Tag Archives: USTR

Tech Companies Warn U.S. Against Harmful Copyright Laws Worldwide

2019-11-08 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/tech-companies-warn-u-s-against-harmful-copyright-laws-worldwide-191109/

In recent years many countries around the world have tightened their copyright laws to curb the threat of online piracy.

These new regulations aim to help copyright holders, often by creating new obligations and restrictions for Internet service providers that host, link to, or just pass on infringing material.

Rightsholders are happy with these developments, but many Silicon Valley giants and other tech companies see the new laws as threats. This was made clear again this week by the Computer & Communications Industry Association (CCIA) and the Internet Association.

The two groups both submitted stark warnings to the US Trade Representative (USTR). The submissions were sent in response to a request for comments in preparation for the Government’s yearly report on foreign trade barriers.

The CCIA, which includes prominent members such as Amazon, Cloudflare, Facebook, and Google, lists a wide variety of threats, several of which are copyright-related.

One of the main problems is the increased copyright liability for online intermediaries. In the US, online services have strong safe harbor protections that prevent them from being held liable for users’ infringements, but in other countries, this is no longer the case, CCIA warns.

“Countries are increasingly using outdated Internet service liability laws that impose substantial penalties on intermediaries that have had no role in the development of objectionable content. These practices deter investment and market entry, impeding legitimate online services,” CCIA writes.

These countries include France, Germany, India, Italy, and Vietnam. In Australia, for example, several US platforms are excluded from liability protections, which goes against the U.S.-Australia Free Trade Agreement, CCIA notes.

Another major point of concern is the new EU Copyright Directive, which passed earlier this year. While individual member states have yet to implement it, it’s seen as a looming threat for US companies and users alike.

“[T]he recent EU Copyright Directive poses an immediate threat to Internet services and the obligations set out in the final text depart significantly from global norms. Laws made pursuant to the Directive will deter Internet service exports into the EU market due to significant costs of compliance,” CCIA writes.

“Despite claims from EU officials, lawful user activities will be severely restricted. EU officials are claiming that the new requirements would not affect lawful user activity such as sharing memes, alluding to the exceptions and limitations on quotation, criticism, review, and parody outlined in the text.”

The Internet Association also warns against the EU Copyright Directive in its submission. According to the group, which represents tech companies including Google, Reddit, Twitter, as well as Microsoft and Spotify, Europe’s plans are out of sync with US copyright law.

“The EU’s Copyright Directive directly conflicts with U.S. law and requires a broad range of U.S. consumer and enterprise firms to install filtering technologies, pay European organizations for activities that are entirely lawful under the U.S. copyright framework, and face direct liability for third-party content,” the Internet Association writes.

Aside from the EU plans, other countries such as Australia, Brazil, Colombia, India, and Ukraine are also proposing new “onerous” copyright liability proposals for Internet services. In many cases, these plans conflict with promises that were made under U.S. free trade agreements, the Internet Association writes.

“If the U.S. does not stand up for the U.S. copyright framework abroad, then U.S. innovators and exporters will suffer, and other countries will increasingly misuse copyright to limit market entry,” the group warns.

Both the CCIA and the Internet Archive urge the US Government to push back against these developments. They advise promoting strong and balanced copyright legislation, which doesn’t put US companies at risk when following US law.

While it makes sense that the US would back its owns laws and policies abroad, the comments made by both groups come at a time where changes to intermediary liability are on the agenda of local lawmakers as well.

Copyright holders see these foreign developments as inspiration, as they want increased liability for intermediaries. As such, MPAA recently asked lawmakers not to include current safe harbor language in future trade agreements.

This is also the advice of the House Judiciary Committee. While the committee isn’t taking a position on a future direction just yet, it wants to await current developments before porting current US liability exceptions into international deals.

—

The CCIA’s submission to the USTR is available here (pdf) and the Internet Association’s submission can be found here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

MPA’s Piracy Claims Caused Financial Damage, VOD Site Says

2019-10-27 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/mpas-piracy-claims-caused-financial-damage-vod-site-says-191027/

Every year the US Trade Representative (USTR) asks interested stakeholders to identify ‘notorious’ foreign piracy markets.

The responses that come in list the Pirate Bay’s of this world, but also sites and services that don’t see themselves as pirate markets.

The Polish video-on-demand (VOD) platform CDA.pl falls in the latter category. Last year the video service was already branded a pirate site by MPA America (formerly the MPAA), and this year the movie industry group submitted pretty much the same remarks.

“Cda.pl is Poland’s most popular piracy website, eclipsing several legitimate VOD services in the country,” MPA wrote in its submission.

The movie and video industry group further informed the USTR that the “notorious” site is operated by “Comedian S.A.” and uses the services of Cloudflare to mask its IP-address, making it harder for copyright holders to identify the hosting location.

This is all nonsense, according to CDA.pl. The company that owns the VOD service makes this clear in a rebuttal sent to the USTR late last week. For starters, it points out that the site is not managed by Comedian S.A., which may not even exist, but by another Polish company aptly named CDA S.A.

This is not some shady website that’s run from someone’s basement, but a tax-paying joint-stock company.

“CDA S.A. is a public joint-stock company, with its business seat in Wroclaw (Poland), operating in full transparency, fulfilling all of its legal obligations and publishing all relevant information in the way determined by the law and internal stock exchange regulations,” the rebuttal reads.

The company accuses MPA of spreading false information. It assures the US government that it is not a piracy website, adding that it operates in full accordance with the Polish and European legal regulations.

CDA.pl says that it shares its profits directly with rightsholders. They pay commissions that are based on subscription revenues, which make up over 90% of the site’s income.

The site also has a subscription-free section where users can upload files. This part is monetized through advertisements. MPA’s complaints are likely related to the latter, but CDA.pl stresses that ads are only displayed on content uploaded by verified users and partners.

The rebuttal also stresses that the VOD platform has a fully functional notice and takedown system that allows rightsholders to remove infringing content. Some companies, including Warner Bros. and Fox, are even permitted to remove content directly, without CDA getting in the way.

According to CDA, the pirate label is grossly inaccurate. The company is a fully-functional legal entity that’s even listed on the NewConnect stock exchange. This means that, in addition to tax reporting obligations, it’s also subject to various EU stock exchanges and financial regulations.

