Tag Archives: Strike

The Pirate Bay Isn’t Affected By Adverse Court Rulings – Everyone Else Is

Post Syndicated from Andy original https://torrentfreak.com/the-pirate-bay-isnt-affected-by-adverse-court-rulings-everyone-else-is-170618/

For more than a decade The Pirate Bay has been the world’s most controversial site. Delivering huge quantities of copyrighted content to the masses, the platform is revered and reviled across the copyright spectrum.

Its reputation is one of a defiant Internet swashbuckler, but due to changes in how the site has been run in more recent times, its current philosophy is more difficult to gauge. What has never been in doubt, however, is the site’s original intent to be as provocative as possible.

Through endless publicity stunts, some real, some just for the ‘lulz’, The Pirate Bay managed to attract a massive audience, all while incurring the wrath of every major copyright holder in the world.

Make no mistake, they all queued up to strike back, but every subsequent rightsholder action was met by a Pirate Bay middle finger, two fingers, or chin flick, depending on the mood of the day. This only served to further delight the masses, who happily spread the word while keeping their torrents flowing.

This vicious circle of being targeted by the entertainment industries, mocking them, and then reaping the traffic benefits, developed into the cheapest long-term marketing campaign the Internet had ever seen. But nothing is ever truly for free and there have been consequences.

After taunting Hollywood and the music industry with its refusals to capitulate, endless legal action that the site would have ordinarily been forced to participate in largely took place without The Pirate Bay being present. It doesn’t take a law degree to work out what happened in each and every one of those cases, whatever complex route they took through the legal system. No defense, no win.

For example, the web-blocking phenomenon across the UK, Europe, Asia and Australia was driven by the site’s absolute resilience and although there would clearly have been other scapegoats had The Pirate Bay disappeared, the site was the ideal bogeyman the copyright lobby required to move forward.

Filing blocking lawsuits while bringing hosts, advertisers, and ISPs on board for anti-piracy initiatives were also made easier with the ‘evil’ Pirate Bay still online. Immune from every anti-piracy technique under the sun, the existence of the platform in the face of all onslaughts only strengthened the cases of those arguing for even more drastic measures.

Over a decade, this has meant a significant tightening of the sharing and streaming climate. Without any big legislative changes but plenty of case law against The Pirate Bay, web-blocking is now a walk in the park, ad hoc domain seizures are a fairly regular occurrence, and few companies want to host sharing sites. Advertisers and brands are also hesitant over where they place their ads. It’s a very different world to the one of 10 years ago.

While it would be wrong to attribute every tightening of the noose to the actions of The Pirate Bay, there’s little doubt that the site and its chaotic image played a huge role in where copyright enforcement is today. The platform set out to provoke and succeeded in every way possible, gaining supporters in their millions. It could also be argued it kicked a hole in a hornets’ nest, releasing the hell inside.

But perhaps the site’s most amazing achievement is the way it has managed to stay online, despite all the turmoil.

This week yet another ruling, this time from the powerful European Court of Justice, found that by offering links in the manner it does, The Pirate Bay and other sites are liable for communicating copyright works to the public. Of course, this prompted the usual swathe of articles claiming that this could be the final nail in the site’s coffin.

Wrong.

In common with every ruling, legal defeat, and legislative restriction put in place due to the site’s activities, this week’s decision from the ECJ will have zero effect on the Pirate Bay’s availability. For right or wrong, the site was breaking the law long before this ruling and will continue to do so until it decides otherwise.

What we have instead is a further tightened legal landscape that will have a lasting effect on everything BUT the site, including weaker torrent sites, Internet users, and user-uploaded content sites such as YouTube.

With The Pirate Bay carrying on regardless, that is nothing short of remarkable.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Balancing Convenience and Privacy

Post Syndicated from Ahin Thomas original https://www.backblaze.com/blog/privacy-vs-convenience/

balancing convenience and privacy

In early January of this year, in a conference room with a few other colleagues, we were at a point where we needed to decide how to balance convenience and privacy for our customers. The context being our team earnestly finalizing and prioritizing the launch features of our revamped Business Backup product. In the process, we introduced a piece of functionality that we call “Groups.” A Group is a mechanism that centralizes payment and simplifies management for multiple Backblaze users in a given organization or business. As with many services there were tradeoffs, but this one proved thornier than most.

The Trade-off Between Convenience and Privacy

The problem started as we considered the possibility of having a “Managed” Group. The concept is simple enough: Centralized billing is good, but there are clear use cases where a user would like to have someone act on their behalf. For instance, a business may want a System Administrator to create/manage restores on behalf of a group of employees. We have had many instances of someone from the home office ordering a hard drive restore for an employee in the field. Similarly, a Managed Service Provider (MSP) might provide, and potentially charge for, the service of creating/managing restores for their customers. In short, the idea of having an Administrator manage a defined collection of users (i.e. a Group) was compelling and added a level of convenience.

Great. It’s decided then, we need to introduce the concept of a Managed Group. And we’ll also have Unmanaged Groups. You can have infinite Groups of either kind, we’ll let the user decide!

Here’s the problem: The Managed Group feature could have easily been used for evil. For example, an overeager Administrator could restore an employee’s files, at anytime, for any reason – legitimate or nefarious. This felt wrong as we’re a backup company, not spyware company.

This is when the discussion got more interesting. By adding a convenience feature, we realized that there was potential for user privacy to be violated. As we worked through the use cases, we faced potential conflict between two of our guiding principles:

  • Make backup astonishingly easy. Whether you are a individual, family, or business (or some combination), we want to make your life easier.
  • Don’t be evil. With great data storage comes great responsibility. We are the custodians of sensitive data and take that seriously.

So how best to balance a feature that customers clearly want while enabling sane protections for all users? It was an interesting question internally – one where a fair amount of meetings, hallway conversations, and email exchanges were conducted in order to get it right.

Enabling Administration While Safeguarding Team Privacy

Management can be turned on for any Group at the time of Group Creation. As mentioned above, one Administrator can have as many Groups as desired and those Groups can be a mix of Managed and Unmanaged.

But there’s an interesting wrinkle – if Management is enabled, potential members of that Group are told that the feature is enabled before they join the Group.

Backblze for Business Group Invite

We’ve, in plain terms, disclosed what is happening before the person starts backing up. If you read that and choose to start backing up, then you have been armed with full information.

Unfortunately, life isn’t that cut and dry. What if your company selected Backblaze and insists that everyone join the Group? Sure, you were told there are Administrators. Fine, my Administrator is supposed to act in the constructive interest of the Group. But what if the Admin is, as the saying goes, “for badness”?

Our solution, while seemingly innocuous, felt like it introduced a level of transparency and auditability that made us comfortable moving forward. Before an Administrator can do a restore on a Group Member’s behalf, the Admin is presented with a pop up that looks like this:

Backblaze for Business Restore Notification

If the Admin is going to create a restore on a user’s behalf, then that user will be notified of the activity. A less than well intentioned Admin will have some reluctance if he knows the user will receive an email. Since permission for this type of activity was granted when the individual joined the Group, we do allow the Admin to proceed with the restore operation without further approval (convenience).

However, the user will get notified and can raise any questions or concerns as desired. There are no false positives, if the user gets an email, that means an Admin was going to restore data from the user’s account. In addition, because the mechanism is email, it creates an audit trail for the company. If there are users that don’t want the alerts, we recommend simply creating an email filter rule and putting them into a folder (in case some day you did want them).

Customer Adoption

The struggle for us was to strike the right balance between privacy and convenience. Specifically, we wanted to empower our users to set the mix where it is appropriate for them. In the case of Groups, it’s been interesting to see that 93% of Groups are of the “Managed” variety.

More importantly to us, we get consistently good feedback about the notification mechanisms in place. Even for organizations where one Admin may be taking a number of legitimate actions, we’re told that the notifications are appreciated in the spirit that they are intended. We’ll continue to solicit feedback and analyze usage to find ways to improve all of our features. But hearing and seeing customer satisfaction is a positive indicator that we’ve struck the appropriate balance between convenience and privacy.

The late 20th century philosopher, Judge Smails, once posited “the most important decision you can make right now is what do you stand for…? Goodness… or badness?”

We choose goodness. How do you think we did?

The post Balancing Convenience and Privacy appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

RIAA Sues ISP Grande Communications For Failing to Disconnect Pirates

Post Syndicated from Andy original https://torrentfreak.com/riaa-sues-isp-grande-communications-for-failing-to-disconnect-pirates-170422/

Despite approaching the problem from a number of directions, major copyright holders have been unable to do much to stop millions of BitTorrent-based infringements taking place every day.

A new lawsuit filed by the RIAA against ISP Grande Communications aims to change all that.

Yesterday, UMG Recordings, Capitol Records, Warner Bros, Sony Music, Arista Records, Atlantic Records and almost a dozen other music companies sued the Texas-based provider over the infringements of its subscribers.

“Defendants have been notified that their internet customers have engaged in more than one million infringements of copyrighted works over BitTorrent systems, including tens of thousands of blatant infringements by repeat infringers of Plaintiffs’copyrighted works,” the lawsuit reads.

“Despite their knowledge of repeat infringements, Defendants have permitted
repeat infringers to use the Grande service to continue to infringe Plaintiffs’ copyrights without consequence.”

Right from the outset it’s clear that this case has a lot in common with the litigation currently underway against Cox Communications. In that case, Cox was accused by publishing company BMG of not taking significant action against thousands of its customers who persistently shared content using BitTorrent.

Like BMG’s case against Cox, the RIAA’s suit against Grande aims to strip away the protection the ISP normally enjoys under the Digital Millenium Copyright Act. By not taking “meaningful action” against repeat infringers, the RIAA says that Grande can be held liable for the copyright infringements of its customers.

“Neither Grande or its management company Patriot has taken any meaningful action to discourage this continuing theft, let alone suspend or terminate subscribers who repeatedly commit copyright infringement through its network, as required by law,” the RIAA writes.

“Upon information and belief, this is so even where Defendants have specific and actual knowledge of those subscribers’ blatant, repeat infringement. Defendants’ effective acquiescence in this wholesale violation of Plaintiffs’ rights, coupled with their failure to adopt and reasonably implement a policy to stop repeat infringers, excludes Defendants from the safe harbor protections of the Digital Millennium Copyright Act (‘DMCA’).”

