Tag Archives: Swift

Steam Censors MEGA.nz Links in Chats and Forum Posts

Post Syndicated from Ernesto original https://torrentfreak.com/steam-censors-mega-nz-links-in-chats-and-forum-posts-180421/

With more than 150 million registered accounts, Steam is much more than just a game distribution platform.

For many people, it’s also a social hangout and a communication channel.

Steam’s instant messaging tool, for example, is widely used for chats with friends. About games of course, but also to discuss lots of other stuff.

While Valve doesn’t mind people socializing on its platform, there are certain things the company doesn’t want Steam users to share. This includes links to the cloud hosting service Mega.

Users who’d like to show off some gaming footage, or even a collection of cat pictures they stored on Mega, are unable to do so. As it turns out, Steam actively censors these type of links from forum posts and chats.

In forum posts, these offending links are replaced by the text {LINK REMOVED} and private chats get the same treatment. Instead of the Mega link, people on the other end only get a mention that a link was removed.

Mega link removed from chat

While Mega operates as a regular company that offers cloud hosting services, Steam notes on their website that the website is “potentially malicious.”

“The site could contain malicious content or be known for stealing user credentials,” Steam’s link checker warns.

Potentially malicious…

It’s unclear what malicious means in this context. Mega has never been flagged by Google’s Safe Browsing program, which is regarded as one of the industry standards for malware and other unwanted software.

What’s more likely is that Mega’s piracy stigma has something to do with the censoring. As it turns out, Steam also censors 4shared.com, as well as Pirate Bay’s former .se domain name.

Other “malicious sites” which get the same treatment are more game oriented, such as cheathappens.com and the CSGO Skin Screenshot site metjm.net. While it’s understandable some game developers don’t like these, malicious is a rather broad term in this regard.

Mega clearly refutes that they are doing anything wrong. Mega Chairman Stephen Hall tells TorrentFreak that the company swiftly removes any malicious content, once it receives an abuse notice.

“It is crazy for sites to block Mega links as we respond very quickly to disable any links that are reported as malware, generally much quicker than our competitors,” Hall says.

Valve did not immediately reply to our request for clarification so the precise reason for the link censoring remains unknown.

That said, when something’s censored the public tends to work around any restrictions. Mega links are still being shared on Steam, with a slightly altered URL. In addition, Mega’s backup domain Mega.co.nz still works fine too.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

MPAA and RIAA Still Can’t Go After Megaupload

Post Syndicated from Ernesto original https://torrentfreak.com/mpaa-and-riaa-still-cant-go-after-megaupload-180414/

Well over six years have passed since Megaupload was shutdown, but there is still little progress in the criminal proceedings against its founders.

The United States wants New Zealand to extradite the men but have thus far failed to achieve that goal. Dotcom and his former colleagues are using all legal means to prevent this eventuality and a final conclusion has yet to be reached.

While all parties await the outcome, the criminal case in the United States remains pending. The same goes for the lawsuits filed by the MPAA and RIAA in 2014.

Since the civil cases may influence the criminal proceedings, Megaupload’s legal team previously managed to put these cases on hold, and last week another extension was granted.

Previous extensions didn’t always go this easy. Last year there were concerns that the long delays could result in the destruction of evidence, as some of Megaupload’s hard drives were starting to fail.

However, after the parties agreed on a solution to back-up and restore the files, this is no longer an issue.

“With the preservation order in place, and there being no other objection, Defendant Megaupload hereby moves the Court to enter the attached proposed order, continuing the stay in this case for an additional six months,” Megaupload’s legal team recently informed the court.

Without any objections from the MPAA and RIAA, U.S. District Court Judge Liam O’Grady swiftly granted Megaupload’s request to stay both lawsuits until October this year.

While the US Government hopes to have Dotcom in custody by that time, the entrepreneur has different plans. Following a win at the Human Rights Tribunal in New Zealand, he hopes to put the criminal case behind him soon.

If that indeed happens, the MPAA and RIAA might have their turn.

The latest stay order

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Popular Torrent Site Loses Domain After Copyright Complaint

Post Syndicated from Ernesto original https://torrentfreak.com/popular-torrent-site-loses-domain-after-copyright-complaint-180409/

With millions of visitors per month, Yggtorrent is one of the largest torrent sites on the Internet.

Catering to a French audience, it’s not widely known everywhere, but in France, it’s getting close to a spot among the 100 most visited sites in the country.

Yggtorrent is not the typical torrent indexer. It sees itself as a community instead and has a dedicated tracker, something that’s quite rare these days. The site is really only a few months old and filled the gap T411 left behind when it closed last year.

Its popularity hasn’t gone unnoticed by copyright holders either. In addition to sending thousands of DMCA notices, local anti-piracy group SACEM went a step further a few weeks ago, asking Yggtorrent’s domain registrar Internet.bs for help.

In a letter sent on behalf of SACEM, BrandAnalytic pointed out that the torrent site is offering copyrighted content without permission from the owners, thereby violating the law.

“This contravening domain name provides users with copyright-protected works without any express or tacit permission of the societies or their authors, composers and publishers,” the complaint reads.

BrandAnalytic/SACEM’s complaint

Strangely enough, the letter also accuses the site of phishing. As evidence, BrandAnalytic sent a screenshot of the site’s registration page while mentioning that it automatically installs cookies on users’ computers.

Since Yggtorrent uses a Whois privacy service, BrandAnalytic says it can’t identify the owners. They, therefore, ask Internet.bs to step in and take the domain offline.

“As you are the Registrar of this contravening domain name, we count on your prompt and amicable collaboration to remove it from the global domain tree,” BrandAnalytic writes.

The complaint was sent late February and Internet.bs forwarded it to the torrent site at the time, so it could respond appropriately. However, Yggtorrent did not respond at all.

After a reminder, the registrar decided to put the torrent site’s .com domain name on hold a few days ago, which means that it became inaccessible.

TorrentFreak spoke to an operator of Yggtorrent who explains that the site receives thousands of DMCA complaints and that it’s impossible to answer them all. They’ll now leave the .com domain domain behind and move to a new one, Yggtorrent.is.

Instead of using Internet.bs as registrar, the new domain name was purchased through Njalla, the privacy-oriented domain registration service that was founded by former Pirate Bay spokesperson Peter Sunde.

“Now, we know that we should not use internet.bs anymore. This is not the first time they suspend a domain name like this. It happened to Extratorrent in the past.

“We use Njalla right now, it’s safe,” Yggtorrent’s operator adds.

While the site is indeed back online, older torrents may not function as usual, as the tracker of the .com domain is no longer accessible. The site, therefore, recommends users to update the tracker address manually got get them going again.

Yggtorrent, which came under new management recently, appears to come out of this issue relatively unscathed. However, being in the crosshairs of SACEM is not without risk. The organization previously took out What.cd and Zone-Telechargement, among others.

Yggtorrent’s homepage

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Roku Removes USTVnow Service Following “3rd Party” Copyright Complaint

Post Syndicated from Andy original https://torrentfreak.com/roku-removes-ustvnow-service-following-3rd-party-copyright-complaint-180329/

Earlier this week, customers of the popular Roku streaming media player began complaining about a problem with the product, specifically in connection with USTVnow.

USTVnow promotes itself as a service targeted at American expats and the military, offering “a wide range of live American channels to watch on their computer, mobile device or television.”

Indeed, USTVnow offers a fairly comprehensive service, with eight channels (including ABC and FOX) on its free tier and 24 channels on its premium $29.00 per month package.