That the MPA persists in branding the site as a notorious market, hurts the company’s image and causes financial damage, CDA notes. Among other things, CDA’s listing on the New Connect stock exchange was delayed earlier this year.

This year’s renewed allegations are bound to cause trouble as well, the company predicts.

“The MPAA’s letter which indicates CDA.pl website as a pirate site and unfairly lists it along with other websites widely known for their notoriety in copyright violations […] negatively affect the image of the Company and thus negatively influence the interest of potential investors which may lead to occurring significant financial losses by my Client,” the rebuttal reads.

According to CDA, it was never approached directly by the MPA(A), nor did the industry group respond to a letter the company sent in response to last year’s allegations.

The Polish VOD service makes it clear that it wants the false accusations to stop. It believes that this may not even be about piracy per se, but more an attempt to quash the competition. Several MPA members have their own VOD platforms, CDA mentions.

“lt is also worth noting that some of the members of the MPAA can be considered as competitors of the Company and its services, who develop their own VOD services on the Polish market, where CDA.pl currently has the biggest share (sVOD section). Therefore, MPAA’s opinion re. CDA.pl presented to this Office cannot be treated as objective but rather as a means of pressure on competition.”

The full rebuttal sent by CDA is available here (pdf). Last year the USTR decided not to include the service in its final overview of notorious markets and the company hopes to achieve the same result again.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Cloudflare Refutes MPA and RIAA’s Piracy Concerns

2019-10-18 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/cloudflare-refutes-mpa-and-riaas-piracy-concerns-191018/

Earlier this month several copyright holder groups sent their annual “Notorious Markets” complaints to the U.S. Trade Representative (USTR).

The recommendations are meant to call out well-known piracy sites, apps, and services, but Cloudflare is frequently mentioned as well.

The American CDN provider can’t be officially listed since it’s not a foreign company. However, rightsholders have seizes the opportunity to point out that the CDN service helps pirate sites with their infringing activities.

The MPA and RIAA, for example, wrote that Cloudflare frustrates enforcement efforts by helping pirate sites to “hide” their hosting locations. In addition, the Hollywood-affiliated Digital Citizens Alliance (DCA) pointed out that the company helps pirate sites to deliver malware.

This week Cloudflare responded to these allegations. In a rebuttal, sent to the USTR’s Director for Innovation and Intellectual Property, General Counsel Doug Kramer writes that these reports are not an accurate representation of how the company operates.

“My colleagues and I were frustrated to find continued misrepresentations of our business and efforts to malign our services,” Kramer writes.

“We again feel called on to clarify that Cloudflare does not host the referenced websites, cannot block websites, and is not in the business of hiding companies that host illegal content–all facts well known to the industry groups based on our ongoing work with them.”

Kramer points out that the copyright holder groups “rehash” previous complaints, which Cloudflare previously rebutted. In fact, some parts of the CDN provider’s own reply are rehashed too, but there are several new highlights as well.

For example, the USTR’s latest review specifically focuses on malware issues. According to Cloudflare, its services are specifically aimed at mitigating such threats.

“Our system uses the collective intelligence from all the properties on our network to support and immediately update our web application firewall, which can block malware at the edge and prevent it from reaching a site’s origin server. This protects the many content creators who use our services for their websites as well as the users of their websites, from malware,” Kramer writes.

The DCA’s submission, which included a 2016 report from the group, is out of date and inaccurate, Cloudflare says. Several of the mentioned domains are no longer Cloudflare customers, for example. In addition, the DCA never sent any malware complaints to the CDN service.

Cloudflare did previously reach out to the DCA following its malware report, but this effort proved fruitless, the company writes.

“Despite our repeated attempts to get additional information by either
phone or email, DCA cancelled at least three scheduled calls and declined to provide any specific information that would have allowed us to verify the existence of the malware and protect users from malicious activity online,” Kramer notes.

Malware aside, the allegations that Cloudflare helps pirate sites to ‘hide’ their hosting locations are not entirely true either.

Kramer points out that the company has a “Trusted Reporter” program which complainants, including the RIAA, use frequently. This program helps rightsholders to easily obtain the actual hosting locations of Cloudflare customers that engage in widespread copyright infringement.

Although Cloudflare admits that it can’t stop all bad actors online, it will continue to work with the RIAA, MPA, and others to provide them with all the information they need for their enforcement efforts.

None of this is new though. Year after year the same complaints come in and Cloudflare suggests that copyright holders are actually looking for something else. They would like the company to terminate accounts of suspected pirate sites. However, the CDN provider has no intention to do so.

“Their submissions to the Notorious Markets process seem intended to pressure Cloudflare to take over efforts to identify and close down infringing websites for them, but that is something that we are not obligated to do,” Kramer says.

While it would be technically possible, it would require the company to allocate considerable resources to the task. These resources are currently needed to pursue its primary goal, which is to keep the Internet secure and protect users from malware and other risks.

It’s clear that Cloudflare doesn’t want to take any action against customers without a court order. While it has occasionally deviated from this stance by kicking out Daily Stormer and 8Chan, pirate sites are on a different level.

—

A copy of the letter Cloudflare’s General Counsel Doug Kramer sent to the USTR’s Director for Innovation and Intellectual Property, Jacob Ewerdt, is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Key Internet Players Call For Clarification of ‘Notorious Piracy Market’ Term

2019-10-15 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/key-internet-players-call-for-clarification-of-notorious-piracy-market-term-191015/

Earlier this month, several copyright holder groups sent their annual “notorious markets” submissions to the U.S. Trade Representative (USTR).

The U.S. Government uses this input for its annual review of notorious piracy markets, an overview of threats to various copyright industries.

The recommendations, including those from the RIAA, MPA, and ESA, traditionally include well-known piracy sites such as The Pirate Bay, but increasingly third-party technology providers are also being added to the mix.

For example, domain registrars and hosting services are regularly listed, and the same is true for advertising companies. Cloudflare has been frequently mentioned as well, although it’s not officially listed since the overview focuses on foreign entities.

The copyright holder groups who send these recommendations hope that the U.S. will include these companies in its final overview. That would put pressure on the sites and services as well at the countries from where they operate.