The RIAA says that since Grande failed to take action against infringers, especially those identified as repeat infringers, it protected a “significant revenue stream” it receives each month from pirating subscribers. As such it is not only liable for contributory and vicarious copyright infringement, but inducement of copyright infringement too.

What’s also interesting about this case is the involvement of anti-piracy outfit Rightscorp. The anti-piracy settlement company is deeply involved in the Cox case having provided the infringement data for the litigation. The same is true of the case against Grande.

It appears that Rightscorp’s claimed expertise in identifying repeat infringers is now central to the case, having had contact with Grande in the past. It seems likely that historical data collected by the company is now proving useful in the RIAA’s case against Grande.

“Rightscorp has provided Grande with notice of specific infringers using Grande’s internet service to infringe various copyrighted works. Rightscorp also requested that Grande terminate the ‘subscribers and account holders’ who are repeat infringers of copyrighted works,” the RIAA writes.

“Despite its knowledge of specific repeat infringers of copyrighted works, Grande apparently refused to do so.”

The RIAA says that Grande received notices that 1,840 of its customers had engaged in infringement at least 100 times, with 456 customers generating 500 infringement notices between them. More than 200 subscribers generated 1000 notices each with some generating more than 2000.

In closing, the RIAA seeks statutory damages, which could go up to $150,000 per infringed work, actual damages, plus profits generated by Grande as a result of infringement. The music group also asks for preliminary and permanent injunctions preventing Grande from further infringement, plus a jury trial in due course.

Having backed away from the so-called “six strikes” scheme earlier this year, the RIAA was left without any effective means to tackle online infringement. It’s now clear that it intends to force Internet service providers to be its unpaid enforcers.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Clever ‘Piracy’ App Keeps Celebrity Embarrassments Off YouTube

Post Syndicated from Andy original https://torrentfreak.com/clever-piracy-app-keeps-celebrity-embarrassments-off-youtube-170401/

While regular members of the public are free to grab a McDonalds in old sportswear or visit a store without full makeup, the mere suggestion of such sloppy behavior has the potential to make an A-List celebrity sweat like a PwC accountant at the Oscars.

Indeed, for people like Kanye West or Kim Kardashian, getting mistaken in public for a drunken bum could have catastrophic financial consequences. If annoying members of the public record and then upload such footage to the Internet, sponsors could back away, horrified at how regular they look without Photoshop.

But for those needing to maintain a perfect public image at all times, both in public and on YouTube, all is not lost. A new app being trialed in the US aims to stop interfering ‘citizen journalists’ in their tracks, rendering embarrassing celebrity footage all but useless.

Under development for iOS and Android, the app is made up of two modules. The first is a tool that downloads the most popular pop track of the week (currently Ed Sheeran’s ‘Shape of You’) from one of many pirate sites.

The second is a clever piece of coding that allows the track to be played extremely loudly through the phone’s own speaker, but with a novel twist.

Whenever Kim needs to go out without her hair done, all she needs to do is pop her phone in her pocket and activate the app. The software then transposes the pirate audio to surpass 15 kHz, beyond the normal range of human hearing but within reach of recording equipment utilized by the public.

It’s at this stage the app comes into its own. As soon as the potentially embarrassing footage is recorded and uploaded to YouTube, the site’s recently upgraded Content ID system swings into action.

Completely unfazed by the massive shift in pitch, YouTube’s filtering system spots the pirate song playing in the background and flags the video as a copyright infringement. Thanks to a less tolerant approach to infringers, it’s immediately taken off the site, keeping the celebrity’s image intact.

At the moment the app is being trialed by a few hand-picked public figures who are said to be particularly image-conscious. Their feedback has been largely positive, with a number asking for specific enhancements.

One nameless politician, who has been caught on camera a number of times saying inappropriate things about women, inquired whether the app could be upgraded to play a quickly medley of three or four songs instead of just one. This would ensure that people lose their YouTube account under the site’s tightened three-strike rule. Take that.

Looking towards the possibility of a future takedown/staydown regime, another tester suggested that rather than culling pirate tracks from the Internet, the app could play a unique sequence of notes previously copyrighted by the celebrity.

Once that ‘tune’ has been registered with YouTube’s Content ID, it would be trivial for the public figure to have the app rolling on his or her phone all the time. This would enable them to be excluded from YouTube on a permanent basis, perfect for the politician who likes to act with impunity.

A video of the app in action can be found here.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Third of EU Citizens OK With Piracy When There Are No Legal Options

Post Syndicated from Andy original https://torrentfreak.com/third-of-eu-citizens-ok-with-piracy-when-there-are-no-legal-options-170327/

The European Union Intellectual Property Office has published the findings of a new study commissioned from Deloitte which aims to better understand how EU citizens perceive intellectual property issues.

The report is the product of 26,500 interviews with citizens aged 15 and over and paints a fairly positive picture for rightsholders and other businesses that rely on the exploitation of intellectual property.

The striking headline figure is that 97% of respondents believe that content creators should be able to protect their rights in order to get paid for their work. Alongside almost total support for IP rights, an impressive 83% indicate they would prefer to access digital content through legal services when there is an affordable option available.

Across the EU, just 10% of respondents said they’d deliberately obtained content from illegal sources during the past 12 months, a figure that jumps to 27% among 15 to 24-year-olds. A similar survey carried out in 2013 produced close to the same results.

But while 10% is the average percentage of pirates across all EU countries, several major EU members buck the trends in interesting ways.

France, for example, has many years’ experience of the state-sponsored Hadopi “three strikes” anti-piracy program. With millions of notices sent to ISP subscribers, the program was supposed to educate citizens away from piracy. However, 15% of French citizens admit to downloading or streaming from illegal sources, five percentage points higher than the EU average.

In Germany, where copyright trolls have been running rampant for many years and claiming a deterrent effect, just 7% say they download or stream from illegal sources. While this figure lower than the EU average might seem the logical conclusion, the same percentage is shared with Italy where there is no trolling or state-sponsored anti-piracy scheme.

In Spain, a country that is trying to shake off a reputation of being a piracy haven, 16% of citizens admit to online piracy. That’s double the 8% of UK citizens who admit to consuming unauthorized content online.

As usual, however, there are significant gray areas when it comes to content consumption and whether or not people can be labeled as hardcore pirates.

Just under a third (32%) of the those surveyed said they access content online, whether that’s from a legal or illegal source. Under a quarter (22%) say they use only authorized services. Just 5% use illegal sources alone and 5% said they use a mix of paid lawful and illegal sources.

“This suggests that respondents are willing to switch between legal and illegal sources in order to gain access to content,” the study found.

Also of interest are the significant numbers of citizens who feel that piracy is acceptable under particular sets of circumstances.

A not insignificant 35% of respondents said that it’s acceptable to obtain content illegally as long as it’s only for personal use. Since millions of citizens are already taxed via a private copying levy, the notion that copying for yourself is acceptable shouldn’t come as too much of a surprise, although the charge itself applies to blank media, not illegal downloads.

Interestingly, close to a third (31%) believe that it’s acceptable to obtain content illegally if there are no immediately available legal alternatives. So, if a distributor chooses to bring content late to a region or makes content otherwise difficult to obtain, millions believe it’s ok for citizens to help themselves. While that’s probably a concern for rightsholders, it’s a problem that can be fixed.

Overall, an encouraging 71% of pirate respondents said they would stop obtaining content from illegal sources if there was an accessible and affordable legal alternative. Around 20% said they would not necessarily go legal, even if there was an available and affordable option.

“The availability of affordable content from legal offers as the top reason for stopping the behavior is most strongly cited by respondents in the following categories: respondents aged 25 to 39 (74 %), employed (76 %), living in large urbanized cities (75 %), and the most educated (72 %), which is in line with the profile of a typical online user,” the survey notes.

Close to 30% believe that being better informed could help them back away from illegal sources while just 5% said they could never be stopped, no matter what.

But while many consumers want to “do the right thing”, there appears to be confusion when it comes to assessing whether an online service is legal or not. Almost a quarter (24%) of Europeans surveyed said they’d questioned whether an online source was legal, a five-point increase over the earlier 2013 study.

That being said, there’s a perception that legal services can provide a better product. When comparing the quality of content offered on legal and illegal platforms, 69% said that licensed services come out on top, an opinion shared by illegal downloaders and legal consumers alike.

However, when it comes to diversity of content, just over half of respondents (56%) said that legal services do a better job, a figure that drops to 45% among those who illegally download some content. Making a broader range of content available online could address this particularly lukewarm response.

António Campinos, Executive Director of EUIPO, said that the results of the survey show that EU citizens generally have respect for intellectual property but there is still room for improvement.

“Overall, we see that support for IP rights is high among EU citizens,” he said.

“But we also see that more needs to be done to help young people in particular understand the importance of IP to our economy and society, especially now, when encouraging innovation and creativity is increasingly the focus of economic policy across our European Union.”

The full report can be downloaded here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Police Investigate Former BPI Anti-Piracy Chief & PIPCU Board Member

Post Syndicated from Andy original https://torrentfreak.com/police-investigate-former-bpi-anti-piracy-chief-pipcu-board-member-170317/

In December 2015, it was reported that the BPI’s Content Protection and Internet Investigations unit leaders would be leaving.

The music group said that the restructuring would enable it to better focus on the task ahead but with long-standing employees David Wood and John Hodge both departing the BPI, it certainly felt like there may have been more to the story.

To be absolutely clear, Hodge’s voluntary departure appears to have been both unconnected to Wood’s and completely benign, with no suggestion of impropriety. However, it now transpires that the story with Wood was much more complex.

After serving 15 years in the police force where he reached the rank of detective, David Wood left West Yorkshire Police in May 2002. Soon after, he began work at the BPI where he remained for the next 13 years, reaching the lofty position of Director of Copyright Protection at his peak.

Wood’s role saw him speaking to the media on many occasions, often decrying the dishonesty of Internet pirates and welcoming lengthy jail sentences as a suitable deterrent. This position eventually led him to the corridors of power at City of London Police.

According to his Linkedin profile, Wood became a senior figure within the Police Intellectual Property Crime Unit (PIPCU) after it was set up in May 2013. He states that he held a stakeholder position on PIPCU’s Management Board and was instrumental in the development of Operation Creative, the UK’s groundbreaking anti-piracy initiative. At some point, however, it all went wrong.