USTVnow’s top package

Having USTVnow available via Roku helps to spread the free tier and drive business to the paid tier but, as of this week, that’s stopped happening. USTVnow has been completely removed from the Roku platform, much to the disappointment of customers.

“I spoke to Roku support and [they told me] that USTVNOW is no longer available for Roku at this time,” a user in Roku’s forums complained.

In response, a Roku engineer said that “Roku has been asked to remove this channel by the content rights owner”, which was as confusing as it was informative.

USTVnow endorses the Roku product, actively promotes it on the front page of its site, and provides helpful setup guides.

So, in an effort to get to the bottom of the problem, TorrentFreak contacted Roku, asking for details. The company responded quickly.

“Yes, that is correct, the channel was removed from our platform,” Roku spokesperson Tricia Misfud confirmed.

“When we receive a notice regarding copyright infringement we are swift to review which in this case resulted in us removing the channel.”

Roku pointed us to its copyright infringement page which details its policies and actions when a complaint is received. However, that didn’t really help to answer why it would remove USTVnow when USTVnow promotes the Roku service.

So we asked Roku again to elaborate on who filed the notice and on what grounds.

“The notice was in regards to the copyright of the content,” came the response.

While not exactly clear, this suggested that USTVnow wasn’t the problem but someone else. Was it a third-party perhaps? If so, who, and what was the content being complained about?

“It was from a third party,” came the vague response.

With USTVnow completely unavailable via Roku, there are some pretty annoyed customers out there. However, it seems clear that at least for now, the company either can’t or won’t reveal the precise details of the complaint.

It could conceivably be from one of the major channels offered in the USTVnow package but equally, it could be a DMCA notice from a movie or TV show copyright holder who objects to their content being distributed on the device, or even USTVnow itself.

USTVnow has a deal with Nittany Media to provide streaming services based on Nittany’s product but there is always a potential for a licensing problem somewhere, potentially big ones too.

We’ll update this article if and when more information becomes available.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

2018-03-13 китайски лаптоп

Post Syndicated from Vasil Kolev original https://vasil.ludost.net/blog/?p=3380

(те всичките лаптопи се правят в Китай вече, ама не ми хрумва как да го кръстя иначе)

Преди някакво време разбрах за един проект на ентусиасти от Китай за нови дъна за стари лаптопи. От много време ми липсваше 4:3 дисплея, T420 от време на време ми беше бавен (дори с 16GB памет и SSD), по-новите thinkpad-и са с гадна клавиатура, а Retro проекта в крайна сметка не беше customizable и не беше приемлив (с тая NVidia карта и широк дисплей, да не говорим за цената).

Поръчах си един t60p от ebay, и след като дойде тръгнах да си поръчвам дъното. От форума на хората и някаква facebook страница намерих контакти, писах си с един човек, който ми предложи директно лаптоп, но аз си поръчах само дъното (in hindsight, да си бях взел цял лаптоп). Няколко неща по темата с поръчването:
– опциите бяха SWIFT и western union. Не ми се разхождаше, та го направих по SWIFT, и там се оказа, че има допълнителни такси, които взимат от получателя (които не могат да вземат от мен);
– За освобождаване от митница ми поискаха следните неща: фактура (която поисках да ми издадат, щото нямаше) която включва и цената и транспортните разходи, EORI номер, пълномощно да ме представляват и документ за направеното плащане (изискване на митниците за стоки от Китай и Хонг Конг, пише “SWIFT или PayPal”);
– EORI номер може да си издадете безплатно, ако имате електронен подпис и търпение (бях си издал за нещо друго, отне около седмица);
– DHL могат да пратят как изглежда митническата декларация, да си я платите с един online превод и да си получите нещата (иначе искат 24 лв да направят превода те);

Дъното беше $780 и доставка, вариантът за това дъно с цял лаптоп (без памет) беше $980 за 1400×1050 матрица и $1100 с 1600×1200 матрица (нови, IPS, по думи на продавача).

Хората си имат и форум, в който има и инструкции за сглобяване (google translate е ваш добър приятел за тия страници). При мен сглобяването се забави, понеже се оказа, че има вариант на T60p, който е с 16:10 матрица, за който дъното не става, и аз съм взел точно такъв, та си поръчвах нов и чаках да пристигне.

Последва сглабянето с помощта на добрите хора от adsys (на които им отрових живота, щото се оказа доста пипкава работа):
– има малко рязане по кутията (има го описано във форума, със снимки);
– болтовете за закачане са по-малко, дупките на някои са запушени;
– на дъното до конектора за монитор има превключвател за типа на дисплея (1024×768 или по-голям);
– трябва ви DDR4 памет;
– най-вероятно wifi картата от преди няма да ви върши работа, аз си взех моята от T420-ката, и малко трябваше да се лепне с тиксо, понеже е половината слот и нямам преходник;
– CD-то от T60 няма да влезе, понеже е PATA, а конектора на дъното е SATA (не, че ползвам CD). Трябва да си измисля нещо за запушване на дупката;

Неща за дооправяне:
– поне за момента под linux GPU-то не работи (забива на boot), и за това си ползвам xfwm4 вместо compiz, submit-нал съм bug report;
– горните бутони на touchpad-а спират да работят след suspend/resume, направил съм един fix, ама трябва да събера желание да рестартирам.

Моята работна среда на 4:3 се усеща доста по-приятно и най-накрая мога да си пусна email клиента в режим като преди (отляво списък папки, отдясно разделено на две – отгоре списък писма, отдолу отвореното писмо, вместо три вертикални колони, дето едвам пасваха). Също така с тоя процесор вече firefox-а се движи почти прилично, като си оправя и GPU-то, вероятно всичко ще лети.

Trump Promises Copyright Crackdown as DoJ Takes Aim at Streaming Pirates

Post Syndicated from Andy original https://torrentfreak.com/trump-promises-copyright-crackdown-as-doj-takes-aim-at-streaming-pirates-180308/

For the past several years most of the world has been waking up to the streaming piracy phenomenon, with pre-configured set-top boxes making inroads into millions of homes.

While other countries, notably the UK, arrested many individuals while warning of a grave and looming danger, complaints from the United States remained relatively low-key. It was almost as if the stampede towards convenient yet illegal streaming had caught the MPAA and friends by surprise.

In October 2017, things quickly began to change. The Alliance for Creativity and Entertainment sued Georgia-based Tickbox TV, a company selling “fully-loaded” Kodi boxes. In January 2018, the same anti-piracy group targeted Dragon Media, a company in the same line of business.

With this growing type of piracy now firmly on the radar, momentum seems to be building. Yesterday, a panel discussion on the challenges associated with piracy from streaming media boxes took place on Capitol Hill.

Hosted by the Information Technology and Innovation Foundation (ITIF), ‘Unboxing the Piracy Threat of Streaming Media Boxes’ went ahead with some big name speakers in attendance, not least Neil Fried, Senior Vice President, Federal Advocacy and Regulatory Affairs at the MPAA.

ITIF and various industry groups tweeted many interesting comments throughout the event. Kevin Madigan from Center for the Protection of Intellectual Property told the panel that torrent-based content “is becoming obsolete” in an on-demand digital environment that’s switching to streaming-based piracy.

While there’s certainly a transition taking place, 150 million worldwide torrent users would probably argue against the term “obsolete”. Nevertheless, the same terms used to describe torrent sites are now being used to describe players in the streaming field.

“There’s a criminal enterprise going on here that’s stealing content and making a profit,” Fried told those in attendance.