However, not everyone is pleased with this development. According to the Internet Infrastructure Coalition (I2Coalition), which counts Amazon, Cloudflare, Google, OVH, Steadfast and Tucows among its members, third-party intermediaries don’t belong in this list.

“Notorious markets should not be confused with neutral intermediaries such as Internet Infrastructure providers,” the I2Coalition writes in a letter to the USTR.

The coalition notes that some submissions, including those from the International Intellectual Property Alliance, have gone too far by suggesting copyright protection measures that would harm Internet infrastructure and therefore the Internet as a whole.

The group notes that Internet infrastructure providers, such as DNS providers, route users of the web to the right online locations. These services simply refer requests and don’t control the information at the locations where people are directed.

“The nature of these kinds of businesses is that they have limited access to content information. There are intermediaries between various segments of the Internet as a whole. They are not markets. Yet, these kinds of companies may be erroneously listed in the USTR notorious markets report,” the I2Coalition writes.

The Internet companies add that recent updates to the law have highlighted new enforcement options. However, it is not clear what must be enforced. This can become problematic when various stakeholders have different views on what the term ‘notorious market’ means.

“It is in this lack of clarity where many who submit to the notorious markets either by mistake or intentionally mischaracterize the concept of notorious markets for the purposes of identifying intellectual property infringement.”

The coalition calls on the USTR to deliver clarity as some of the current submissions vilify specific technologies, it says. Instead, the process should be limited to the ‘notorious’ sites and marketplaces themselves, not third-party intermediaries.

“We believe that the spirit and letter of the relevant IP laws are better upheld by going after true notorious markets, not throwing the baby out with the bathwater by going after Internet infrastructure providers,” the I2Coalition stresses.

The letter doesn’t mention specific companies or services the coalition believes were mistakenly called out. However, the coalition makes it clear that an effort to clear up what a ‘notorious market’ is should include a variety of stakeholders, not only those who represent the copyright industry.

—

A copy of the letter the Internet Infrastructure Coalition sent to the US Trade Representative is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

MPA Adds 1XBET and Baidu to Latest Piracy Threat Report

2019-10-13 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/mpa-adds-1xbet-and-baidu-to-latest-piracy-threat-report/

Alongside other entertainment industry groups, the Motion Picture Association (MPA) sends a yearly overview of notorious foreign piracy markets to the US Trade Representative.

These annual submissions help to guide the U.S. Government’s position toward foreign countries when it comes to copyright enforcement.

We previously covered the submissions from the RIAA and ESA, which both listed a wide variety of pirate sites including torrent, streaming, MP3-downloaders, and ROM archives.

The MPA’s submission was published later than the others but is worth highlighting nonetheless. In recent years it has solely focused on online threats with familiar names such as The Pirate Bay, Openload, and Fmovies reappearing time and again.

This year is no different. Many of the threats the MPA highlights are identical to last year. Aside from traditional pirate sites, this includes mobile apps, unauthorized IPTV services, and hosting companies. While not a foreign company, CDN provider Cloudflare is repeatedly mentioned as well, as it has many piracy sites as customers.

“The Pirate Bay, and other notorious pirate sites, remain Cloudflare customers despite repeated notices of infringement to Cloudflare,” the MPA notes.

A complete list of all the identified notorious markets is listed below, but we will zoom in on two entities added as new entries this year.

The first one is 1XBET, a gambling company known for its advertising appearing in ‘cam’ copies of movies. The casino, whose ads appear on more than a thousand pirate sites, is well known among people who frequent these platforms. Now, it’s on the MPA’s radar as well.

“1XBET is a Russian gambling site that has started to support some of the
earliest releases of infringing theatrical camcords and infringing streams of live television broadcasts. It has become the third most active online advertiser in Russia,” the MPA informs the USTR.

The MPA’s report cites research from Mediascope which found that only Google and PepsiCo ads are more prevalent online in Russia. While that covers all publications, the movie industry group draws specific attention to the embedded ads that appear in popular pirate movie releases as well as their titles.

“Reportedly, the online casino pays to insert visual and audio advertisements into new piracy content sources incentivizing camcord and livestreaming piracy. 1XBET’s watermark with promotion codes is ‘burned’ into the video files of infringing camcord recordings. Thus, piracy is used as a vehicle to support this online gambling giant,” the MPA notes.

What’s not mentioned by the MPA is that 1XBET also sponsored several major UK football clubs and Italian football league Serie A. Responding to some earlier controversy, a 1XBET spokesperson said that it takes the piracy advertising allegations very seriously.

Another newcomer in the MPA’s list of notorious markets is Baidu Pan, the file-hosting service operated by the largest search engine in China. According to the movie industry group, it’s often used to share copyright-infringing material.

“Large quantities of infringing content are stored on Baidu Pan with
links disseminated through popular Chinese social media platforms and piracy linking sites,” the MPA writes in its submission.

The MPA points out that Baidu has a market share of over 75 percent in China, which makes it the second-largest search engine in the world. As such, it is vitally important that the company has rigorous content protection standards and that it cooperates with rightsholders, the group notes.

Baidu has made some progress in recent years when it comes to its takedown tools, but takedown rates and timeframes remain inconsistent or too long, the MPA says.

“Baidu should be encouraged to do more, including improve implementation of its takedown tools, apply rigorous filtering technology to identify infringing content, and take more effective action to suspend or terminate repeat infringers to ensure all rights holders are treated equally and infringing content and links are removed expeditiously,” the submission reads.

The MPA hopes that its recommendations will be helpful to the US Government, but whether adding 1XBET and Baidu Pan will have any effect has yet to be seen.

The MPA’s full report is available here (pdf). The USTR will use this input to make up its own list of notorious markets. This will help to identify current threats and call on foreign governments to take appropriate action.

List of all the sites and services the MPAA identified as notorious markets.