TorrentFreak has learned that while John Hodge’s departure from his role as Head of Internet Investigations at the BPI was his own choice (he served out an orderly notice at a later point and appears to have left on amicable terms), Wood’s earlier and entirely unrelated exit was not a voluntary affair.

According to our sources, Wood and the BPI had – and continue to have – a major dispute over the alleged misappropriation of the latter’s funds. This led to Wood’s dismissal from the company.

In fact, the allegations were so serious that the BPI decided to report the matter to the police, a claim that was confirmed this week when we spoke to the music group.

“BPI can confirm that a former employee, David Wood, was dismissed for gross misconduct in December 2015,” a BPI spokesperson told TF.

“BPI has referred the matter to the Metropolitan Police who are investigating. As investigations are ongoing, it would not be appropriate to comment in any more detail at this stage.”

TorrentFreak sources indicate that very large sums of money are involved in the dispute, running well into six figures. Precise details have proven impossible to verify (the BPI declined to comment) but we understand the numbers involved are “significant”. What we do know for sure, however, is that the BPI felt it necessary to pursue Woods into bankruptcy.

In a bankruptcy petition filed against Woods on November 7, 2016, the BPI is listed as the petitioner. The bankruptcy order itself was granted on January 4, 2017 and was listed in the London Gazette.

According to his Linkedin profile, Wood left the BPI in December 2015 and joined a new company, OCAP Ltd, during the same month. Records at the UK’s Companies House reveal that Wood and another individual set the company up as directors during August 2015, months before Wood was dismissed from the BPI.

Archival copies of OCAP’s website reveal that the company was involved in the IP enforcement market, a logical move for Wood considering his history.

“Online Copyright Auditing and Protection (OCAP) is a unique company which specializes in bespoke intellectual property (IP) protection,” a notice on the now-defunct site read.

“Our services help not only brands but law enforcement agencies to investigate and disrupt those intent on unlawfully exploiting other’s IP Rights. OCAP Ltd also has access to specialist trainers in online investigations and in the field of Anti Money laundering for which we can arrange bespoke training sessions.”

Given the police investigation confirmed by the BPI, the OCAP site surprisingly listed City of London Police – whose PIPCU unit Wood was heavily involved in – as “just one example of a client that trusts us to deliver solutions to their big data problems.”

Now, however, OCAP Ltd is drawing its final breaths. During January and following his bankruptcy, Wood filed an application to strike the company off the register. If there are no further interventions, the company will cease to exist in April 2017 having never filed any accounts.

TorrentFreak attempted to contact Wood for comment, but emails to his listed addresses ultimately bounced.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Amazon WorkDocs Update – Commenting & Reviewing Enhancements and a New Activity Feed

Post Syndicated from Jeff Barr original https://aws.amazon.com/blogs/aws/amazon-workdocs-update-commenting-reviewing-enhancements-and-a-new-activity-feed/

As I have told you in the past, we like to drink our own Champagne at Amazon. Practically speaking, this means that we make use of our own services, tools, and applications as part of our jobs, and that we supply the development teams with feedback if we have an idea for an improvement or if we find something that does not work as expected.

I first talked about Amazon WorkDocs (which was originally called Zocalo) back in the middle of 2014, and have been using it ever since (at busy times I often have drafts of 7 or 8 posts circulating).

I upload drafts of every new blog post (usually as PDFs) to WorkDocs and then share them with the Product Manager, Product Marketing Manager, and other designated reviewers. The reviewers leave feedback for me, I update the draft, and I wait for more feedback. After a couple of iterations the draft settles down and I wait for the go-ahead to publish the post. The circle of reviews often grows to include developers, senior management, and so forth. I simply share the document with them and look forward to even more feedback. My job is to read and to process all of the feedback (lots of suggestions, and the occasional question) as quickly as possible and to make sure that I did not miss anything.

Today I would like to tell you about some recent recent enhancements that makes WorkDocs even more useful. We have added some more commenting and reviewing features, along with an activity feed.

Enhanced Commenting
Over the course of a couple of revisions, some comments will spur a discussion. There might be a question about the applicability of a particular feature or the value of a particular image. In order to make it easier to start and to continue conversations, WorkDocs now supports threaded replies. I simply click on Reply and respond to a comment:

It is displayed like this:

If I click on Private, the comment is accessible only to the person who wrote the original.

In order to strengthen my message, I can also use simple formatting (bold, italic, and strikethrough) in my comments. Here’s how I specify each one:

And here’s the result:

Clicking on the ? displays a handy guide to formatting:

When the time for comments has passed, I can now disable feedback with a single click:

To learn more about these features, read Giving Feedback in the WorkDocs User Guide.

Enhanced Reviewing
As the comments accumulate, I sometimes need to draw a reviewer’s attention to a particular comment. I can do this by entering an @ in the comment and then choosing their name from the popup menu:

The user will be notified by email in order to let them know that their feedback is needed.

From time to time, a potential reviewer will come in to possession of a URL to a WorkDocs document but will not have access to the document. They can now request access to the document like this:

The request will be routed to the owner of the document via email for approval.

Similarly, someone who has been granted Viewer-level access can now request Contributor-level access:

Again, the request will be routed to the owner of the document via email for approval:

 

Activity Feed
With multiple blog posts out for review at any given time, keeping track of what’s coming and going can be challenging. In order to give me a big-picture view, WorkDocs now includes an Activity Feed. The feed shows me what is going on with my own documents and with those that have been shared with me. I can watch as files and folders are created, changed, removed, and commented on. I can also see who is making the changes and track the times when they were made:

I can enter a search term to control what I see in the feed:

And I can further filter the updates by activity type or by date:

Available Now
These features are available now and you can start using them today.

Jeff;

 

Backup and Restore Time Machine using Synology and the B2 Cloud

Post Syndicated from Andy Klein original https://www.backblaze.com/blog/time-machine-synology-b2-backup-restore/

B2 Cloud Storage, Time Machine, and Synology NAS
Have you ever wished that you could have Time Machine, your Synology NAS, and B2 Cloud Storage work together to automatically backup your Mac locally and to the cloud? That would be cool. Of course, you’d also want to be able to restore your Time Machine backup from your Synology NAS or the B2 cloud. And while you’re wishing, it would be great if you could have an encrypted USB Hard Drive show up at your doorstep with your Time Machine backup. Stop wishing! You can do all that today. Here’s how.

Overview

Apple’s Time Machine app, included with every Mac, creates automatic backups of your Mac computer. Typically, these backups are stored on a local external hard drive. Time Machine backups can also be stored on other devices such as a Network Attached Storage (NAS) system on your network. If your computer crashes or you get a new computer, you can restore your data from the Time Machine backup.

We advocate a “3-2-1” backup strategy that combines local storage like a Time Machine backup with offsite backup to provide an additional layer of security and redundancy. That’s 3 copies of your data: 2 local (your “live” version and your Time Machine backup), and 1 offsite. If something happens to your computer or your NAS – if they’re stolen, or if some sort of disaster strikes – you can still count on your cloud backup to keep you safe.

You can use Backblaze to back up your computer to the cloud and use Time Machine to create a local backup. In fact, many of our customers do exactly that. But there’s another way to approach this that’s more efficient: Make a copy of the Time Machine backup and send it offsite automatically.

A Streamlined 3-2-1 Backup Plan

diagram of automatic backup of your Mac locally and to the cloud

The idea is simple: Have Time Machine store its backup on your Synology NAS device, then sync the Time Machine backup from the Synology NAS to Backblaze B2 Cloud Storage. Once this is set up, the 3-2-1 backup process occurs automatically and your files are stored locally and off-site.

We’ve prepared a guide titled “How to backup your Time Machine backup to Synology and B2” in the Backblaze Knowledge Base to help you with the setup of Time Machine, Synology, and Backblaze B2. Please read through the instructions before starting the actual installation.

Restoring Your Time Machine Backup

The greatest backup process in the world is of little value if you can’t restore your data. With your Time Machine backup now stored on your Synology NAS and in B2, you have multiple ways to restore your files.

Day-to-day Restores

From time to time you may need to restore a file or two from your local backup, in this case, your Time Machine backup stored on your Synology NAS. This works just like having your Time Machine backup stored on a locally connected external hard drive:

  • On the Mac menu bar (top right) locate and click on the Time Machine icon.
  • Select “Enter Time Machine”.
  • Locate the file or files you wish to restore.
  • Click “Restore” to restore the selected file(s).

The only thing to remember is that your Synology NAS device needs to be accessible via your network to access the Time Machine backup.

Full Restores

Most often you would do a full restore of your Time Machine backup if you are replacing your computer or the hard/SSD drive inside.

Method 1: Restore from the Synology NAS device

The most straight-forward method is to restore the Time Machine backup directly from the Synology NAS device. You can restore your entire Time Machine backup to your new or reformatted Mac by having Apple’s Migration Assistant app use the Time Machine backup stored on the Synology NAS as the restore source. The Migration Assistant app is included with your Mac.

Of course, in the case of a disaster or theft, the Synology NAS may suffer the same fate as your Mac. In that case, you’ll want to restore your Time Machine backup from Backblaze B2, here’s how.

Method 2: Restore a Time Machine Backup from B2 via a USB Hard Drive

The second method is to prepare a B2 snapshot of your Time Machine backup and then have the snapshot copied to a USB hard drive you purchase from Backblaze. Think of a snapshot as a container that holds a copy of the files you wish to download. Instead of downloading each file individually, you create a snapshot of the files and download one item, the snapshot. In this case, you create the snapshot of your Time Machine backup, and we copy the snapshot to the hard drive and FedEx it to you. You then use the USB Hard Drive as a restore source when using Migration Assistant.

Method 2: Restore a Time Machine backup from B2 via USB hard drive

We’ve prepared a guide titled, “How to restore your Time Machine backup from B2” in the Backblaze Knowledge Base to walk you through the process of restoring your Time Machine backup from Backblaze B2 using an encrypted USB Hard Drive.

Method 3: Restore a Time Machine Backup from B2 via Download

When using this method, give consideration to the size of the Time Machine backup. It is not uncommon for this file to be several hundred gigabytes or even a terabyte or two. Even with the reasonably fast network connection downloading such a large file can take a considerable amount of time.

Prepare a snapshot of your Time Machine backup from B2 and download it to your “new” Mac. After you “unzip” the file you can use Migration Assistant on your new Mac to restore the Time Machine backup using the unzipped file as the restore source.