“The piracy activity out there is bad, it’s hurting a lot of economic activity & creators aren’t being compensated for their work,” he added.

Tom Galvin, Executive Director at the Digital Citizens Alliance, was also on the panel. Unsurprisingly, given the organization’s focus on the supposed dangers of piracy, Galvin took the opportunity to underline that position.

“If you go down the piracy road, those boxes aren’t following proper security protocols, there are many malware risks,” he said. It’s a position shared by Fried, who told the panel that “video piracy is the leading source of malware.”

Similar claims were made recently on Safer Internet Day but the facts don’t seem to back up the scare stories. Still, with the “Piracy is Dangerous” strategy already out in the open, the claims aren’t really unexpected.

What might also not come as a surprise is that ACE’s lawsuits against Tickbox and Dragon Media could be just a warm-up for bigger things to come. In the tweet embedded below, Fried can be seen holding a hexagonal-shaped streaming box, warning that the Department of Justice is now looking for candidates for criminal action.

What form this action will take when it arrives isn’t clear but when the DoJ hits targets on home soil, it tends to cherry-pick the most blatant of infringers in order to set an example with reasonably cut-and-dried cases.

Of course, every case can be argued but with hundreds of so-called “Kodi box” sellers active all over the United States, many of them clearly breaking the law as they, in turn, invite their customers to break the law, picking a sitting duck shouldn’t be too difficult.

And then, of course, we come to President Trump. Not usually that vocal on matters of intellectual property and piracy, yesterday – perhaps coincidentally, perhaps not – he suddenly delivered one of his “something is coming” tweets.

Given Trump’s tendency to focus on problems overseas causing issues for companies back home, a comment by Kevin Madigan during the panel yesterday immediately comes to mind.

“To combat piracy abroad, USTR needs to work with the creative industries to improve enforcement and target the source of pirated material,” Madigan said.

Interesting times and much turmoil in the streaming world ahead, it seems.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

BitTorrent Client uTorrent Suffers Security Vulnerability

Post Syndicated from Ernesto original https://torrentfreak.com/bittorrent-client-utorrent-suffers-security-vulnerability-180220/

With dozens of millions of active users a day, uTorrent has long been the most used torrent client.

The software has been around for well over a decade and it’s still used to shift petabytes of data day after day. While there haven’t been many feature updates recently, parent company BitTorrent Inc. was alerted to a serious security vulnerability recently.

The security flaw in question was reported by Google vulnerability researcher Tavis Ormandy, who first reached out to BitTorrent in November last year. Google’s Project Zero allows developers a 90-day window to address security flaws but with this deadline creeping up, BitTorrent had remained quiet.

Late last month Ormandy again reached out to BitTorrent Inc’s Bram Cohen, fearing that the company might not fix the vulnerability in time.

“I don’t think bittorrent are going to make a 90 day disclosure deadline, do you have any direct contacts who could help? I’m not convinced they understand the severity or urgency,” Ormandy wrote on Twitter.

Nudge

While Google’s security researcher might have expected a more swift response, the issue wasn’t ignored.

BitTorrent Inc has yet to fix the problem in the stable release, but a patch was deployed in the Beta version last week. BitTorrent’s Vice President of Engineering David Rees informed us that this will be promoted to the regular release this week, if all goes well.

While no specific details about the vulnerability have yet to be released, it is likely to be a remote execution flaw. Ormandy previously exposed a similar vulnerability in Transmission, which he said was the “first of a few remote code execution flaws in various popular torrent clients.”

BitTorrent Inc. told us that they have shared their patch with Ormandy, who confirmed that this fixes the security issues.

uTorrent Beta release notes

“We have also sent the build to Tavis and he has confirmed that it addresses all the security issues he reported,” Rees told us. “Since we have not promoted this build to stable, I will reserve reporting on the details of the security issue and its fix for now.”

BitTorrent Inc. plans to release more details about the issue when all clients are patched. Then it will also recommend users to upgrade their clients, so they are no longer at risk, and further information will also be available on Google’s Project Zero site.

Of course, people who are concerned about the issue can already upgrade to the latest uTorrent Beta release right away. Or, assuming that it’s related to the client’s remote control functionality, disable that for now.

Note: uTorrent’s Beta changelog states that the fixes were applied on January 15, but we believe that this should read February 15 instead.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Progressing from tech to leadership

Post Syndicated from Michal Zalewski original http://lcamtuf.blogspot.com/2018/02/on-leadership.html

I’ve been a technical person all my life. I started doing vulnerability research in the late 1990s – and even today, when I’m not fiddling with CNC-machined robots or making furniture, I’m probably clobbering together a fuzzer or writing a book about browser protocols and APIs. In other words, I’m a geek at heart.

My career is a different story. Over the past two decades and a change, I went from writing CGI scripts and setting up WAN routers for a chain of shopping malls, to doing pentests for institutional customers, to designing a series of network monitoring platforms and handling incident response for a big telco, to building and running the product security org for one of the largest companies in the world. It’s been an interesting ride – and now that I’m on the hook for the well-being of about 100 folks across more than a dozen subteams around the world, I’ve been thinking a bit about the lessons learned along the way.

Of course, I’m a bit hesitant to write such a post: sometimes, your efforts pan out not because of your approach, but despite it – and it’s possible to draw precisely the wrong conclusions from such anecdotes. Still, I’m very proud of the culture we’ve created and the caliber of folks working on our team. It happened through the work of quite a few talented tech leads and managers even before my time, but it did not happen by accident – so I figured that my observations may be useful for some, as long as they are taken with a grain of salt.

But first, let me start on a somewhat somber note: what nobody tells you is that one’s level on the leadership ladder tends to be inversely correlated with several measures of happiness. The reason is fairly simple: as you get more senior, a growing number of people will come to you expecting you to solve increasingly fuzzy and challenging problems – and you will no longer be patted on the back for doing so. This should not scare you away from such opportunities, but it definitely calls for a particular mindset: your motivation must come from within. Look beyond the fight-of-the-day; find satisfaction in seeing how far your teams have come over the years.

With that out of the way, here’s a collection of notes, loosely organized into three major themes.

The curse of a techie leader

Perhaps the most interesting observation I have is that for a person coming from a technical background, building a healthy team is first and foremost about the subtle art of letting go.

There is a natural urge to stay involved in any project you’ve started or helped improve; after all, it’s your baby: you’re familiar with all the nuts and bolts, and nobody else can do this job as well as you. But as your sphere of influence grows, this becomes a choke point: there are only so many things you could be doing at once. Just as importantly, the project-hoarding behavior robs more junior folks of the ability to take on new responsibilities and bring their own ideas to life. In other words, when done properly, delegation is not just about freeing up your plate; it’s also about empowerment and about signalling trust.

Of course, when you hand your project over to somebody else, the new owner will initially be slower and more clumsy than you; but if you pick the new leads wisely, give them the right tools and the right incentives, and don’t make them deathly afraid of messing up, they will soon excel at their new jobs – and be grateful for the opportunity.

A related affliction of many accomplished techies is the conviction that they know the answers to every question even tangentially related to their domain of expertise; that belief is coupled with a burning desire to have the last word in every debate. When practiced in moderation, this behavior is fine among peers – but for a leader, one of the most important skills to learn is knowing when to keep your mouth shut: people learn a lot better by experimenting and making small mistakes than by being schooled by their boss, and they often try to read into your passing remarks. Don’t run an authoritarian camp focused on total risk aversion or perfectly efficient resource management; just set reasonable boundaries and exit conditions for experiments so that they don’t spiral out of control – and be amazed by the results every now and then.