Linking / Streaming

B9good.com
CB01
Cda.pl
Cimaclub.com & cima4u.tv
Cinecalidad.to
Dytt8.net and Dy2018.com
Fmovies.is/.to (formerly .se)
“Indo 21” (Indoxxi) and many related domains
Movie2free.com
MrPiracy.site and .xyz
Phimmoi.net
Seasonvar.ru

Cyberlockers / video hosting

1fichier.com
Baidu Pan
Clipwatching.com
Gounlimited.to
Netu.tv
Openload.co/oload.tv
Rapidgator.net
Rapidvideo.com
Streamango.com
Uploaded.net
Uptobox.com
Verystream.com
VK.com

Illegal IPTV

BestBuyIPTV.com
Buy-IPTV.com
GenIPTV
ThePK.tv
TVMucho.com

Apps

RenRen Shi Pin
ShowBox
Unblock Tech (unblocktech.com)

P2P sites

1337x.to
Rarbg.to
Rutracker.org
Tamilrockers.ws
ThePirateBay.org
Torrentz2.eu
Zooqle.com

Hosting services

Fishnet Communications LLC
M247
Network Dedicated SAS
Private Layer

Advertising

1XBET

–

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

RIAA Reports Telegram to US Govt. Over Piracy Concerns

2019-10-02 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/riaa-reports-telegram-to-us-govt-over-piracy-concerns-191002/

Responding to a request from the Office of the US Trade Representative (USTR), the RIAA has submitted its annual list of “notorious markets.”

The submission identifies online and offline piracy hubs to help guide the U.S. Government’s position towards foreign countries when it comes to copyright enforcement.

“The online and physical markets identified in our comments are harming American creators, businesses, and the American economy,” writes George York, the RIAA’s Senior Vice President of International Policy.

Traditionally the online focus lies on classic pirate sites, such as torrent indexers, linking sites, cyberlockers, download portals, and stream-rippers. These are also listed in the latest RIAA submission. It includes many of the usual suspects, such as The Pirate Bay, Flvto, Newalbumreleases, and Uploaded.

While these mentions were expected, there’s also a new ‘issue’ highlighted by the music group – the encrypted messaging app Telegram. The software, which was launched by VKontakte founders Nikolai and Pavel Durov a few years ago, is frequently used by pirates, the RIAA notes.

The RIAA points out that messaging apps by themselves are of no special concern. However, Telegram also allows its users to share files of up to 1.5GB, a process that can be automated with scripts. This is a feature that many pirates have embraced.

“Telegram offers many user-created channels which are dedicated to the unauthorized distribution of copyrighted recordings, with some channels focused on particular genres or artists,” the RIAA notes.

Many of these files are hosted on Telegram’s servers and the RIAA says that it sent 18,000 DMCA notices to Telegram, identifying over 18,000 instances of copyright infringement.

The messaging app says that it forwards these requests to channel owners. However, according to the music group, this doesn’t have the desired effect, as many channel operators ignore the takedown requests. In addition, repeat infringers don’t appear to be punished in any way.

“We have found, however, that most channel operators appear to take no action in response to our notices, with nearly all of infringements listed in our notices remaining available,” the RIAA writes.

“Likewise, Telegram makes no apparent attempt to verify that channel operators have complied with our notices and does not seem to have any kind of repeat infringement policy.”

By putting Telegram on the USTR’s agenda the RIAA hopes to, directly or indirectly, motivate the messaging app to do more to prevent piracy. Interestingly, Telegram is registered as both a UK LLP and an American LLC, so it’s not clear to us whether it’s indeed a “foreign” market from a US point of view.

Telegram is by no means new to piracy complaints. Two years ago the application also made the news when it, for the first time, removed an entire channel where a pirated copy of Taylor Swift’s album Reputation was shared. The service took this action following pressure from Google and Apple.

In addition to the issues discussed above, the RIAA’s submission mostly includes familiar topics. In this year’s ‘issue focus,’ the RIAA points out that malware remains a problem on pirate sites for example. This puts the public at risk and should be mitigated where possible, it says.

The music group also highlights problems with bulletproof hosting providers that ignore DMCA notices, and CDN services such as Cloudflare. In addition, it once again stresses that WHOIS data should become public and verified.

The USTR will use the input above to make up its own list of notorious markets. This will help to identify current threats while calling on foreign governments to take appropriate action.

—

A copy of the RIAA’s latest submission to the Office of the US Trade Representative is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

House Judiciary Committee Doesn’t Want ‘DMCA-Style’ Safe Harbor in Trade Agreements

2019-09-21 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/house-judiciary-committee-doesnt-want-dmca-style-safe-harbor-in-trade-agreements-190921/

When President Clinton signed the Digital Millenium Copyright Act (DMCA) into law in 1998, its goal was to ready copyright law for the digital age.

The law introduced safe harbors for Internet services (DMCA Section 512), meaning that they can’t be held liable for their pirating users as long as they properly process takedown notices and deal with repeat infringers.

Today the four-letter acronym is known around the world and the United States appears keen to export it in future trade agreements. Most recently, a DMCA-style provision was added to the United States-Mexico-Canada Agreement (USMCA), which covers a wide variety of trade issues including copyright-related topics.

While this would have been welcomed by rightsholders twenty years ago, the situation looks quite different today. The music industry, in particular, believes that the DMCA is obsolete, dysfunctional, and even harmful. For these reasons, major industry groups would like to see it replaced with something ‘better.’

When the first draft of the USMCA was published, the RIAA made this clear in no uncertain terms. “Modern trade treaties should advance the policy priority of encouraging more accountability on public platforms, not less,” RIAA President Mitch Glazier said.

The issue was crucial enough to be specifically mentioned in the RIAA’s lobbying disclosures at the U.S. House and Senate. This may have had an effect, as this week the concerns were picked up by the House Judiciary Committee.

In a letter to the U.S. Trade Representative (USTR), the Judiciary Committee points out that Section 512 of the DMCA is widely debated and that “some” have called on Congress to update it.

The Committee notes that the U.S. Government conducted an in-depth review over the past years of which the results are expected soon. This may in part be impacted by the European Union’s new Copyright Directive which hints at potential upload filters and increases in liability for online service providers.

“The U.S. Copyright Office is expected to produce a report on Section 512 around the end of this year, the result of a multi-year process that started in 2015. Moreover, the European Union has recently issued a copyright directive that includes reforms to its analogous safe harbor for online platforms, which may have an impact on the U.S. domestic policy debate,” the letter reads.

The Judiciary Committee doesn’t take a position in this debate but it stresses that adding the widely contested safe harbor language to the USMCA and other trade agreements, would not be wise at this point.

“[W]e find it problematic for the United States to export language mirroring this provision while such serious policy discussions are ongoing,” the letter, signed by House Judiciary Committee Chairman Jerrold Nadler and Ranking Member Doug Collins reads.