Method 3: Restore a Time Machine backup from B2 via download

Summary

As we noted earlier, you can use Backblaze Computer Backup to backup your computer to the cloud and use Time Machine to create a local backup. That works fine, but if you are using a Synology NAS device in your environment, the 3-2-1 strategy discussed above gives you another option. In that case, all of the Time Machine backups in your home or office can reside on the Synology NAS. Then you don’t need an external drive to store the Time Machine backup for each computer and all of the Time Machine backups can sync automatically to Backblaze B2 Cloud Storage.

In summary, if you have a Mac, a Synology NAS, and a Backblaze B2 account you can have an automatic 3-2-1 Time Machine backup of the files on your computer. You don’t have to drag and drop files into backup folders, remember to hit the “backup now” button, or hoard backup external USB drives in your closet. Enjoy automatic, continuous backup, locally and in the cloud. 3-2-1 backup has never been so easy.

The post Backup and Restore Time Machine using Synology and the B2 Cloud appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Utopia

Post Syndicated from Eevee original https://eev.ee/blog/2017/03/08/utopia/

It’s been a while, but someone’s back on the Patreon blog topic tier! IndustrialRobot asks:

What does your personal utopia look like? Do you think we (as mankind) can achieve it? Why/why not?

Hm.

I spent the month up to my eyeballs in a jam game, but this question was in the back of my mind a lot. I could use it as a springboard to opine about anything, especially in the current climate: politics, religion, nationalism, war, economics, etc., etc. But all of that has been done to death by people who actually know what they’re talking about.

The question does say “personal”. So in a less abstract sense… what do I want the world to look like?

Mostly, I want everyone to have the freedom to make things.

I’ve been having a surprisingly hard time writing the rest of this without veering directly into the ravines of “basic income is good” and “maybe capitalism is suboptimal”. Those are true, but not really the tone I want here, and anyway they’ve been done to death by better writers than I. I’ve talked this out with Mel a few times, and it sounds much better aloud, so I’m going to try to drop my Blog Voice and just… talk.

*ahem*

Art versus business

So, art. Art is good.

I’m construing “art” very broadly here. More broadly than “media”, too. I’m including shitty robots, weird Twitter almost-bots, weird Twitter non-bots, even a great deal of open source software. Anything that even remotely resembles creative work — driven perhaps by curiosity, perhaps by practicality, but always by a soul bursting with ideas and a palpable need to get them out.

Western culture thrives on art. Most culture thrives on art. I’m not remotely qualified to defend this, but I suspect you could define culture in terms of art. It’s pretty important.

You’d think this would be reflected in how we discuss art, but often… it’s not. Tell me how often you’ve heard some of these gems.

  • I could do that.”
  • My eight-year-old kid could do that.”
  • Jokes about the worthlessness of liberal arts degrees.
  • Jokes about people trying to write novels in their spare time, the subtext being that only dreamy losers try to write novels, or something.
  • The caricature of a hippie working on a screenplay at Starbucks.

Oh, and then there was the guy who made a bot to scrape tons of art from artists who were using Patreon as a paywall — and a primary source of income. The justification was that artists shouldn’t expect to make a living off of, er, doing art, and should instead get “real jobs”.

I do wonder. How many of the people repeating these sentiments listen to music, or go to movies, or bought an iPhone because it’s prettier? Are those things not art that took real work to create? Is creating those things not a “real job”?

Perhaps a “real job” has to be one that’s not enjoyable, not a passion? And yet I can’t recall ever hearing anyone say that Taylor Swift should get a “real job”. Or that, say, pro football players should get “real jobs”. What do pro football players even do? They play a game a few times a year, and somehow this drives the flow of unimaginable amounts of money. We dress it up in the more serious-sounding “sport”, but it’s a game in the same general genre as hopscotch. There’s nothing wrong with that, but somehow it gets virtually none of the scorn that art does.

Another possible explanation is America’s partly-Christian, partly-capitalist attitude that you deserve exactly whatever you happen to have at the moment. (Whereas I deserve much more and will be getting it any day now.) Rich people are rich because they earned it, and we don’t question that further. Poor people are poor because they failed to earn it, and we don’t question that further, either. To do so would suggest that the system is somehow unfair, and hard work does not perfectly correlate with any particular measure of success.

I’m sure that factors in, but it’s not quite satisfying: I’ve also seen a good deal of spite aimed at people who are making a fairly decent chunk through Patreon or similar. Something is missing.

I thought, at first, that the key might be the American worship of work. Work is an inherent virtue. Politicians run entire campaigns based on how many jobs they’re going to create. Notably, no one seems too bothered about whether the work is useful, as long as someone decided to pay you for it.

Finally I stumbled upon the key. America doesn’t actually worship work. America worships business. Business means a company is deciding to pay you. Business means legitimacy. Business is what separates a hobby from a career.

And this presents a problem for art.

If you want to provide a service or sell a product, that’ll be hard, but America will at least try to look like it supports you. People are impressed that you’re an entrepreneur, a small business owner. Politicians will brag about policies made in your favor, whether or not they’re stabbing you in the back.

Small businesses have a particular structure they can develop into. You can divide work up. You can have someone in sales, someone in accounting. You can provide specifications and pay a factory to make your product. You can defer all of the non-creative work to someone else, whether that means experts in a particular field or unskilled labor.

But if your work is inherently creative, you can’t do that. The very thing you’re making is your idea in your style, driven by your experience. This is not work that’s readily parallelizable. Even if you sell physical merchandise and register as an LLC and have a dedicated workspace and do various other formal business-y things, the basic structure will still look the same: a single person doing the thing they enjoy. A hobbyist.

Consider the bulleted list from above. Those are all individual painters or artists or authors or screenwriters. The kinds of artists who earn respect without question are generally those managed by a business, those with branding: musical artists signed to labels, actors working for a studio. Even football players are part of a tangle of business.

(This doesn’t mean that business automatically confers respect, of course; tech in particular is full of anecdotes about nerds’ disdain for people whose jobs are design or UI or documentation or whathaveyou. But a businessy look seems to be a significant advantage.)

It seems that although art is a large part of what informs culture, we have a culture that defines “serious” endeavors in such a way that independent art cannot possibly be “serious”.

Art versus money

Which wouldn’t really matter at all, except that we also have a culture that expects you to pay for food and whatnot.

The reasoning isn’t too outlandish. Food is produced from a combination of work and resources. In exchange for getting the food, you should give back some of your own work and resources.

Obviously this is riddled with subtle flaws, but let’s roll with it for now and look at a case study. Like, uh, me!

Mel and I built and released two games together in the six weeks between mid-January and the end of February. Together, those games have made $1,000 in sales. The sales trail off fairly quickly within a few days of release, so we’ll call that the total gross for our effort.

I, dumb, having never actually sold anything before, thought this was phenomenal. Then I had the misfortune of doing some math.

Itch takes at least 10%, so we’re down to $900 net. Divided over six weeks, that’s $150 per week, before taxes — or $3.75 per hour if we’d been working full time.

Ah, but wait! There are two of us. And we hadn’t been working full time — we’d been working nearly every waking hour, which is at least twice “full time” hours. So we really made less than a dollar an hour. Even less than that, if you assume overtime pay.

From the perspective of capitalism, what is our incentive to do this? Between us, we easily have over thirty years of experience doing the things we do, and we spent weeks in crunch mode working on something, all to earn a small fraction of minimum wage. Did we not contribute back our own work and resources? Was our work worth so much less than waiting tables?

Waiting tables is a perfectly respectable way to earn a living, mind you. Ah, but wait! I’ve accidentally done something clever here. It is generally expected that you tip your waiter, because waiters are underpaid by the business, because the business assumes they’ll be tipped. Not tipping is actually, almost impressively, one of the rudest things you can do. And yet it’s not expected that you tip an artist whose work you enjoy, even though many such artists aren’t being paid at all.

Now, to be perfectly fair, both games were released for free. Even a dollar an hour is infinitely more than the zero dollars I was expecting — and I’m amazed and thankful we got as much as we did! Thank you so much. I bring it up not as a complaint, but as an armchair analysis of our systems of incentives.

People can take art for granted and whatever, yes, but there are several other factors at play here that hamper the ability for art to make money.

For one, I don’t want to sell my work. I suspect a great deal of independent artists and writers and open source developers (!) feel the same way. I create things because I want to, because I have to, because I feel so compelled to create that having a non-creative full-time job was making me miserable. I create things for the sake of expressing an idea. Attaching a price tag to something reduces the number of people who’ll experience it. In other words, selling my work would make it less valuable in my eyes, in much the same way that adding banner ads to my writing would make it less valuable.

And yet, I’m forced to sell something in some way, or else I’ll have to find someone who wants me to do bland mechanical work on their ideas in exchange for money… at the cost of producing sharply less work of my own. Thank goodness for Patreon, at least.

There’s also the reverse problem, in that people often don’t want to buy creative work. Everyone does sometimes, but only sometimes. It’s kind of a weird situation, and the internet has exacerbated it considerably.

Consider that if I write a book and print it on paper, that costs something. I have to pay for the paper and the ink and the use of someone else’s printer. If I want one more book, I have to pay a little more. I can cut those costs pretty considerable by printing a lot of books at once, but each copy still has a price, a marginal cost. If I then gave those books away, I would be actively losing money. So I can pretty well justify charging for a book.

Along comes the internet. Suddenly, copying costs nothing. Not only does it cost nothing, but it’s the fundamental operation. When you download a file or receive an email or visit a web site, you’re really getting a copy! Even the process which ultimately shows it on your screen involves a number of copies. This is so natural that we don’t even call it copying, don’t even think of it as copying.

True, bandwidth does cost something, but the rate is virtually nothing until you start looking at very big numbers indeed. I pay $60/mo for hosting this blog and a half dozen other sites — even that’s way more than I need, honestly, but downgrading would be a hassle — and I get 6TB of bandwidth. Even the longest of my posts haven’t exceeded 100KB. A post could be read by 64 million people before I’d start having a problem. If that were the population of a country, it’d be the 23rd largest in the world, between Italy and the UK.

How, then, do I justify charging for my writing? (Yes, I realize the irony in using my blog as an example in a post I’m being paid $88 to write.)

Well, I do pour effort and expertise and a fraction of my finite lifetime into it. But it doesn’t cost me anything tangible — I already had this hosting for something else! — and it’s easier all around to just put it online.