Death by planning

When nothing is on fire, it’s easy to get preoccupied with maintaining the status quo. If your current headcount or budget request lists all the same projects as last year’s, or if you ever find yourself ending an argument by deferring to a policy or a process document, it’s probably a sign that you’re getting complacent. In security, complacency usually ends in tears – and when it doesn’t, it leads to burnout or boredom.

In my experience, your goal should be to develop a cadre of managers or tech leads capable of coming up with clever ideas, prioritizing them among themselves, and seeing them to completion without your day-to-day involvement. In your spare time, make it your mission to challenge them to stay ahead of the curve. Ask your vendor security lead how they’d streamline their work if they had a 40% jump in the number of vendors but no extra headcount; ask your product security folks what’s the second line of defense or containment should your primary defenses fail. Help them get good ideas off the ground; set some mental success and failure criteria to be able to cut your losses if something does not pan out.

Of course, malfunctions happen even in the best-run teams; to spot trouble early on, instead of overzealous project tracking, I found it useful to encourage folks to run a data-driven org. I’d usually ask them to imagine that a brand new VP shows up in our office and, as his first order of business, asks “why do you have so many people here and how do I know they are doing the right things?”. Not everything in security can be quantified, but hard data can validate many of your assumptions – and will alert you to unseen issues early on.

When focusing on data, it’s important not to treat pie charts and spreadsheets as an art unto itself; if you run a security review process for your company, your CSAT scores are going to reach 100% if you just rubberstamp every launch request within ten minutes of receiving it. Make sure you’re asking the right questions; instead of “how satisfied are you with our process”, try “is your product better as a consequence of talking to us?”

Whenever things are not progressing as expected, it is a natural instinct to fall back to micromanagement, but it seldom truly cures the ill. It’s probable that your team disagrees with your vision or its feasibility – and that you’re either not listening to their feedback, or they don’t think you’d care. It’s good to assume that most of your employees are as smart or smarter than you; barking your orders at them more loudly or more frequently does not lead anyplace good. It’s good to listen to them and either present new facts or work with them on a plan you can all get behind.

In some circumstances, all that’s needed is honesty about the business trade-offs, so that your team feels like your “partner in crime”, not a victim of circumstance. For example, we’d tell our folks that by not falling behind on basic, unglamorous work, we earn the trust of our VPs and SVPs – and that this translates into the independence and the resources we need to pursue more ambitious ideas without being told what to do; it’s how we game the system, so to speak. Oh: leading by example is a pretty powerful tool at your disposal, too.

The human factor

I’ve come to appreciate that hiring decent folks who can get along with others is far more important than trying to recruit conference-circuit superstars. In fact, hiring superstars is a decidedly hit-and-miss affair: while certainly not a rule, there is a proportion of folks who put the maintenance of their celebrity status ahead of job responsibilities or the well-being of their peers.

For teams, one of the most powerful demotivators is a sense of unfairness and disempowerment. This is where tech-originating leaders can shine, because their teams usually feel that their bosses understand and can evaluate the merits of the work. But it also means you need to be decisive and actually solve problems for them, rather than just letting them vent. You will need to make unpopular decisions every now and then; in such cases, I think it’s important to move quickly, rather than prolonging the uncertainty – but it’s also important to sincerely listen to concerns, explain your reasoning, and be frank about the risks and trade-offs.

Whenever you see a clash of personalities on your team, you probably need to respond swiftly and decisively; being right should not justify being a bully. If you don’t react to repeated scuffles, your best people will probably start looking for other opportunities: it’s draining to put up with constant pie fights, no matter if the pies are thrown straight at you or if you just need to duck one every now and then.

More broadly, personality differences seem to be a much better predictor of conflict than any technical aspects underpinning a debate. As a boss, you need to identify such differences early on and come up with creative solutions. Sometimes, all you need is taking some badly-delivered but valid feedback and having a conversation with the other person, asking some questions that can help them reach the same conclusions without feeling that their worldview is under attack. Other times, the only path forward is making sure that some folks simply don’t run into each for a while.

Finally, dealing with low performers is a notoriously hard but important part of the game. Especially within large companies, there is always the temptation to just let it slide: sideline a struggling person and wait for them to either get over their issues or leave. But this sends an awful message to the rest of the team; for better or worse, fairness is important to most. Simply firing the low performers is seldom the best solution, though; successful recovery cases are what sets great managers apart from the average ones.

Oh, one more thought: people in leadership roles have their allegiance divided between the company and the people who depend on them. The obligation to the company is more formal, but the impact you have on your team is longer-lasting and more intimate. When the obligations to the employer and to your team collide in some way, make sure you can make the right call; it might be one of the the most consequential decisions you’ll ever make.

Appeals Court Throws Out $25 Million Piracy Verdict Against Cox, Doesn’t Reinstate “Safe Harbor”

Post Syndicated from Ernesto original https://torrentfreak.com/appeals-court-throws-out-25-million-piracy-verdict-against-cox-doesnt-reinstate-safe-harbor-180201/

December 2015, a Virginia federal jury ruled that Internet provider Cox Communications was responsible for the copyright infringements of its subscribers.

The ISP was found guilty of willful contributory copyright infringement and ordered to pay music publisher BMG Rights Management $25 million in damages.

Cox swiftly filed its appeal arguing that the District Court made several errors in the jury instructions. In addition, it asked for a clarification of the term “repeat infringer” in its favor.

Today the Court of Appeals for the Fourth Circuit ruled on the matter in a mixed decision which could have great consequences.

The Court ruled that the District Court indeed made a mistake in its jury instruction. Specifically, it said that the ISP could be found liable for contributory infringement if it “knew or should have known of such infringing activity.” The Court of Appeals agrees that based on the law, the “should have known” standard is too low.

When this is the case the appeals court can call for a new trial, and that is exactly what it did. This means that the $25 million verdict is off the table, and the same is true for the millions in attorney’s fees and costs BMG was previously granted.

It’s not all good news for Cox though. The most crucial matter in the case is whether Cox has safe harbor protection under the DMCA. In order to qualify, the company is required to terminate accounts of repeat infringers, when appropriate.

Cox argued that subscribers can only be seen as repeat infringers if they’ve been previously adjudicated in court, not if they merely received several takedown notices. This was still an open question, as the term repeat infringer is not clearly defined in the DMCA.

Today, however, the appeals court is pretty clear on the matter. According to Judge Motz’s opinion, shared by HWR, the language of the DMCA suggests that the term “infringer” is not limited to adjudicated infringers.

This is supported by legislative history as the House Commerce and Senate Judiciary Committee Reports both explained that “those who repeatedly or flagrantly abuse their access to the Internet through disrespect for the intellectual property rights of others should know that there is a realistic threat of losing that access.”

“The passage does not suggest that they should risk losing Internet access only once they have been sued in court and found liable for multiple instances of infringement,” Judge Motz writes in her opinion.

Losing Internet access would hardly be a “realistic threat” that would stop someone from pirating if he or she has already been punished several times in court, the argument goes.

This leads the Court of Appeals to conclude that the District Court was right: Cox is not entitled to safe harbor protection because it failed to implement a meaningful repeat infringer policy.

“Cox failed to qualify for the DMCA safe harbor because it failed to implement its policy in any consistent or meaningful way — leaving it essentially with no policy,” Judge Motz writes.