“For that reason, we do not believe a provision requiring parties to adopt a Section 512-style safe harbor system of the type mandated by Article 20.89 should continue to be included in future trade agreements,” the letter adds.

The Committee urges the USTR to take the matter seriously and consider the possible changes that are coming. This largely reflects the position of several major copyright industry groups, including the RIAA.

If the language is indeed removed or changed it will be a major setback for Internet services and various digital rights groups. This includes the Re:Create Coalition, which welcomed the inclusion of these protections last year.

—

A copy of the letter sent by the House of Representatives Committee on the Judiciary to the USTR is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

U.S. Places 36 Countries on Annual ‘Piracy Watchlist’

2019-04-30 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/u-s-places-36-countries-on-annual-piracy-watchlist-190429/

Every year the Office of the United States Trade Representative (USTR) publishes its Special 301 Report highlighting countries that aren’t doing enough to protect US intellectual property rights.

The format remains the same as in previous years and lists three dozen countries that, for different reasons, threaten the intellectual property rights of US companies.

“The identification of the countries and IP-related market access barriers in the Report and of steps necessary to address those barriers are a critical component of the Administration’s aggressive efforts to defend Americans from harmful IP-related trade barriers,” USTR writes.

The topics reported in the yearly overview are much broader than online piracy. They also cover counterfeiting and other IP related issues, including patents and protection of trade secrets. Our coverage is limited to piracy, however, which remains one of the key issues.

The USTR highlights stream-ripping as a significant problem, as well as pirate IPTV services and “illicit streaming devices” in general. The latter are sold throughout the world but are often manufactured in China, which is listed on the USTR’s Priority Watch List.

“Stakeholders continue to report rampant piracy through ISDs, including in Argentina, Brazil, Chile, China, the Dominican Republic, Hong Kong, India, Indonesia, Mexico, Peru, Saudi Arabia, Singapore, Taiwan, the UAE, and Vietnam. China, in particular, is a manufacturing hub for these devices,” the USTR writes.

Camcording piracy, where people record films at movie theaters, remains a significant problem as well. Russia, India, Mexico, and China are called out as frequent sources, but the problem applies to other countries as well.

The USTR notes that countries including Argentina, Brazil, Ecuador, Peru, and Taiwan do not effectively criminalize unauthorized camcording, and hopes that this will soon change.

“The United States urges countries to adopt laws and enforcement practices
designed to prevent unauthorized camcording, such as laws that have been adopted in Canada, Japan, and the Philippines,” the USTR writes.

Most of these observations and comments are not new. They are made year after year in some cases. Apparently, it’s a strategy that has some effect. For example, India recently updated is camcording legislation to allow a three-year prison sentence for those who get caught.

The full list of countries which lack proper IP protection totals 36. Eleven are listed on the most severe Priority Watch List with the rest placed on the regular Watch List.

Canada has been downgraded from the Priority to the regular Watch List this year. The most important step forward taken by Canada, according to the US, is signing the provisions in the U.S.-Mexico-Canada Agreement (USMCA), which will extend the local copyright term to 70-years + life.

However, problems remain as well. Among other things, the US sees Canada’s copyright exception for educational purposes as a grave concern.

“The United States remains deeply troubled by the ambiguous education-related exception added to the copyright law in 2012, which has significantly damaged the market for educational publishers and authors,” the office writes.

Switzerland also remains on the Watch List. While the country generally has strong intellectual property protection, the U.S. remains concerned about its online copyright protection and enforcement, as we’ve highlighted previously. This appears to be the only remaining barrier at this point.

If countries fail to address the issues the USTR has highlighted, the U.S. says it will take appropriate actions in response. No concrete measures are mentioned, but they can include enforcement actions under Section 301 of the Trade Act or pursuant to World Trade Organization rules, for example.

—

A copy of USTR’s full 2019 Special 301 Report is available here (pdf).

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

US Govt Identifies Top Pirate Sites and Other ‘Notorious Markets’

2019-04-26 Ernesto

Post Syndicated from Ernesto original https://torrentfreak.com/us-govt-identifies-top-pirate-sites-and-other-notorious-markets-190426/

ustrb In its yearly “Out-of-Cycle Review of Notorious Markets”, the United States Trade Representative (USTR) lists a few dozen websites said to be involved in piracy or counterfeiting.

The overview is largely based on input from industry groups including the RIAA and MPAA, who submitted their recommendations late last year.

The USTR stresses that the list isn’t exhaustive, nor is it meant to reflect legal violations. The goal of the review is to motivate owners and foreign Governments to take appropriate action and reduce piracy.

“In the absence of good faith efforts, responsible government authorities should investigate reports of piracy and counterfeiting in these and similar markets and pursue appropriate action against such markets and their owners and operators,” the USTR writes.

This year there appears to be a stronger focus on counterfeiting and offline markets than in previous years. There is also a focus on free trade zones, for example, mostly in relation to counterfeiting. However, pirate sites are also highlighted in the report.

First off, the Government reports that there have been some recent successes on the anti-piracy front. The 123movies websites have been shut down following a criminal investigation in Vietnam and, more recently, the FAB IPTV service was taken offline following a Europol-led raid.

Still, many piracy-related challenges remain. According to the USTR’s report, The Pirate Bay remains one of the primary offenders, despite some significant downtime issues.

“While The Pirate Bay websites have experienced periodic downtime over the past year, right holders continue to report high levels of infringing activities taking place on this platform,” the USTR writes.

“As one of the first BitTorrent indexing websites and one of its most vocal in openly promoting piracy, The Pirate Bay continues to be one of the most frequently visited websites in the world,” the report adds.

Other prominent torrent sites mentioned in the review are RuTorrent and RARBG. Interestingly, 1337x.to, which was included previously, no longer gets a mention.

The USTR has also included the stream ripping sites Flvto.biz and 2Conv.com, which are currently involved in a US court battle with several record labels. Another popular stream ripping site highlighted by the USTR is MP3juices.cc, and the music-related sites Mp3va.com and Newalbumreleases.net also get a mention.

The latest overview of notorious markets further lists a selection of game-related websites. Firestorm-Servers.com and Warmane.com, for example, which host unauthorized World of Warcraft servers with thousands of players.