The same idea applies to a vast bulk of what’s online, and now suddenly we have a bit of a problem. Not only are we used to getting everything for free online, but we never bothered to build any sensible payment infrastructure. You still have to pay for everything by typing in a cryptic sequence of numbers from a little physical plastic card, which will then give you a small loan and charge the seller 30¢ plus 2.9% for the “convenience”.

If a website could say “pay 5¢ to read this” and you clicked a button in your browser and that was that, we might be onto something. But with our current setup, it costs far more than 5¢ to transfer 5¢, even though it’s just a number in a computer somewhere. The only people with the power and resources to fix this don’t want to fix it — they’d rather be the ones charging you the 30¢ plus 2.9%.

That leads to another factor of platforms and publishers, which are more than happy to eat a chunk of your earnings even when you do sell stuff. Google Play, the App Store, Steam, and anecdotally many other big-name comparative platforms all take 30% of your sales. A third! And that’s good! It seems common among book publishers to take 85% to 90%. For ebook sales — i.e., ones that don’t actually cost anything — they may generously lower that to a mere 75% to 85%.

Bless Patreon for only taking 5%. Itch.io is even better: it defaults to 10%, but gives you a slider, which you can set to anything from 0% to 100%.

I’ve mentioned all this before, so here’s a more novel thought: finite disposable income. Your audience only has so much money to spend on media right now. You can try to be more compelling to encourage them to spend more of it, rather than saving it, but ultimately everyone has a limit before they just plain run out of money.

Now, popularity is heavily influenced by social and network effects, so it tends to create a power law distribution: a few things are ridiculously hyperpopular, and then there’s a steep drop to a long tail of more modestly popular things.

If a new hyperpopular thing comes out, everyone is likely to want to buy it… but then that eats away a significant chunk of that finite pool of money that could’ve gone to less popular things.

This isn’t bad, and buying a popular thing doesn’t make you a bad person; it’s just what happens. I don’t think there’s any satisfying alternative that doesn’t involve radically changing the way we think about our economy.

Taylor Swift, who I’m only picking on because her infosec account follows me on Twitter, has sold tens of millions of albums and is worth something like a quarter of a billion dollars. Does she need more? If not, should she make all her albums free from now on?

Maybe she does, and maybe she shouldn’t. The alternative is for someone to somehow prevent her from making more money, which doesn’t sit well. Yet it feels almost heretical to even ask if someone “needs” more money, because we take for granted that she’s earned it — in part by being invested in by a record label and heavily advertised. The virtue is work, right? Don’t a lot of people work just as hard? (“But you have to be talented too!” Then please explain how wildly incompetent CEOs still make millions, and leave burning businesses only to be immediately hired by new ones? Anyway, are we really willing to bet there is no one equally talented but not as popular by sheer happenstance?)

It’s kind of a moot question anyway, since she’s probably under contract with billionaires and it’s not up to her.

Where the hell was I going with this.


Right, so. Money. Everyone needs some. But making it off art can be tricky, unless you’re one of the lucky handful who strike gold.

And I’m still pretty goddamn lucky to be able to even try this! I doubt I would’ve even gotten into game development by now if I were still working for an SF tech company — it just drained so much of my creative energy, and it’s enough of an uphill battle for me to get stuff done in the first place.

How many people do I know who are bursting with ideas, but have to work a tedious job to keep the lights on, and are too tired at the end of the day to get those ideas out? Make no mistake, making stuff takes work — a lot of it. And that’s if you’re already pretty good at the artform. If you want to learn to draw or paint or write or code, you have to do just as much work first, with much more frustration, and not as much to show for it.

Utopia

So there’s my utopia. I want to see a world where people have the breathing room to create the things they dream about and share them with the rest of us.

Can it happen? Maybe. I think the cultural issues are a fairly big blocker; we’d be much better off if we treated independent art with the same reverence as, say, people who play with a ball for twelve hours a year. Or if we treated liberal arts degrees as just as good as computer science degrees. (“But STEM can change the world!” Okay. How many people with computer science degrees would you estimate are changing the world, and how many are making a website 1% faster or keeping a lumbering COBOL beast running or trying to trick 1% more people into clicking on ads?)

I don’t really mean stuff like piracy, either. Piracy is a thing, but it’s… complicated. In my experience it’s not even artists who care the most about piracy; it’s massive publishers, the sort who see artists as a sponge to squeeze money out of. You know, the same people who make everything difficult to actually buy, infest it with DRM so it doesn’t work on half the stuff you own, and don’t even sell it in half the world.

I mean treating art as a free-floating commodity, detached from anyone who created it. I mean neo-Nazis adopting a comic book character as their mascot, against the creator’s wishes. I mean politicians and even media conglomerates using someone else’s music in well-funded videos and ads without even asking. I mean assuming Google Image Search, wonder that it is, is some kind of magical free art machine. I mean the snotty Reddit post I found while looking up Patreon’s fee structure, where some doofus was insisting that Patreon couldn’t possibly pay for a full-time YouTuber’s time, because not having a job meant they had lots of time to spare.

Maybe I should go one step further: everyone should create at least once or twice. Everyone should know what it’s like to have crafted something out of nothing, to be a fucking god within the microcosm of a computer screen or a sewing machine or a pottery table. Everyone should know that spark of inspiration that we don’t seem to know how to teach in math or science classes, even though it’s the entire basis of those as well. Everyone should know that there’s a good goddamn reason I listed open source software as a kind of art at the beginning of this post.

Basic income and more arts funding for public schools. If Uber can get billions of dollars for putting little car icons on top of Google Maps and not actually doing any of their own goddamn service themselves, I think we can afford to pump more cash into webcomics and indie games and, yes, even underwater basket weaving.

Is Megaupload’s ‘Crime’ a Common Cloud Hosting Practice?

Post Syndicated from Ernesto original https://torrentfreak.com/is-megauploads-crime-a-common-cloud-hosting-practice-170218/

Last week we reported that Google Drive uses hash filtering to prevent users from sharing alleged copyright infringing content, while leaving the actual files on its servers.

This practice is similar to what its competitor Dropbox does, and probably many other cloud hosting providers as well.

However, it also reminded us of a more controversial hosting service, Megaupload. When the US Department of Justice announced its allegations against the company five years ago, a similar issue was at the center.

One of the main arguments in the indictment is that Megaupload would only disable a URL when it received a takedown notice, not the underlying file. As a result of the deduplication technology it employed, this meant that the file could still be accessed under different URLs.

“…the Conspiracy has, at best, only deleted the particular URL of which the copyright holder complained, and purposefully left the actual infringing copy of the copyrighted work on the Mega Conspiracy-controlled server and any other access links completely intact,” the indictment reads.

The RIAA and MPAA later highlighted the similar takedown related issues in their civil complaints, with the latter stating:

“And although Megaupload had implemented a technology called ‘MDS hash’ filtering to identify and block uploads of various types of illicit content, Megaupload chose not to deploy that technology to identify and block infringing uploads of copyrighted works that had already been subject to takedown notices by plaintiffs and other copyright holders.”

Admittingly, the Megaupload cases are much broader than this single issue, but it does raise questions.

The apparent ‘failure’ to block infringing content from being uploaded by other users isn’t illegal by definition. In fact, neither Google Drive nor Dropbox does this today. So how is the Megaupload situation different?

The main difference appears to be that Megaupload only removed the links that were reported as infringing, while Dropbox and Drive also prevent others from publicly sharing links to the same file. All three services keep or kept the original files on their servers though.

There are good arguments for keeping the files, as others may have the legal right to store them. If someone downloads an MP3, he or she can’t share it in public without permission. However, making a private backup on Dropbox would be acceptable in many countries.

Since Dropbox and Drive don’t face criminal indictments, the question should therefore be whether Megaupload was legally required to delete all public links to the underlying file, even those that were not directly reported.

This is something legal experts have their doubts over, including Professor Lawrence Lessig.

“It is possible for one uploader to have a right to fair use of a copy of a file, e.g., a purchaser uploading a backup or an educational organization offering critical commentary, while other uploaders might have no such fair use right,” he explained earlier in an expert report.

In other words, while one person might not have the legal right to store a file, another person might. The same argument also applies to publishing such links. This is something we also see on YouTube, where rightsholders pull down videos which they themselves have openly published on the same site.

This week, Megaupload counsel Ira Rothken clarified that the service tried to strike a balance between the rights of copyright holders and its users. If one link is infringing, that doesn’t mean that all of the others on the service are as well.

“While Megaupload made efforts to curb abuse of its service, it recognized a competing obligation to its users who legitimately use[d] the service to store their own copies of copyrighted material,” Rothken tells TorrentFreak.

“For example, a music file that was purchased or covered by fair use and uploaded by a user for the purpose of ‘space shifting’ would look the same to Megaupload’s automated processes as a music file to which the user had no legal right.”

This was also brought up in the Dancing Baby” case recently, where it was held that copyright holders should consider fair use before requesting a takedown. This means that removing an underlying file may be too broad, as fair use isn’t considered for all URLs.

Megaupload saw it as an obligation to its users, who had a legal right to the files, to ensure that there’s a proper and legitimate basis to disable links or remove files.

“As a result, where a user was subject to a proper and specific take down notice for their unique link or URL, that user’s link to the file in question was taken down or broken.”

In sum, we can say that Megaupload operated slightly differently from Dropbox and Google Drive today. However, the difference is subtle. Not taking down the actual copyright infringing file from the servers is still common practice, for example.

When it comes to proactively preventing public sharing of links that are not reported yet, the service operated differently. Here Megaupload put the interests of its users first. Of course, the Megaupload case is much broader, but the above should illustrate that when it comes alleged hash filtering and file removal ‘crimes’, there is still an open debate.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Decide on your backup plan before it’s too late!

Post Syndicated from Sarah Wilson original http://www.anchor.com.au/blog/2017/02/18227/

Most businesses don’t think twice about taking out insurance policies to protect against various forms of loss, such as workers compensation or public liability. They’re rightly considered a cost of doing business. But what about the cost of downtime? If your website or application is a critical part of your business, you should be taking every precaution to guard against outages in the same way you insure yourself against other forms of loss.

The most serious business consequences of downtime are often lost customer registrations, lost sales or frustrated customers. In 2015, one of Anchor’s larger e-commerce customers transacted more than $100 million dollars in revenue through their Magento store. Crunching those numbers means a single hour of downtime equals a potential revenue loss of around $11,415.