This means that, while Cox gets a new trial, it is still at a severe disadvantage. Not only that, the Court of Appeals interpretation of the repeat infringer question is also a clear signal to other Internet service providers to disconnect pirates based on repeated copyright holder complaints.

Judge Motz’s full opinion is available here (pdf).

12 B2 Power Tips for Experts and Developers

Post Syndicated from Roderick Bauer original https://www.backblaze.com/blog/advanced-cloud-storage-tips/

B2 Tips for Pros
If you’ve been using B2 Cloud Storage for a while, you probably think you know all that you can do with it. But do you?

We’ve put together a list of blazing power tips for experts and developers that will take you to the next level. Take a look below.

If you’re new to B2, we have a list of power tips for you, too.
Visit 12 Power Tips for New B2 Users.
Backblaze logo

1    Manage File Versions

Use Lifecycle Rules on a Bucket to set how many days to keep files that are no longer the current version. This is a great way to manage the amount of space your B2 account is using.

Backblaze logo

2    Easily Stay on Top of Your B2 Account Limits

Set usage caps and get text/email alerts for your B2 account when you approach limits that you define.

Backblaze logo

3    Bring on Your Big Files

You can upload files as large as 10TB to B2.

Backblaze logo

4    You Can Use FedEx to Get Your Data into B2

If you have over 20TB of data, you can use Backblaze’s Fireball hard disk array to load large volumes of data directly into your B2 account. We ship a Fireball to you and you ship it back.

Backblaze logo

5    You Have Command-Line Control of All B2 Functions

You have complete control over B2 using our command line tool that is available for Macintosh, Windows, and Linux.

Backblaze logo

6    You Can Use Your Own Domain Name To Front a Public B2 Bucket

You can create a vanity URL for your B2 account.

Backblaze logo

7    See What’s Happening in Your Account with Graphical Reports

You can view graphical reports summarizing your B2 usage — transactions, downloads, averages, data stored — in your B2 account dashboard.

Backblaze logo

8    Create a B2 SDK

You can build your own B2 SDK for JVM-based or JVM-compatible languages using our B2 Java SDK on Github.

Backblaze logo

9    B2’s API is Easy to Use

B2’s API is similar to, but simpler than Amazon’s S3 API, making it super easy for developers to integrate with B2 Cloud Storage.

Backblaze logo

10    View Code Examples To Get Your B2 Project Started

The B2 API is well documented and has code examples for cURL, Java, Python, Swift, Ruby, C#, and PHP. For example, here’s how to create a B2 Bucket.

Backblaze logo

11    Developers can set the B2 part size as low as 5 MB

When working with large files, the minimum file part size can be set as low as 5MB or as high as 5GB. This gives developers the ability to maximize the throughput of B2 data uploads and downloads. See Large Files and Downloading for more developer tips.

Backblaze logo

12    Your App or Device Can Work with B2, as well

Your B2 integration can be listed on Backblaze’s website. Visit Submit an Integration to get started.

Want to Learn More About B2?

You can find more information on B2 on our website and in our help pages.

The post 12 B2 Power Tips for Experts and Developers appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Why Meltdown exists

Post Syndicated from Robert Graham original http://blog.erratasec.com/2018/01/why-meltdown-exists.html

So I thought I’d answer this question. I’m not a “chipmaker”, but I’ve been optimizing low-level assembly x86 assembly language for a couple of decades.

The tl;dr version is this: the CPUs have no bug. The results are correct, it’s just that the timing is different. CPU designers will never fix the general problem of undetermined timing.
CPUs are deterministic in the results they produce. If you add 5+6, you always get 11 — always. On the other hand, the amount of time they take is non-deterministic. Run a benchmark on your computer. Now run it again. The amount of time it took varies, for a lot of reasons.
That CPUs take an unknown amount of time is an inherent problem in CPU design. Even if you do everything right, “interrupts” from clock timers and network cards will still cause undefined timing problems. Therefore, CPU designers have thrown the concept of “deterministic time” out the window.
The biggest source of non-deterministic behavior is the high-speed memory cache on the chip. When a piece of data is in the cache, the CPU accesses it immediately. When it isn’t, the CPU has to stop and wait for slow main memory. Other things happening in the system impacts the cache, unexpectedly evicting recently used data for one purpose in favor of data for another purpose.
Hackers love “non-deterministic”, because while such things are unknowable in theory, they are often knowable in practice.
That’s the case of the granddaddy of all hacker exploits, the “buffer overflow”. From the programmer’s perspective, the bug will result in just the software crashing for undefinable reasons. From the hacker’s perspective, they reverse engineer what’s going on underneath, then carefully craft buffer contents so the program doesn’t crash, but instead continue to run the code the hacker supplies within the buffer. Buffer overflows are undefined in theory, well-defined in practice.
Hackers have already been exploiting this defineable/undefinable timing problems with the cache for a long time. An example is cache timing attacks on AES. AES reads a matrix from memory as it encrypts things. By playing with the cache, evicting things, timing things, you can figure out the pattern of memory accesses, and hence the secret key.
Such cache timing attacks have been around since the beginning, really, and it’s simply an unsolvable problem. Instead, we have workarounds, such as changing our crypto algorithms to not depend upon cache, or better yet, implement them directly in the CPU (such as the Intel AES specialized instructions).
What’s happened today with Meltdown is that incompletely executed instructions, which discard their results, do affect the cache. We can then recover those partial/temporary/discarded results by measuring the cache timing. This has been known for a while, but we couldn’t figure out how to successfully exploit this, as this paper from Anders Fogh reports. Hackers fixed this, making it practically exploitable.
As a CPU designer, Intel has few good options.
Fixing cache timing attacks is an impossibility. They can do some tricks, such as allowing some software to reserve part of the cache for private use, for special crypto operations, but the general problem is unsolvable.
Fixing the “incomplete results” problem from affecting the cache is also difficult. Intel has the fastest CPUs, and the reason is such speculative execution. The other CPU designers have the same problem: fixing the three problems identified today would cause massive performance issues. They’ll come up with improvements, probably, but not complete solutions.
Instead, the fix is within the operating system. Frankly, it’s a needed change that should’ve been done a decade ago. They’ve just been putting it off because of the performance hit. Now that the change has been forced to happen, CPU designers will probably figure out ways to mitigate the performance cost.
Thus, the Intel CPU you buy a year from now will have some partial fixes for these exactly problems without addressing the larger security concerns. They will also have performance enhancements to make the operating system patches faster.
But the underlying theoretical problem will never be solved, and is essentially unsolvable.

Serverless @ re:Invent 2017

Post Syndicated from Chris Munns original https://aws.amazon.com/blogs/compute/serverless-reinvent-2017/

At re:Invent 2014, we announced AWS Lambda, what is now the center of the serverless platform at AWS, and helped ignite the trend of companies building serverless applications.

This year, at re:Invent 2017, the topic of serverless was everywhere. We were incredibly excited to see the energy from everyone attending 7 workshops, 15 chalk talks, 20 skills sessions and 27 breakout sessions. Many of these sessions were repeated due to high demand, so we are happy to summarize and provide links to the recordings and slides of these sessions.

Over the course of the week leading up to and then the week of re:Invent, we also had over 15 new features and capabilities across a number of serverless services, including AWS Lambda, Amazon API Gateway, AWS [email protected], AWS SAM, and the newly announced AWS Serverless Application Repository!