Another game-related site is Mpgh.net, which offers a wide variety of hacks and cheats.

“Mpgh.net is an example of a site that provides “cheats” and reportedly offers several hundred thousand free cheats to over 4 million users. The site generates revenue through advertisements and by offering premium accounts, and Internet browsers reportedly detect and warn of malicious content on the site,” the USTR writes.

The malware angle is brought up more often by the USTR, which references various reports which found that pirate sites are often linked to the spreading of malicious content.

The USTR report continues with mentions of popular cyberlockers such as Openload, Uploaded, and Rapidgator. Streaming sites and apps such as Fmovies, TVPlus, and TVBrowser also make the list.

The pirate broadcaster BEOUTQ gets a mention as well, as do the academic pirate sources Sci-Hub and LibGen, as well as Russia’s social network VK.com. The latter keeps being mentioned, despite a long list of anti-piracy actions it has taken in recent years.

In addition to individual sites and services, the USTR notes that some hosting providers have also become problematic players. This includes so-called bulletproof hosters such as FlokiNET.

“FlokiNET is an example of the growing problem of hosting providers that do not respond to notices of infringement or warning letters that the provider is hosting and supporting known infringing websites,” USTR writes.

The USTR hopes that by highlighting these problematic sites and companies, their operators or local law enforcement will take action to prevent copyright infringing activity going forward.

—

A copy of USTR’s 2018 overview of notorious markets (published yesterday) is available here (pdf). The full list of highlighted online sites/service, including those focused on counterfeiting, is as follows:

-1Fichier.com
-BEOUTQ
-Bukalapak.com
-Carousell.com
-Chomikuj.pl
-DHgate.com
-Firestorm-Servers.com and Warmane.com
-FlokiNET
-Flvto.biz and 2Conv.com
-FMovies.is
-Hosting Concepts B.V.
-Indoxx1.com
-Kinogo.cc
-MP3juices.cc
-Mp3va.com
-Mpgh.net
-Newalbumreleases.net
-Openload.co
-Pelispedia.tv
-Pinduoduo.com
-Private Layer Hosted Sites (e.g. Torrentz2.eu)
-Rapidgator.net, Rutracker.org, and Seasonvar.eu
-RARBG.to
-Sci-Hub and LibGen
-Shopee.ph
-Taobao.com
-Thepiratebay.org
-Tokopedia.com
-Turbobit.net
-TVPlus, TVBrowser, and Kuaikan
-Uploaded.net
-Uptobox.com
-VK.com

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Microsoft acquires GitHub

2018-06-04 corbet

Post Syndicated from corbet original https://lwn.net/Articles/756443/rss

Here’s the
press release announcing Microsoft’s agreement to acquire GitHub for a
mere $7.5 billion. “GitHub will retain its developer-first
ethos and will operate independently to provide an open platform for all
developers in all industries. Developers will continue to be able to use
the programming languages, tools and operating systems of their choice for
their projects — and will still be able to deploy their code to any
operating system, any cloud and any device.”

ISP Questions Impartiality of Judges in Copyright Troll Cases

2018-06-02 Andy

Post Syndicated from Andy original https://torrentfreak.com/isp-questions-impartiality-of-judges-in-copyright-troll-cases-180602/

Following in the footsteps of similar operations around the world, two years ago the copyright trolling movement landed on Swedish shores.

The pattern was a familiar one, with trolls harvesting IP addresses from BitTorrent swarms and tracing them back to Internet service providers. Then, after presenting evidence to a judge, the trolls obtained orders that compelled ISPs to hand over their customers’ details. From there, the trolls demanded cash payments to make supposed lawsuits disappear.

It’s a controversial business model that rarely receives outside praise. Many ISPs have tried to slow down the flood but most eventually grow tired of battling to protect their customers. The same cannot be said of Swedish ISP Bahnhof.

The ISP, which is also a strong defender of privacy, has become known for fighting back against copyright trolls. Indeed, to thwart them at the very first step, the company deletes IP address logs after just 24 hours, which prevents its customers from being targeted.

Bahnhof says that the copyright business appeared “dirty and corrupt” right from the get go, so it now operates Utpressningskollen.se, a web portal where the ISP publishes data on Swedish legal cases in which copyright owners demand customer data from ISPs through the Patent and Market Courts.

Over the past two years, Bahnhof says it has documented 76 cases of which six are still ongoing, 11 have been waived and a majority 59 have been decided in favor of mainly movie companies. Bahnhof says that when it discovered that 59 out of the 76 cases benefited one party, it felt a need to investigate.

In a detailed report compiled by Bahnhof Communicator Carolina Lindahl and sent to TF, the ISP reveals that it examined the individual decision-makers in the cases before the Courts and found five judges with “questionable impartiality.”

“One of the judges, we can call them Judge 1, has closed 12 of the cases, of which two have been waived and the other 10 have benefitted the copyright owner, mostly movie companies,” Lindahl notes.

“Judge 1 apparently has written several articles in the magazine NIR – Nordiskt Immateriellt Rättsskydd (Nordic Intellectual Property Protection) – which is mainly supported by Svenska Föreningen för Upphovsrätt, the Swedish Association for Copyright (SFU).

“SFU is a member-financed group centered around copyright that publishes articles, hands out scholarships, arranges symposiums, etc. On their website they have a public calendar where Judge 1 appears regularly.”

Bahnhof says that the financiers of the SFU are Sveriges Television AB (Sweden’s national public TV broadcaster), Filmproducenternas Rättsförening (a legally-oriented association for filmproducers), BMG Chrysalis Scandinavia (a media giant) and Fackförbundet för Film och Mediabranschen (a union for the movie and media industry).

“This means that Judge 1 is involved in a copyright association sponsored by the film and media industry, while also judging in copyright cases with the film industry as one of the parties,” the ISP says.

Bahnhof’s also has criticism for Judge 2, who participated as an event speaker for the Swedish Association for Copyright, and Judge 3 who has written for the SFU-supported magazine NIR. According to Lindahl, Judge 4 worked for a bureau that is partly owned by a board member of SFU, who also defended media companies in a “high-profile” Swedish piracy case.

That leaves Judge 5, who handled 10 of the copyright troll cases documented by Bahnhof, waiving one and deciding the remaining nine in favor of a movie company plaintiff.