In reality, the loss could be far worse as outages tend to strike during your busiest times, such as a major sale or expensive campaign promotion. So, the real cost could be four or five times your ‘business as usual’ number. Add to that the reputational damage to your brand and the financial impacts keep growing. Fortunately, every cloud provider offers some form of Service Level Agreement (SLA), including an uptime guarantee, and AWS is no different. SLAs and guarantees set out to give us confidence in the resilience of the network, infrastructure and services while describing how we may be compensated should an unscheduled outage occur.

But do you understand how the Amazon Web Service’s (AWS) SLA and uptime guarantee work in practice? You may be surprised to learn that any compensation you might receive may be far, far less than your lost business revenue. There are a couple of reasons for this:

  • Even a 99.5% uptime guarantee means your website or app can be offline for nearly 22 minutes each and every month without compensation—and that can add up to a lot of lost sales.
  • Compensation is in the form of service credit, capped at 10% of the monthly bill (although this increases to 30% capped if uptime is lower than 99.0%).

Relying on a cloud provider’s uptime guarantee is never an alternative to taking the necessary steps to ensure your deployment is highly available. It’s worth investing a little more to protect your bottom line.

Oh, and it’s entirely possible (even likely!) that you may have already voided any SLA protections…

Find out the other mistakes you need to avoid by downloading our FREE Ebook HERE!

The post Decide on your backup plan before it’s too late! appeared first on AWS Managed Services by Anchor.

Decide on your backup plan before it’s too late!

Post Syndicated from Sarah Wilson original https://www.anchor.com.au/blog/2017/02/18227/

Most businesses don’t think twice about taking out insurance policies to protect against various forms of loss, such as workers compensation or public liability. They’re rightly considered a cost of doing business. But what about the cost of downtime? If your website or application is a critical part of your business, you should be taking every precaution to guard against outages in the same way you insure yourself against other forms of loss.

The most serious business consequences of downtime are often lost customer registrations, lost sales or frustrated customers. In 2015, one of Anchor’s larger e-commerce customers transacted more than $100 million dollars in revenue through their Magento store. Crunching those numbers means a single hour of downtime equals a potential revenue loss of around $11,415.

In reality, the loss could be far worse as outages tend to strike during your busiest times, such as a major sale or expensive campaign promotion. So, the real cost could be four or five times your ‘business as usual’ number. Add to that the reputational damage to your brand and the financial impacts keep growing. Fortunately, every cloud provider offers some form of Service Level Agreement (SLA), including an uptime guarantee, and AWS is no different. SLAs and guarantees set out to give us confidence in the resilience of the network, infrastructure and services while describing how we may be compensated should an unscheduled outage occur.

But do you understand how the Amazon Web Service’s (AWS) SLA and uptime guarantee work in practice? You may be surprised to learn that any compensation you might receive may be far, far less than your lost business revenue. There are a couple of reasons for this:

  • Even a 99.5% uptime guarantee means your website or app can be offline for nearly 22 minutes each and every month without compensation—and that can add up to a lot of lost sales.
  • Compensation is in the form of service credit, capped at 10% of the monthly bill (although this increases to 30% capped if uptime is lower than 99.0%).

Relying on a cloud provider’s uptime guarantee is never an alternative to taking the necessary steps to ensure your deployment is highly available. It’s worth investing a little more to protect your bottom line.

Oh, and it’s entirely possible (even likely!) that you may have already voided any SLA protections…

Find out the other mistakes you need to avoid by downloading our FREE Ebook HERE!

The post Decide on your backup plan before it’s too late! appeared first on AWS Managed Services by Anchor.

Capcom Gets Resident Evil 7 “Link Shortener” Pirate Banned

Post Syndicated from Andy original https://torrentfreak.com/capcom-gets-resident-evil-7-link-shortener-pirates-banned-170204/

uploadAccording to copyright holders, online piracy is fueled by people’s desire to make money. The statement carries some truth but has traditionally applied to a relatively small number of people at the top of the food chain.

The advent of file-hosting platforms, however, has enabled the smaller guy to turn a small profit.

While many ‘cyberlockers’ pay out a commission to uploaders when a file is downloaded every 1000 times, there are some other ways to make a bit of cash too.

At their core, link shortening services such as Google’s goo.gl convert unmanageably long URLs into compact ones for easy sharing. They also offer analytics so people can understand who is clicking on their content.

However, there are also other services that pay out a small commission for each click. As a result, they have become popular with anyone looking to monetize all kinds of content, including pirates hoping to make a few extra bucks.

One such pirate contacted TF this week following the leaking of Resident Evil 7 online. With its Denuvo protection neutralized, owner Capcom reverted to sending DMCA notices, including to Google which was asked to remove well over 1,700 URLs from its search results.

Those notices contained requests to remove “link shortener” URLs – such as those provided by Adf.ly, Shorte.st, and Linkbucks.com – all of which pay commission to users when others click their links.

However, in addition to taking down Resident Evil 7 links from Google search, file-hosting and torrent sites, it appears that Capcom also sent complaints directly to Adf.ly. Of course, that meant the referrer links died, which in turn killed the revenue stream.

adfly

While there’s no doubt that Adf.ly links are widely used by pirates, the company informs TorrentFreak that it has a strict repeat infringer policy in place.

“We operate a 3 strike repeat offender policy. If the Company has received three valid DMCA notices, the Company will notify [the] user they have 72 hours to issue any Counter-Notices or their account will be suspended,” the policy reads.

That not only cost our source his links, but also his account and all of the commission money held in it.

“Upon suspension, no funds will be paid to the account owner and no links will be accessible belonging to the user’s account,” Adf.ly confirmed.

But perhaps of most interest is the effect this type of action has on uploader morale. If those who post Adf.ly and similar commission-based links to infringing content keep losing their accounts, ALL of the links in their account become useless for generating revenue, even if just one copyright holder such as Capcom continually files complaints.

There are also knock-on effects if content uploaders want to recover their position, our tipster notes.

“[This could] possibly screw [shortener] pirates for good since all these links are hardcoded into blog posts and not dynamically generated. Meaning once you get banned you have to manually ‘fix’ each and every link on all the previous uploads,” he explains.

“Capcom is very aggressive. If you reupload the thing they report it again after a few days. I got banned from Adfly thanks to Capcom. Adfly has a 3 strikes (in a 6 month period) policy. For me it worked, I stopped uploading Capcom games altogether.”

TF asked how easy it is to open another account with Adf.ly, in order to wipe the slate clean and start again. Apparently, it’s not straightforward since the company uses a number of techniques to spot those signing back up.

For example, according to our experience when simply accessing their site, Adf.ly blocks some popular VPN ranges. However, since the company keeps all of the money in closed accounts, other options are preferred.

“Adfly keeps all the money. No questions asked. You lose all rights immediately,” our source explains. “People usually give up and move to the next link shortener.”

And so, the cycle continues.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Uber was right to disable surge pricing at JFK

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/01/uber-was-right-to-disable-surge-pricing.html

Yesterday, the NYC taxi union had a one-hour strike protesting Trump’s “Muslim Ban”, refusing to pick up passengers at the JFK airport. Uber responded by disabling surge pricing at the airport. This has widely been interpreted as a bad thing, so the hashtag “#DeleteUber” has been trending, encouraging people to delete their Uber accounts/app.
These people are wrong, obviously so.

Surge Pricing

Uber’s “Surge Pricing” isn’t price gouging, as many assume. Instead, the additional money goes directly to the drivers, to encourage them come to the area surging and pick up riders. Uber isn’t a taxi company. It can’t direct drivers to go anywhere. All it can do is provide incentives. “Surge Pricing” for customers means “Surge Income” for the drivers, giving them an incentive. Drivers have a map showing which areas of the city are surging, so they can drive there.

Another way of thinking about it is “Demand Pricing”. It’s simply the economic Law of Supply and Demand. If demand increases, then prices increase, and then supply increases chasing the higher profits. It’s why famously you can’t get a taxi cab on New Years Eve, but you can get an Uber driver. Taxi drivers can’t charge more when demand is surging, so there’s no more taxis available on that date than on any other. But Uber drivers can/do charge more, so there’s more Uber drivers.

Supply and Demand is every much a law as Gravity. If the supply of taxi drivers is less than the demand, then not everyone is going to get a ride. That’s basic math. If there’s only 20 drivers right now, and 100 people wanting a ride, then 80 riders are going to be disappointed. The only solution is more drivers. Paying drivers more money gets more drivers. The part time drivers, the drivers planning on partying instead of working, will decide to work New Years chasing the surge wages.

Uber’s announcement

Uber made the following announcement:

Without turning off Surge Pricing, Uber’s computers would notice the spike in demand, as would-be taxi customers switch to Uber. The computers would then institute surge pricing around JFK automatically. This would notify the drivers in the area, who would then flock to JFK, chasing the higher income. This would be bad for the strike.

By turning off surge pricing, there would be no increase in supply. It would mean the only drivers going to JFK are those dropping off passengers. It would mean that Uber wouldn’t be servicing any more riders than on a normal day, making no difference to the taxi strike, one way or the other.

Why wouldn’t Uber stop pickups at JFK altogether, joining the strike? Because it’d be a tough decision for them. They have a different relationship with their drivers. Both taxis and Uber are required to take passengers to the airport if asked, but taxis are much better at weaseling out of it [*]. That means screwing drivers, forcing them to go way out to JFK with no return fare. In contrast, taxis were warned enough ahead of time to avoid the trip.

The timing

The above section assumes a carefully considered Uber policy. In reality, they didn’t have the time.
The taxi union didn’t announce their decision until 5pm, with the strike set for only one hour, between 6pm and 7pm.

Uber’s announcement was at 7:30pm, half hour after the strike was over. They may not have been aware of the strike until after it started, when somebody noticed an enormous surge starting at 6pm. I can imagine them running around in a panic at 6:05pm, trying to figure out how to respond.

Disabling surge pricing is probable their default action. They’ve been down this route before. Every time there is a terrorist attack or natural disaster, and computers turn on Surge Pricing, somebody has to rush to go turn it off again, offer customer rebates, and so on for PR purposes.

Why doesn’t the press report this?

Everyone knows Surge Pricing is evil. After all, that’s what you always read it in the press. But that’s because the press knows as little about basic economics as their readers.