AWS Lambda

Amazon API Gateway

  • Amazon API Gateway Supports Endpoint Integrations with Private VPCs – You can now provide access to HTTP(S) resources within your VPC without exposing them directly to the public internet. This includes resources available over a VPN or Direct Connect connection!
  • Amazon API Gateway Supports Canary Release Deployments – You can now use canary release deployments to gradually roll out new APIs. This helps you more safely roll out API changes and limit the blast radius of new deployments.
  • Amazon API Gateway Supports Access Logging – The access logging feature lets you generate access logs in different formats such as CLF (Common Log Format), JSON, XML, and CSV. The access logs can be fed into your existing analytics or log processing tools so you can perform more in-depth analysis or take action in response to the log data.
  • Amazon API Gateway Customize Integration Timeouts – You can now set a custom timeout for your API calls as low as 50ms and as high as 29 seconds (the default is 30 seconds).
  • Amazon API Gateway Supports Generating SDK in Ruby – This is in addition to support for SDKs in Java, JavaScript, Android and iOS (Swift and Objective-C). The SDKs that Amazon API Gateway generates save you development time and come with a number of prebuilt capabilities, such as working with API keys, exponential back, and exception handling.

AWS Serverless Application Repository

Serverless Application Repository is a new service (currently in preview) that aids in the publication, discovery, and deployment of serverless applications. With it you’ll be able to find shared serverless applications that you can launch in your account, while also sharing ones that you’ve created for others to do the same.

AWS [email protected]

[email protected] now supports content-based dynamic origin selection, network calls from viewer events, and advanced response generation. This combination of capabilities greatly increases the use cases for [email protected], such as allowing you to send requests to different origins based on request information, showing selective content based on authentication, and dynamically watermarking images for each viewer.

AWS SAM

Twitch Launchpad live announcements

Other service announcements

Here are some of the other highlights that you might have missed. We think these could help you make great applications:

AWS re:Invent 2017 sessions

Coming up with the right mix of talks for an event like this can be quite a challenge. The Product, Marketing, and Developer Advocacy teams for Serverless at AWS spent weeks reading through dozens of talk ideas to boil it down to the final list.

From feedback at other AWS events and webinars, we knew that customers were looking for talks that focused on concrete examples of solving problems with serverless, how to perform common tasks such as deployment, CI/CD, monitoring, and troubleshooting, and to see customer and partner examples solving real world problems. To that extent we tried to settle on a good mix based on attendee experience and provide a track full of rich content.

Below are the recordings and slides of breakout sessions from re:Invent 2017. We’ve organized them for those getting started, those who are already beginning to build serverless applications, and the experts out there already running them at scale. Some of the videos and slides haven’t been posted yet, and so we will update this list as they become available.

Find the entire Serverless Track playlist on YouTube.

Talks for people new to Serverless

Advanced topics

Expert mode

Talks for specific use cases

Talks from AWS customers & partners

Looking to get hands-on with Serverless?

At re:Invent, we delivered instructor-led skills sessions to help attendees new to serverless applications get started quickly. The content from these sessions is already online and you can do the hands-on labs yourself!
Build a Serverless web application

Still looking for more?

We also recently completely overhauled the main Serverless landing page for AWS. This includes a new Resources page containing case studies, webinars, whitepapers, customer stories, reference architectures, and even more Getting Started tutorials. Check it out!

Epic Games Settles First Copyright Case Against Fortnite Cheater

Post Syndicated from Ernesto original https://torrentfreak.com/epic-games-settles-first-copyright-case-against-fortnite-cheater-171201/

Frustrated by thousands of cheaters who wreak havoc in Fortnite’s “Battle Royale,” game publisher Epic Games decided to take several of them to court.

One of the defendants is Minnesota resident Charles Vraspir, a.k.a. “Joreallean,”

The game publisher accused him of copyright infringement and breach of contract, by injecting unauthorized computer code in order to cheat.

According to Epic’s allegations, Vraspir was banned at least nine times but registered new accounts to continue his cheating. In addition, he was also suspected of having written code for the cheats.

“Defendant’s cheating, and his inducing and enabling of others to cheat, is ruining the game playing experience of players who do not cheat,” Epic games wrote.

While the complaint included all the elements for an extensive legal battle, both sides chose to resolve the case without much of a fight. Yesterday, they informed the court that a settlement had been reached.

Epic Games’ counsel asked the court to enter the agreement as well as a permanent injunction, which both have agreed on.

The proposed injunction, signed today, forbids Vraspir from carrying out any copyright infringements in the future, to destroy all cheats, and to never cheat again.

Among other things, he is prohibited from “creating, writing, developing, advertising, promoting, and/or distributing anything that infringes Epic’s works now or hereafter protected by any of Epic’s copyrights.”

While there is no mention of a settlement fee or fine, Vraspir will have to pay $5,000 if he breaches the agreement.

From the injunction

Based on the swift settlement, it can be assumed that Epic Games is not aiming to bankrupt the cheaters. Instead, it’s likely that the company wants to set an example and deter others from cheating in the future.

In addition to the settlement, Epic Games also responded to the mother of the 14-year-old cheater who was sued in a separate case. After we first covered the news last week it was quickly picked up by mainstream media, and it hasn’t gone unnoticed by the game publisher either.

The mother accused Epic of taking a minor to court and making his personal info known to the public.

In a response this week, the company notes that it had no idea of the age of the defendant when it filed the complaint. In addition, Epic notes that by handing over his full name and address in the unredacted letter, she exposed her son.

The rules dictate that filings mentioning an individual known to be a minor should use the minor’s initials only, not the full name as the mother did. While the mother may have waived this protection with her letter, Epic says it will stick to the initials going forward.

“Although there is an argument that by submitting the Letter to the Court containing Defendant’s name and address, Defendant’s mother waived this protection […] we plan to include only Defendant’s initials or redact his name entirely in all future filings with the Court, including this letter.”

Given the quick settlement in the Vraspir case, it’s likely that the case against the 14-year-old boy will also be resolved without much additional damage. That is, if both sides can come to an agreement.

A copy of the stipulation and injunction is available here (pdf). The reply to the mother can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Google & Apple Order Telegram to Nuke Channel Over Taylor Swift Piracy

Post Syndicated from Andy original https://torrentfreak.com/google-apple-order-telegram-to-nuke-channel-over-taylor-swift-piracy-171123/

Financed by Russian Facebook (vKontakte) founder Pavel Durov, Telegram is a multi-platform messaging system that has grown from 100,000 daily users in 2013 to an impressive 100 million users in February 2016.

“Telegram is a messaging app with a focus on speed and security, it’s super-fast, simple and free. You can use Telegram on all your devices at the same time — your messages sync seamlessly across any number of your phones, tablets or computers,” the company’s marketing reads.

One of the attractive things about Telegram is that it allows users to communicate with each other using end-to-end encryption. In some cases, these systems are used for content piracy, of music and other smaller files in particular. This is compounded by the presence of user-programmed bots, which are able to search the web for illegal content and present it in a Telegram channel to which other users can subscribe.

While much of this sharing files under the radar when conducted privately, it periodically attracts attention from copyright holders when it takes place in public channels. That appears to have happened recently when popular channel “Any Suitable Pop” was completely disabled by Telegram, an apparent first following a copyright complaint.

According to channel creator Anton Vagin, the action by Telegram was probably due to the unauthorized recent sharing of the Taylor Swift album ‘Reputation’. However, it was the route of complaint that proves of most interest.

Rather than receiving a takedown notice directly from Big Machine Records, the label behind Swift’s releases, Telegram was forced into action after receiving threats from Apple and Google, the companies that distribute the Telegram app for iOS and Android respectively.