“Judge 5 has been questioned before and even been accused of bias while judging a high-profile piracy case almost ten years ago. The accusations of bias were motivated by the judge’s membership of SFU and the Swedish Association for Intellectual Property Rights (SFIR), an association with several important individuals of the Swedish copyright community as members, who all defend, represent, or sympathize with the media industry,” Lindahl says.

Bahnhof hasn’t named any of the judges nor has it provided additional details on the “high-profile” case. However, anyone who remembers the infamous trial of ‘The Pirate Bay Four’ a decade ago might recall complaints from the defense (1,2,3) that several judges involved in the case were members of pro-copyright groups.

While there were plenty of calls to consider them biased, in May 2010 the Supreme Court ruled otherwise, a fact Bahnhof recognizes.

“Judge 5 was never sentenced for bias by the court, but regardless of the court’s decision this is still a judge who shares values and has personal connections with [the media industry], and as if that weren’t enough, the judge has induced an additional financial aspect by participating in events paid for by said party,” Lindahl writes.

“The judge has parties and interest holders in their personal network, a private engagement in the subject and a financial connection to one party – textbook characteristics of bias which would make anyone suspicious.”

The decision-makers of the Patent and Market Court and their relations.

The ISP notes that all five judges have connections to the media industry in the cases they judge, which isn’t a great starting point for returning “objective and impartial” results. In its summary, however, the ISP is scathing of the overall system, one in which court cases “almost looked rigged” and appear to be decided in favor of the movie company even before reaching court.

In general, however, Bahnhof says that the processes show a lack of individual attention, such as the court blindly accepting questionable IP address evidence supplied by infamous anti-piracy outfit MaverickEye.

“The court never bothers to control the media company’s only evidence (lists generated by MaverickMonitor, which has proven to be an unreliable software), the court documents contain several typos of varying severity, and the same standard texts are reused in several different cases,” the ISP says.

“The court documents show a lack of care and control, something that can easily be taken advantage of by individuals with shady motives. The findings and discoveries of this investigation are strengthened by the pure numbers mentioned in the beginning which clearly show how one party almost always wins.

“If this is caused by bias, cheating, partiality, bribes, political agenda, conspiracy or pure coincidence we can’t say for sure, but the fact that this process has mainly generated money for the film industry, while citizens have been robbed of their personal integrity and legal certainty, indicates what forces lie behind this machinery,” Bahnhof’s Lindahl concludes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Analyzing Amazon Connect records with Amazon Athena, AWS Glue, and Amazon QuickSight

2018-06-02 Luis Caro Perez

Post Syndicated from Luis Caro Perez original https://aws.amazon.com/blogs/big-data/analyzing-amazon-connect-records-with-amazon-athena-aws-glue-and-amazon-quicksight/

Last year, we released Amazon Connect, a cloud-based contact center service that enables any business to deliver better customer service at low cost. This service is built based on the same technology that empowers Amazon customer service associates. Using this system, associates have millions of conversations with customers when they inquire about their shipping or order information. Because we made it available as an AWS service, you can now enable your contact center agents to make or receive calls in a matter of minutes. You can do this without having to provision any kind of hardware. 2

There are several advantages of building your contact center in the AWS Cloud, as described in our documentation. In addition, customers can extend Amazon Connect capabilities by using AWS products and the breadth of AWS services. In this blog post, we focus on how to get analytics out of the rich set of data published by Amazon Connect. We make use of an Amazon Connect data stream and create an end-to-end workflow to offer an analytical solution that can be customized based on need.

Solution overview

The following diagram illustrates the solution.

In this solution, Amazon Connect exports its contact trace records (CTRs) using Amazon Kinesis. CTRs are data streams in JSON format, and each has information about individual contacts. For example, this information might include the start and end time of a call, which agent handled the call, which queue the user chose, queue wait times, number of holds, and so on. You can enable this feature by reviewing our documentation.

In this architecture, we use Kinesis Firehose to capture Amazon Connect CTRs as raw data in an Amazon S3 bucket. We don’t use the recent feature added by Kinesis Firehose to save the data in S3 as Apache Parquet format. We use AWS Glue functionality to automatically detect the schema on the fly from an Amazon Connect data stream.

The primary reason for this approach is that it allows us to use attributes and enables an Amazon Connect administrator to dynamically add more fields as needed. Also by converting data to parquet in batch (every couple of hours) compression can be higher. However, if your requirement is to ingest the data in Parquet format on realtime, we recoment using Kinesis Firehose recently launched feature. You can review this blog post for further information.

By default, Firehose puts these records in time-series format. To make it easy for AWS Glue crawlers to capture information from new records, we use AWS Lambda to move all new records to a single S3 prefix called flatfiles. Our Lambda function is configured using S3 event notification. To comply with AWS Glue and Athena best practices, the Lambda function also converts all column names to lowercase. Finally, we also use the Lambda function to start AWS Glue crawlers. AWS Glue crawlers identify the data schema and update the AWS Glue Data Catalog, which is used by extract, transform, load (ETL) jobs in AWS Glue in the latter half of the workflow.

You can see our approach in the Lambda code following.

from __future__ import print_function
import json
import urllib
import boto3
import os
import re
s3 = boto3.resource('s3')
client = boto3.client('s3')
def convertColumntoLowwerCaps(obj):
    for key in obj.keys():
        new_key = re.sub(r'[\W]+', '', key.lower())
        v = obj[key]
        if isinstance(v, dict):
            if len(v) > 0:
                convertColumntoLowwerCaps(v)
        if new_key != key:
            obj[new_key] = obj[key]
            del obj[key]
    return obj

def lambda_handler(event, context):
    bucket = event['Records'][0]['s3']['bucket']['name']
    key = urllib.unquote_plus(event['Records'][0]['s3']['object']['key'].encode('utf8'))
    try:
        client.download_file(bucket, key, '/tmp/file.json')        
        with open('/tmp/out.json', 'w') as output, open('/tmp/file.json', 'rb') as file:
            i = 0
            for line in file: 
                for object in line.replace("}{","}\n{").split("\n"):
                    record = json.loads(object,object_hook=convertColumntoLowwerCaps)
                    if i != 0:
                        output.write("\n")
                    output.write(json.dumps(record))
                    i += 1
        newkey = 'flatfiles/' + key.replace("/", "")                
        client.upload_file('/tmp/out.json', bucket,newkey)
        s3.Object(bucket,key).delete()
        return "success"
    except Exception as e:
        print(e)
        print('Error coping object {} from bucket {}'.format(key, bucket))
        raise e

We trigger AWS Glue crawlers based on events because this approach lets us capture any new data frame that we want to be dynamic in nature. CTR attributes are designed to offer multiple custom options based on a particular call flow. Attributes are essentially key-value pairs in nested JSON format. With the help of event-based AWS Glue crawlers, you can easily identify newer attributes automatically.