A good example is this CNN story on the incident [*].

CNN describes this as “effectively lowering the cost of a ride“. They ignore the reality, that this was “effectively lowering the supply of rides“. Reading this, readers will naturally assume there’s an unlimited supply ready to service the lower priced rides. What CNN fails to tell readers is that there is no increase in supply, that there can’t be more rides than normal. They ignore the bit in the tweet that warns against longer wait times due to lack of supply.

Conclusion

The timing alone makes the #DeleteUber claims nonsense, as the strike was already over for 36 minutes when Uber tweeted. But in any case, Uber’s decision not to do surge pricing did not “entice” customers with lower prices — they would still have long waits (as the tweet says), causing a strong dis-enticement. No rational person could interpret this as Uber trying to profit from this event.

On the other hand, before this event, Uber announced it’s opposition to Trump’s action, and promised to help any of it’s drivers adversely affected.


Update: The #deleteUber people are switching to Lyft, which continued to pick up passengers during the strike. Lyft is a company funded by Trump adviser Peter Thiel.

The US ‘Six Strikes’ Anti-Piracy Scheme is Dead

Post Syndicated from Ernesto original https://torrentfreak.com/the-us-six-strikes-anti-piracy-scheme-is-dead-170128/

pirate-runningIn 2011, the MPAA and RIAA teamed up with several major U.S. Internet providers, announcing their plan to shift the norms and behavior of BitTorrent pirates.

The parties launched the Center for Copyright Information and agreed on a system through which Internet account holders are warned if their connections are used to download pirated content.

The program allowed ISPs to take a variety of repressive measures, including bandwidth throttling and temporary Internet disconnections.

The “voluntary” agreement was praised by the US Government and seen as an example for other countries, including the UK, where a similar system is about to start. At the same time, however, the Copyright Alert System members have just ended their efforts.

“After four years of extensive consumer education and engagement, the Copyright Alert System will conclude its work,” the members of the Center for Copyright Information (CCI) just announced.

“The program demonstrated that real progress is possible when content creators, Internet innovators and consumer advocates come together in a collaborative and consensus-driven process.”

It’s unclear what progress the members are referring to, as the system mostly excelled at its failure to share information with the public.

Since its inception, CCI has issued only a few press releases, and any recent data on the scope and effectiveness of the program is lacking. The only figures that were ever published cover the first ten months, ending December 2013.

Last summer we publicly questioned if the Copyright Alert System was doomed, but at the time CCI’s Executive Director Jim Kohlenberger was still hopeful.

“Going forward, we continue to look for opportunities to refine the system, and to advance our efforts and to elevate our consumer-focused mission in pragmatic ways,” Kohlenberger said.

However, it now appears that the parties couldn’t reach consensus on how to extend or update the existing agreement, to keep going for the years to come. Why they eventually chose to stop the program entirely is not clear from the announcement.

In their public-facing statement, copyright holders and ISPs remain positive, but it wouldn’t be a surprise if the mood behind the scenes is grimmer.

“We want to thank everyone who put in the hard work to develop this program and make it a success, including past and present members of our Advisory Board. While this particular program is ending, the parties remain committed to voluntary and cooperative efforts to address these issues,” CCI concludes.

The decision to end the “six strikes” scheme marks the end of an era. While it means that pirates no longer have to fear temporary Internet disconnections and other mitigation measures that were part of the program, MPAA and RIAA can still send takedown notifications of their own accord.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Internet Freedom Day: How Massive ‘Blackout’ Protests Killed Two Anti-Piracy Bills

Post Syndicated from Ernesto original https://torrentfreak.com/internet-freedom-day-how-blackout-protests-killed-two-anti-piracy-bills-170118/

internetfreedomsopaAt the start of the decade several new bills were introduced in the United States, aiming to make it easier for copyright holders to enforce their rights online.

The proposals, including SOPA and PIPA, would’ve streamlined the shutting down of allegedly infringing domain names and threatened to increase liability for third party services, among other things.

Fearing broad Internet censorship, the proposals ignited a wave of protests led by various activist groups. But, what started as a small protest movement was swiftly elevated to mainstream news, when tech giants such as Google and Wikipedia joined in.

Exactly five years ago, following months of scattered protests, the opposition peaked into a massive Internet blackout campaign.

As a result, the balance of power tipped and Hollywood and the music industry were forced into retreat. Soon after the blackout, both bills were declared dead, a victory which is still frequently referenced today.

A year after the succesfull blackout campaign, January 18 was declared Internet Freedom Day. While the first celebration attracted international news headlines, it’s now become a relatively small event.

Still, many of the concerns that were brought up half a decade ago remain relevant today. Site blocking efforts and domain name seizures are still high on the agenda, and the same is true for search engine ‘censorship’ and liability for ISPs and other third party services.

What has changed is that, instead of tackling these issues through legislation, rightsholders are now focusing on individual lawsuits and voluntary agreements.

This means that for activists, Internet Freedom Day could still be relevant now, both as a remembrance and as a call to action. In any case, it’s worth noting that without the protests things could have been very different today.

Below are a few of the many ‘blackout’ pages that were up (or down) five years ago.

Wikipedia

Wikipedia was completely inaccessible for 24 hours, except the pages about censorship, PIPA and SOPA, of course.

Google

Google blacked out its logo to protest PIPA/SOPA and added a link to a resource page where people could take action.

google strike

Reddit

Reddit directed its users to a resource site where they could take action.

reddit

Imgur

The image sharing site Imgur offered information on the protests as well as steps to take action.

imgurprotest

Demonoid

Demonoid, one of the largest BitTorrent communities at the time, went dark completely, with a nice spotlight effect.

demonid

Firefox

Firefox users were welcomed with a dark themed default homepage, alerting people about the looming PIPA/SOPA threats.

Craigslist

The online classified advertisements portal Craigslist directed the public to a resource site where they could take action.

craigslist-blackout

WordPress

WordPress joined the protest too, and decided to censor itself for the day.

wordpress

Minecraft

Minecraft protested as well, but in red with the tagline “PIPA & SOPA, How About NOPA.”

pipa

TorrentFreak

Yes, we also took part, giving readers the option to save the Internet, or… Meh…

torrentfreak-blackout

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Attributing the DNC Hacks to Russia

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2017/01/attributing_the_1.html

President Barack Obama’s public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks and other sources has opened up a debate on what constitutes sufficient evidence to attribute an attack in cyberspace. The answer is both complicated and inherently tied up in political considerations.

The administration is balancing political considerations and the inherent secrecy of electronic espionage with the need to justify its actions to the public. These issues will continue to plague us as more international conflict plays out in cyberspace.

It’s true that it’s easy for an attacker to hide who he is in cyberspace. We are unable to identify particular pieces of hardware and software around the world positively. We can’t verify the identity of someone sitting in front of a keyboard through computer data alone. Internet data packets don’t come with return addresses, and it’s easy for attackers to disguise their origins. For decades, hackers have used techniques such as jump hosts, VPNs, Tor and open relays to obscure their origin, and in many cases they work. I’m sure that many national intelligence agencies route their attacks through China, simply because everyone knows lots of attacks come from China.

On the other hand, there are techniques that can identify attackers with varying degrees of precision. It’s rarely just one thing, and you’ll often hear the term “constellation of evidence” to describe how a particular attacker is identified. It’s analogous to traditional detective work. Investigators collect clues and piece them together with known mode of operations. They look for elements that resemble other attacks and elements that are anomalies. The clues might involve ones and zeros, but the techniques go back to Sir Arthur Conan Doyle.

The University of Toronto-based organization Citizen Lab routinely attributes attacks against the computers of activists and dissidents to particular Third World governments. It took months to identify China as the source of the 2012 attacks against the New York Times. While it was uncontroversial to say that Russia was the source of a cyberattack against Estonia in 2007, no one knew if those attacks were authorized by the Russian government — until the attackers explained themselves. And it was the Internet security company CrowdStrike, which first attributed the attacks against the Democratic National Committee to Russian intelligence agencies in June, based on multiple pieces of evidence gathered from its forensic investigation.

Attribution is easier if you are monitoring broad swaths of the Internet. This gives the National Security Agency a singular advantage in the attribution game. The problem, of course, is that the NSA doesn’t want to publish what it knows.

Regardless of what the government knows and how it knows it, the decision of whether to make attribution evidence public is another matter. When Sony was attacked, many security experts — myself included­ — were skeptical of both the government’s attribution claims and the flimsy evidence associated with it. I only became convinced when the New York Times ran a story about the government’s attribution, which talked about both secret evidence inside the NSA and human intelligence assets inside North Korea. In contrast, when the Office of Personnel Management was breached in 2015, the US government decided not to accuse China publicly, either because it didn’t want to escalate the political situation or because it didn’t want to reveal any secret evidence.

The Obama administration has been more public about its evidence in the DNC case, but it has not been entirely public.

It’s one thing for the government to know who attacked it. It’s quite another for it to convince the public who attacked it. As attribution increasingly relies on secret evidence­ — as it did with North Korea’s attack of Sony in 2014 and almost certainly does regarding Russia and the previous election — ­the government is going to have to face the choice of making previously secret evidence public and burning sources and methods, or keeping it secret and facing perfectly reasonable skepticism.

If the government is going to take public action against a cyberattack, it needs to make its evidence public. But releasing secret evidence might get people killed, and it would make any future confidentiality assurances we make to human sources completely non-credible. This problem isn’t going away; secrecy helps the intelligence community, but it wounds our democracy.

The constellation of evidence attributing the attacks against the DNC, and subsequent release of information, is comprehensive. It’s possible that there was more than one attack. It’s possible that someone not associated with Russia leaked the information to WikiLeaks, although we have no idea where that someone else would have obtained the information. We know that the Russian actors who hacked the DNC­ — both the FSB, Russia’s principal security agency, and the GRU, Russia’s military intelligence unit — ­are also attacking other political networks around the world.

In the end, though, attribution comes down to whom you believe. When Citizen Lab writes a report outlining how a United Arab Emirates human rights defender was targeted with a cyberattack, we have no trouble believing that it was the UAE government. When Google identifies China as the source of attacks against Gmail users, we believe it just as easily.

Obama decided not to make the accusation public before the election so as not to be seen as influencing the election. Now, afterward, there are political implications in accepting that Russia hacked the DNC in an attempt to influence the US presidential election. But no amount of evidence can convince the unconvinceable.

