has been fixed.

“The problem is solved,” ViCklatereur writes. “The pirate channel irc address has disappeared.”

This isn’t the first time that ‘pirate’ subtitles have inadvertently found their way onto Netflix and other platforms. Back in 2012, subtitles created by fansub community “DivX Finland” were shown to Netflix viewers of Canadian-American science fiction series Andromeda.

More recently, Comcast-owned Sky Switzerland managed to show pirated subtitles alongside the hit series Chernobyl. These were sourced from fansubbing site Addic7ed.com, a platform that is blocked by ISPs in Australia for breaching copyright law.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.

Copyright Holders Continue to Report Fewer Piracy Links to Google Search

Post Syndicated from Ernesto original https://torrentfreak.com/copyright-holders-continue-to-report-fewer-piracy-links-to-google-search-200329/

For most people, search engines such as Google are an essential tool to discover and enjoy the web in all its glory.

With help from complicated algorithms, the company offers a gateway to billions of sites, many of which would otherwise remain undiscovered.

This also includes many ‘pirate’ sites. While there are plenty of people who don’t mind seeing these show up in search results, their presence is a thorn in the side of copyright holders.

Roughly a decade ago this was hardly recognized as a problem. At the time, Google was asked to remove a few dozen URLs per day. In the years that followed, that changed drastically.

In 2012, Google was asked to remove more than 50 million URLs and by 2016, the search engine processed more than a billion reported URLs a year. This increase in notices coincided in large part with heavy critique from copyright holders, which asked Google to do more to curb piracy.

These comments didn’t go unnoticed at the Googleplex in Mountain View. In recent years, the search engine has taken a variety of measures to ensure that pirate sites are less visible. This includes demoting known offenders in search results.

Around the same time, the number of takedown requests from copyright holders started to drop. While we don’t know if that’s directly related to Google’s anti-piracy measures, it is clear that the number of reported URLs has gone down significantly.

According to Google’s transparency report, the company processed little over 500 million takedown requests over the past 12 months. That’s a 50% decrease compared to the billion it received a few years ago, and a 25% decrease compared to two years ago, when we first noticed the shift.

The decrease is in large part caused by the most active senders of takedown requests. For example, three years ago UK music group BPI sent in an average of two million URLs per week, with peaks of over three million. This year, the same group is averaging less than a million per week.

Similarly, the Mexican music group APDIF previously reported over four million pirate links to Google every week. This has now dropped to a few thousand, including some weeks with zero requests.

Also, MarkMonitor, which works with many Hollywood studios, reduced its takedown requests by roughly half.

While the data can’t be linked directly to Google’s anti-piracy measures, BPI Chief Executive Geoff Taylor informed us earlier this month that demotion of known pirate sites “has significantly improved the quality of results presented to consumers.”

After years of animosity between copyright holders and Google, both in public and behind closed doors, that’s certainly a major change in attitude.

Drom: TF, for the latest news on copyright battles, torrent sites and more. We also have an annual VPN review.