According to a message Vagin received from Telegram support, Apple and Google had received complaints about Swift’s album from Universal Music, the distributor of Big Machine Records. The suggestion was that if Telegram didn’t delete the infringing channel, distribution of the Telegram app via iTunes and Google Play would be at risk. Vagin received no warning notices from any of the companies involved.

Message from Telegram support

According to Russian news outlet VC.ru, which first reported the news, the channel was blocked in Telegram’s desktop applications, as well as in versions for Android, macOS and iOS. However, the channel still existed on the web and via Windows phone applications but all messages within had been deleted.

The fact that Google played a major role in the disappearing of the channel was subsequently confirmed by Telegram founder Pavel Durov, who commented that it was Google who “ultimately demanded the blocking of this channel.”

That Telegram finally caved into the demands of Google and/or Apple doesn’t really come as a surprise. In Telegram’s frequently asked questions section, the company specifically mentions the need to comply with copyright takedown demands in order to maintain distribution via the companies’ app marketplaces.

“Our mission is to provide a secure means of communication that works everywhere on the planet. To do this in the places where it is most needed (and to continue distributing Telegram through the App Store and Google Play), we have to process legitimate requests to take down illegal public content (sticker sets, bots, and channels) within the app,” the company notes.

Putting pressure on Telegram via Google and Apple over piracy isn’t a new development. In the past, representatives of the music industry threatened to complain to the companies over a channel operated by torrent site RuTracker, which was set up to share magnet links.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Twitter Sued Over Slow Response to DMCA Takedown Request

Post Syndicated from Ernesto original https://torrentfreak.com/twitter-sued-over-slow-response-to-dmca-takedown-request-171112/

In common with many other user-generated content sites, Twitter is used by some of its members to host or link to copyright-infringing material.

If rightsholders submit a takedown request, Twitter swiftly takes the infringing content down. Over the past several months the company has processed thousands of requests and complied with most of them.

However, a new lawsuit filed in a California federal court suggests that Twitter’s takedown efforts aren’t perfect.

Rhode Island-based photographer Kristen Pierson filed a complaint against Twitter, accusing the company of hosting and linking to one of her works without permission.

The photo in question, taken at an Alice in Chains concert in 2006, was posted by Twitter user Karen Juanita. After Pierson found out she sent a DMCA takedown notice to Twitter on April 26 of this year.

Twitter promptly replied that it had “disabled access” to the photo, but this didn’t happen right away. While Twitter noted that it could take some time for the removal to propagate, it appears that something went wrong.

Twitter’s response

According to the complaint, it took 90 days before it was effectively taken down. It seems unlikely that Twitter intentionally waited three months, but Pierson is not looking for an excuse. Instead, she’s demanding damages from the social media outfit.

“Twitter had actual knowledge of the direct infringement and contributory infringement. Pierson provided notice to Twitter in compliance with the DMCA, and Twitter failed to expeditiously disable access to or remove the Copyrighted Photograph from their servers,” the complaint notes.

“Alternatively, Twitter directly infringed Pierson’s copyrights by continuing to allow public access to the Copyrighted Photograph on Twitter’s server or on servers controlled by Twitter.”

Theoretically, damages could go up to $150,000, should willful copyright infringement be proven. However, it’s more likely that both parties will settle their differences, or that the case will be dismissed for other reasons.

This isn’t the first time that Twitter has been sued for failing to promptly remove infringing content. Several photographers, including Pierson herself, have done so before. In most cases, these lawsuits are settled after a few weeks, behind closed doors.

A copy of the complaint is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN discounts, offers and coupons

Fate of The Furious Cammers Found Guilty, Hollywood Fails to Celebrate?

Post Syndicated from Ernesto original https://torrentfreak.com/fate-of-the-furious-cammers-found-guilty-hollywood-fails-to-celebrate-171105/

Earlier this year Hollywood’s MPAA helped local police catch two camcording pirates at a movie theater in Linthicum, Maryland.

Troy Cornish and Floyd Buchanan were spotted with recording equipment, preparing to target the US premiere of The Fate of the Furious.

According to Anne Arundel County Police, both were caught inside the theater while they were recording. The men reportedly wore camming harnesses under their clothing, which strapped mobile phones against their chests.

The MPAA’s involvement in the case is no surprise. The anti-piracy organization is the go-to outfit when it comes to content security at movie theaters and often keeps a close eye on known suspects.

In fact, at the time, an MPAA investigator told police that Buchanan was already known to the industry group as a movie piracy suspect.

Soon after the first reports of the arrests were released, dozens of news outlets jumped on the story. Rightly so, as ‘camming’ movie pirates are rarely caught. However, when the two were convicted this summer it was awfully quiet. There was no mention in the news at all.

While a few months late, this means we can break the news today. Despite claiming their innocence during trial, both Cornish and Buchanan were found guilty at the Glen Burnie District Court.

The court sentenced the two men to a suspended jail sentence of a year, as well as 18 months probation.

The sentence

While this is a serious sentence, it’s likely not the result the MPAA and the major Hollywood studios were hoping for. Despite the cammers’ attempt to illegally record one of the biggest blockbusters of the year, they effectively escaped prison.

If both were jailed for a substantial period there would undoubtedly be a press release to celebrate, but nothing of the like happened during the summer.

The above may sound a bit odd, but it’s totally understandable. The sentences in these cases are likely seen as too mild by Hollywood’s standards, so what’s the purpose of highlighting them? Anti-piracy messaging is mostly about scaring people and deterrence, and this case doesn’t fit that picture.

Still, the MPAA’s investigators are not going to stop. If either of the two men are caught again, it will be hard to avoid prison. Perhaps we’ll hear more then.

The MPAA didn’t respond to our request for comment.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

YouTube MP3 Converters Block UK Traffic to Avoid Trouble

Post Syndicated from Ernesto original https://torrentfreak.com/youtube-mp3-converters-block-uk-traffic-to-avoid-trouble-171029/

The music industry sees stream ripping as one of the largest piracy threats, worse than torrent sites or direct download portals.

Last year the RIAA, IFPI and BPI filed legal action against YouTube-MP3, the largest stream ripping site at the time. This case eventually resulted in a settlement where the site agreed to shut down voluntarily.

This was a clear victory for the music groups which swiftly identified their next targets. These include Convert2mp3.net, Savefrom.net, MP3juices.cc and YtMp3.cc, which were highlighted by the RIAA in a letter to the US Government.

The legal action against YouTube-MP3 and the RIAA’s notorious markets report appears to have made an impact, as MP3Juices.cc and YtMp3.cc have shut their doors. Interestingly, this only applies to the UK.

..not available in the UK

It’s unclear why both sites are “shutting down” in the UK and not elsewhere, as the operators haven’t commented on the issue. However, in other parts of the world, the site is readily available.

MP3juices

Last year, music industry group BPI signed an agreement with YouTube-MP3 to block UK visitors, which sounds very familiar. While the BPI is not directly responsible for the recent geo-blocks, the group sees it as a positive trend.

“We are seeing that the closure of the largest stream ripping site, YouTube-mp3, following coordinated global legal action from record companies, is having an impact on the operations of other ripping sites,” BPI Chief Executive Geoff Taylor informs TorrentFreak.

“However, stream ripping remains a major issue for the industry. These sites are making large sums of money from music without paying a penny to those that invest in and create it. We will continue to take legal action against other illegal ripping sites where necessary.”

Stream rippers or converters are not by definition illegal, as pointed out by the CCIA last week. However, music industry groups will continue to crack down on the ones they view as copyright infringing.