The most important thing we can do right now is deter any country from trying this sort of thing in the future, and the political nature of the issue makes that harder. Right now, we’ve told the world that others can get away with manipulating our election process as long as they can keep their efforts secret until after one side wins. Obama has promised both secret retaliations and public ones. We need to hope they’re enough.

This essay previously appeared on CNN.com.

EDITED TO ADD: The ODNI released a declassified report on the Russian attacks. Here’s a New York Times article on the report.

And last week there were Senate hearings on this issue.

EDITED TO ADD: A Washington Post article talks about some of the intelligence behind the assessment.

EDITED TO ADD (1/10): The UK connection.

‘Copyright Trolls’ Hit With Class Action Lawsuit For Theft by Deception

Post Syndicated from Ernesto original https://torrentfreak.com/copyright-trolls-hit-with-class-action-lawsuit-for-theft-by-deception-170104/

trollsignIn recent years so-called copyright trolls have been accused of various dubious schemes and actions, including intimidation and extortion.

Last month it became apparent that these concerns are not just one-sided complaints, when the U.S. Government launched a criminal case against two of Prenda Law’s principals.

This week, copyright trolling allegations are once again brought to the forefront. In a class action lawsuit filed in an Illinois federal court on behalf of accused pirates, a group of rightsholders, lawyers, and a torrent monitoring expert are accused taking part in an “extortion conspiracy.”

The case centers around Clear Skies Network (CSN) which brought several lawsuits against alleged downloaders of the movie “Good Kill.” As is common in these campaigns, the rightsholders work in tandem with lawyers and BitTorrent monitoring experts to make their case.

One of their targets was a 62-year-old woman, who has now decided to strike back, also on behalf of other defendants that are in the same position.

The complaint details how the woman was repeatedly threatened and intimidated with a possible $150,000 in statutory damages, asking her to settle for only a few thousand. It also mentions various other allegations including false statements.

In addition, the complaint notes that the defendants may have purposefully operated a honeypot where they themselves distributed the infringing movie before its theatrical release in the U.S.

“CSN and/or the German John Doe relies on ‘fake experts’ and/or honeypots or seeds its Motion Picture for the express purpose of being able to claim that it has ‘caught’ people downloading the copyrighted material,” it reads.

The monitored torrents and the various associated IP-addresses were used as the base evidence for copyright lawsuits throughout the country. According to the class action complaint, the rightsholders continuously relied on the same German monitoring outfit whose evidence is insufficient to prove infringement.

Instead of protecting copyrights, the accused downloaders believe that the entire practice is primarily meant to generate a steady income flow for the filmmakers and other parties involved in the conspiracy.

“CSN’s existence has little to do with the protection of a copyright, and is instead an entity formed for the primary purpose of income generation through exploitation of the court system,” the complaint states.

As such, they accuse the alleged conspiracy of using the copyright cases as an extortion mechanism.

“[The defendants] have been engaged in a conspiracy to monetize infringement whereby they use questionable means to entrap unsuspecting Illinois residents who have allegedly violated CSN’s copyrights, and then extort money from these individuals using threatening and misleading settlement and litigation tactics under the guise of the Copyright Act.”

For the 62-year-old woman, this led to physical and emotional distress, and through the class action suit, she hopes to set the record straight.

Together with other potential members of the class, who have been treated similarly, she accuses CSN, the lawyers and the German torrent monitoring outfit, of conspiracy to improperly prosecute copyright infringement.

As compensation for the alleged unlawful acts, including of theft by deception barratry and maintenance, they ask for actual monetary damages as well as punitive damages.

According to FCT’s ‘Sophisticated Jane Doe’, it is about time that the Northern Illinois District takes a close look at these practices, and she hopes that it will help to finally cure this “judicial plague.”

A full copy of the class action complaint is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Dear Obama, From Infosec

Post Syndicated from Robert Graham original http://blog.erratasec.com/2017/01/dear-obama-from-infosec.html

Dear President Obama:

We are more than willing to believe Russia was responsible for the hacked emails/records that influenced our election. We believe Russian hackers were involved. Even if these hackers weren’t under the direct command of Putin, we know he could put a stop to such hacking if he chose. It’s like harassment of journalists and diplomats. Putin encourages a culture of thuggery that attacks opposition, without his personal direction, but with his tacit approval.

Your lame attempts to convince us of what we already agree with has irretrievably damaged your message.

Instead of communicating with the America people, you worked through your typical system of propaganda, such as stories in the New York Times quoting unnamed “senior government officials”. We don’t want “unnamed” officials — we want named officials (namely you) who we can pin down and question. When you work through this system of official leaks, we believe you have something to hide, that the evidence won’t stand on its own.

We still don’t believe the CIA’s conclusions because we don’t know, precisely, what those conclusions are. Are they derived purely from companies like FireEye and CrowdStrike based on digital forensics? Or do you have spies in Russian hacker communities that give better information? This is such an important issue that it’s worth degrading sources of information in order to tell us, the American public, the truth.

You had the DHS and US-CERT issue the “GRIZZLY-STEPPE”[*] report “attributing those compromises to Russian malicious cyber activity“. It does nothing of the sort. It’s full of garbage. It contains signatures of viruses that are publicly available, used by hackers around the world, not just Russia. It contains a long list of IP addresses from perfectly normal services, like Tor, Google, Dropbox, Yahoo, and so forth.

Yes, hackers use Yahoo for phishing and malvertising. It doesn’t mean every access of Yahoo is an “Indicator of Compromise”.

For example, I checked my web browser [chrome://net-internals/#dns] and found that last year on November 20th, it accessed two IP addresses that are on the Grizzley-Steppe list:

No, this doesn’t mean I’ve been hacked. It means I just had a normal interaction with Yahoo. It means the Grizzley-Steppe IoCs are garbage.

If your intent was to show technical information to experts to confirm Russia’s involvement, you’ve done the precise opposite. Grizzley-Steppe proves such enormous incompetence that we doubt all the technical details you might have. I mean, it’s possible that you classified the important details and de-classified the junk, but even then, that junk isn’t worth publishing. There’s no excuse for those Yahoo addresses to be in there, or the numerous other problems.

Among the consequences is that Washington Post story claiming Russians hacked into the Vermont power grid. What really happened is that somebody just checked their Yahoo email, thereby accessing one of the same IP addresses I did. How they get from the facts (one person accessed Yahoo email) to the story (Russians hacked power grid) is your responsibility. This misinformation is your fault.

You announced sanctions for the Russian hacking [*]. At the same time, you announced sanctions for Russian harassment of diplomatic staff. These two events are confused in the press, with most stories reporting you expelled 35 diplomats for hacking, when that appears not to be the case.

Your list of individuals/organizations is confusing. It makes sense to name the GRU, FSB, and their officers. But why name “ZorSecurity” but not sole proprietor “Alisa Esage Shevchenko”? It seems a minor target, and you give no information why it was selected. Conversely, you ignore the APT28/APT29 Dukes/CozyBear groups that feature so prominently in your official leaks. You also throw in a couple extra hackers, for finance hacks rather than election hacks. Again, this causes confusion in the press about exactly who you are sanctioning and why. It seems as slipshod as the DHS/US-CERT report.

Mr President, you’ve got two weeks left in office. Russia’s involvement is a huge issue, especially given President-Elect Trump’s pro-Russia stance. If you’ve got better information than this, I beg you to release it. As it stands now, all you’ve done is support Trump’s narrative, making this look like propaganda — and bad propaganda at that. Give us, the infosec/cybersec community, technical details we can look at, analyze, and confirm.

Regards,
Infosec

Research: Piracy ‘Warnings’ Fail to Boost Box Office Revenues

Post Syndicated from Ernesto original https://torrentfreak.com/research-piracy-warnings-fail-to-boost-box-office-revenues-170103/

runningOver the past decade, entertainment industry groups have lobbied hard for so-called graduated response systems, where alleged pirates are warned and in some cases fined.

France was one of the pioneers in this area with its three-strikes anti-piracy law, and similar policies have been implemented in countries such as Ireland, South Korea, New Zealand and the United States, among others.

One of the main goals of these policies is to lower overall piracy rates and ultimately increase revenues for rightsholders. The question is, though, whether the measures will reach this desired goal.

Thus far there has been very little research on the topic but a new study, published by Dr. Jordi McKenzie of Sydney’s Macquarie University, suggests that these “strikes” policies don’t boost box office revenues.

For his paper, published in the most recent issue of the journal ‘Information Economics and Policy,’ McKenzie looked at opening week and total box office revenues for 6,083 unique films released between 2005 and 2013.

Using a variety of statistical analyses, he then measured the impact of the graduated response systems and related policies in six countries. In addition, another ten countries were included as a control measure.

The overall conclusion based on thousands of data points is that these anti-piracy policies have no significant impact on box-office income.

“This study has considered whether this has proven true in six countries’ experiences in the context of theatrical film revenues. No consistent evidence is found that supports increased theatrical box office revenues in any of the markets,” the conclusion reads.

The researcher did apply several robustness checks. For example, he looked at possible effects for separate movie genres pirates could be more or less interested in, but none explained the findings.

“While various statistical explanations for this ‘no-result’ finding have been considered, none are consistent with increasing revenues, which suggests the explanation lies elsewhere.”

According to McKenzie, there could be several explanations why box office attendance wasn’t influenced. Pirates might simply be continuing their old habits because the catch rate is relatively low, or it’s possible that they’re taking measures to hide their piracy habits. Through VPNS or by switching to streaming or cyberlocker services which aren’t monitored, for example.

While the study is mostly interesting due to its lack of results, there was another finding that’s worth highlighting. As a “crude test,” McKenzie also researched the effect of the Megaupload shutdown, observing a small decrease in box office revenues.

“Evaluating across all control countries, all treatment countries, and all countries together, no evidence of an increase in box office is observed after this date. In fact, as observed by Peukert et al.(2015), there is actually slight evidence of a decline in box office revenues after this date,” the paper reads.

According to McKenzie, this suggests that pirates are quite sophisticated. If needed, they can easily move from one service to another, much like many of the torrent users who moved to other sites when KickassTorrents was taken down last summer.

Of course, the research also has its limitations. For one, it only looks at the impact on the movie industry, and box office revenues in particular. More research is needed to see if the effects are different elsewhere, but for now the effect of graduated response systems appear to be very limited.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.