MP3Juices.cc and YtMp3.cc are likely hoping to take the pressure off with their voluntary geo-blocking. Time will tell whether that’s a good strategy. In any event, it didn’t prevent YouTube-MP3 from caving in completely, in the end.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Appeals Court Grills Cox and BMG in Piracy Liability Case

Post Syndicated from Ernesto original https://torrentfreak.com/appeals-court-grills-cox-and-bmg-in-piracy-liability-case-171027/

December 2015, a Virginia federal jury ruled that Internet provider Cox Communications was responsible for the copyright infringements of its subscribers.

The ISP was found guilty of willful contributory copyright infringement and ordered to pay music publisher BMG Rights Management $25 million in damages.

Cox swiftly filed its appeal arguing that the district court made several errors that may ultimately restrict the public’s access to Internet services.

This week the Court of Appeals for the Fourth Circuit heard oral argument from both sides, which turned out to be an interesting exercise. The panel of judges Motz, Shedd, and Wynn grilled of both attorneys in an effort to distill the crucial arguments.

Cox attorney Michael Elkin was first up. Among other things, he stressed that Cox didn’t have actual and sufficient knowledge of the claimed infringements.

While BMG uncovered internal Cox emails discussing how frequent offenders were kept on board, these were not specifically discussing BMG infringed works, he argues. However, Judge Wynn stressed that the emails in question did discuss Cox’s policy of not disconnecting infringers.

“But they’re talking about the general abuse department in terms of, where we get these things, this is what we’re going to do with them because we don’t want to lose customers. I mean, it’s the same thing,” he said.

It’s also clear that BMG sent over a million takedown notices to Cox. However, since these were not the ones referenced in the company’s internal emails, these are irrelevant when it comes to the company’s liability for alleged contributory infringement, Cox’s attorney noted.

The back and forth over various issues became rather lively up to a point where Elkin was asked to stop interrupting. “When a judge speaks, you have to be quiet,” Judge Shedd said.

BMG attorney Michael Allan was next in line to present his arguments, which were also carefully dissected by the judges. The attorney stressed that in addition to the takedown notices, BMG provided Cox with a wealth of information on the alleged infringers.

He explained that they sent 1.8 million takedown notices to Cox. When asked what the Internet provider should do with all these notices, Allan mentioned the dashboard they made available, which would help the ISP to check all claims.

“We also provided them with a dashboard. It’s a searchable website that they can search by most egregious repeat infringer, they can pull up every single piece of information we’ve ever provided to them, and they can play the actual songs that were downloaded,” BMG’s attorney said.

Judge Wynn, however, questioned whether the ISP’s abuse department would listen to thousands of infringing songs.

“An internet service provider is going to receive 20,000 of these things per day, 1.8 million a year, or whatever, I don’t care. And they’re going to start playing songs and things like that to see if it’s going on?

“You think that’s where this case is going to go?” Wynn added.

The judges then moved on to the repeat infringer question. An important question asked, was what a ‘repeat infringer’ actually is. BMG’s attorney described this as “someone who repeatedly infringes copyright,” but that wasn’t enough.

“How does somebody know a third party is an infringer? ‘Cause you say so?” Judge Shedd asked.

Cox, for example, sees a repeat infringer as someone who has been previously adjudicated, not someone who has received several takedown notices. Eventually, all had to admit that a repeat infringer is not clearly defined in the DMCA.

Judge Wynn then moved on to highlight another peculiarity. While this case deals with Cox’s failure to implement a repeat infringer policy, this legal requirement by itself is rather meaningless. Even when subscribers are disconnected, they can still join another ISP or come back to Cox after a few months, which makes it pointless.

“As Judge Motz indicated it’s not a perfect solution,” BMG’s lawyer commented.

“It’s not even a good one,” Judge Wynn added.

Another controversial topic that came up is the fact that Cox refused to pass on BMG’s demands because the ISP saw the included settlement demands as extortion. While BMG’s attorney tried to downplay the money issue, Judge Shedd made it very clear what this case is actually about.

“[The DMCA notice] says: you are infringing, you can go to this website and click and pay us $20 or $30. If not, you’re looking at a $150,000 fine. It was about collecting money. We don’t dance around that do we?” Shedd said.

Both Cox and BMG ultimately wanted money from the allegedly infringing subscribers, who might now face an even bigger threat.

“You have two corporations fighting over money, which may be justified. But the net effect of this battle is going to be up against another policy, which is, I think it is the policy, that people should have access to the Internet,” Judge Shedd said.

While the case can still go either way, the oral hearing suggests that the panel of judges is not putting too much weight on the notices sent by BMG. The internal emails from Cox appear to be the key part. Still, we’ll have to wait for the full opinion to see if that’s really true.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Lose Yourself: National Party Guilty of Eminem Copyright Infringement

Post Syndicated from Ernesto original https://torrentfreak.com/lose-yourself-national-party-guilty-of-eminem-copyright-infringement-171025/

In recent years, New Zealand has been the center stage of the largest copyright battle in Internet history; the criminal prosecution of Megaupload and several of its former employees.

In 2012, the country’s law enforcement officials helped to bring down the file-sharing site, including a military-style raid on its founder, Kim Dotcom.

While the Megaupload case is still ongoing, a separate copyright battle in New Zealand came to a conclusion this week. In this case, the country’s leading National Party was the accused.

In 2014 the party of former Prime Minister and Kim Dotcom nemesis John Key was sued for copyright infringement by Eminem’s publisher Eight Mile Style. In an advertising spot for the General Election campaign, the party used a song heavily inspired by the track “Lose Yourself.” A blatant copyright infringement, they argued.

This week the High Court agreed with the publisher ruling that the ad indeed infringed on their copyright. The National Party must now pay a total of $600,000 (415,000 USD) including damages and interest, NZ Herald reports.

Recognizing the irony, Kim Dotcom swiftly took the matter to Twitter. He launched a poll asking who’s guilty of copyright infringement, him or the National Party? The results are, as expected, in his favor.

Lose Yourself?

Dotcom sees the matter as something the old government is responsible for and he has more faith in the current leadership.

“All I can say is that the irony of this is hilarious and that Karma has finally caught up with the corrupt !former! National government. Honest people are now running New Zealand and the courts will be busy dealing with the crimes committed by the last government,” Dotcom informs us.

The National Party didn’t simply use the song without paying for it. They actually sought professional advice before starting the campaign and licensed a track called Eminem Esque, which is the one they used in the ad.

While the party hoped to avoid more expensive licensing fees by using the knock-off song, the High Court ruled that the similarities between Lose Yourself and Eminem Esque are so significant that it breached copyright.

And indeed, the music used in the ad campaign below is quite similar to the original Eminem track.

National Party president Peter Goodfellow is disappointed with the outcome and stresses that the party did not act flagrantly and properly licensed the song that was used.

“The music was licensed with one of New Zealand’s main industry copyright bodies, the Australasian Mechanical Copyright Owners Society. Being licensed and available for purchase, and having taken advice from our suppliers, the party believed the purchase was legal.”

The fact that the Party sought advice and licensed the knock-off track was taken into account. The High Court didn’t award any additional damages, but nonetheless, the copyright infringement claims stuck.

The other camp was more positive about the outcome. Adam Simpson, who represented Eminem’s publisher, described the ruling as a win for musicians and a warning to those who infringe on their rights.

“The ruling clarifies and confirms the rights of artists and songwriters. It sets a major precedent in New Zealand and will be influential in Australia, the UK and elsewhere,” Simpson said.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.