We recommend setting up an S3 lifecycle policy on the flatfiles folder that keeps records only for 24 hours. Doing this optimizes AWS Glue ETL jobs to process a subset of files rather than the entire set of records.

After we have data in the flatfiles folder, we use AWS Glue to catalog the data and transform it into Parquet format inside a folder called parquet/ctr/. The AWS Glue job performs the ETL that transforms the data from JSON to Parquet format. We use AWS Glue crawlers to capture any new data frame inside the JSON code that we want to be dynamic in nature. What this means is that when you add new attributes to an Amazon Connect instance, the solution automatically recognizes them and incorporates them in the schema of the results.

After AWS Glue stores the results in Parquet format, you can perform analytics using Amazon Redshift Spectrum, Amazon Athena, or any third-party data warehouse platform. To keep this solution simple, we have used Amazon Athena for analytics. Amazon Athena allows us to query data without having to set up and manage any servers or data warehouse platforms. Additionally, we only pay for the queries that are executed.

Try it out!

You can get started with our sample AWS CloudFormation template. This template creates the components starting from the Kinesis stream and finishes up with S3 buckets, the AWS Glue job, and crawlers. To deploy the template, open the AWS Management Console by clicking the following link.

In the console, specify the following parameters:

BucketName: The name for the bucket to store all the solution files. This name must be unique; if it’s not, template creation fails.
etlJobSchedule: The schedule in cron format indicating how often the AWS Glue job runs. The default value is every hour.
KinesisStreamName: The name of the Kinesis stream to receive data from Amazon Connect. This name must be different from any other Kinesis stream created in your AWS account.
s3interval: The interval in seconds for Kinesis Firehose to save data inside the flatfiles folder on S3. The value must between 60 and 900 seconds.
sampledata: When this parameter is set to true, sample CTR records are used. Doing this lets you try this solution without setting up an Amazon Connect instance. All examples in this walkthrough use this sample data.

Select the “I acknowledge that AWS CloudFormation might create IAM resources.” check box, and then choose Create. After the template finishes creating resources, you can see the stream name on the stack Outputs tab.

If you haven’t created your Amazon Connect instance, you can do so by following the Getting Started Guide. When you are done creating, choose your Amazon Connect instance in the console, which takes you to instance settings. Choose Data streaming to enable streaming for CTR records. Here, you can choose the Kinesis stream (defined in the KinesisStreamName parameter) that was created by the CloudFormation template.

Now it’s time to generate the data by making or receiving calls by using Amazon Connect. You can go to Amazon Connect Cloud Control Panel (CCP) to make or receive calls using a software phone or desktop phone. After a few minutes, we should see data inside the flatfiles folder. To make it easier to try this solution, we provide sample data that you can enable by setting the sampledata parameter to true in your CloudFormation template.

You can navigate to the AWS Glue console by choosing Jobs on the left navigation pane of the console. We can select our job here. In my case, the job created by CloudFormation is called glueJob-i3TULzVtP1W0; yours should be similar. You run the job by choosing Run job for Action.

After that, we wait for the AWS Glue job to run and to finish successfully. We can track the status of the job by checking the History tab.

When the job finishes running, we can check the Database section. There should be a new table created called ctr in Parquet format.

To query the data with Athena, we can select the ctr table, and for Action choose View data.

Doing this takes us to the Athena console. If you run a query, Athena shows a preview of the data.

When we can query the data using Athena, we can visualize it using Amazon QuickSight. Before connecting Amazon QuickSight to Athena, we must make sure to grant Amazon QuickSight access to Athena and the associated S3 buckets in the account. For more information on doing this, see Managing Amazon QuickSight Permissions to AWS Resources in the Amazon QuickSight User Guide. We can then create a new data set in Amazon QuickSight based on the Athena table that was created.

After setting up permissions, we can create a new analysis in Amazon QuickSight by choosing New analysis.

Then we add a new data set.

We choose Athena as the source and give the data source a name (in this case, I named it connectctr).

Choose the name of the database and the table referencing the Parquet results.

Then choose Visualize.

After that, we should see the following screen.

Now we can create some visualizations. First, search for the agent.username column, and drag it to the AutoGraph section.

We can see the agents and the number of calls for each, so we can easily see which agents have taken the largest amount of calls. If we want to see from what queues the calls came for each agent, we can add the queue.arn column to the visual.

After following all these steps, you can use Amazon QuickSight to add different columns from the call records and perform different types of visualizations. You can build dashboards that continuously monitor your connect instance. You can share those dashboards with others in your organization who might need to see this data.

Conclusion

In this post, you see how you can use services like AWS Lambda, AWS Glue, and Amazon Athena to process Amazon Connect call records. The post also demonstrates how to use AWS Lambda to preprocess files in Amazon S3 and transform them into a format that recognized by AWS Glue crawlers. Finally, the post shows how to used Amazon QuickSight to perform visualizations.

You can use the provided template to analyze your own contact center instance. Or you can take the CloudFormation template and modify it to process other data streams that can be ingested using Amazon Kinesis or stored on Amazon S3.

Additional Reading

If you found this post useful, be sure to check out Analyze Apache Parquet optimized data using Amazon Kinesis Data Firehose, Amazon Athena, and Amazon Redshift and Visualize AWS Cloudtrail Logs Using AWS Glue and Amazon QuickSight.

About the Authors

Luis Caro is a Big Data Consultant for AWS Professional Services. He works with our customers to provide guidance and technical assistance on big data projects, helping them improving the value of their solutions when using AWS.

Peter Dalbhanjan is a Solutions Architect for AWS based in Herndon, VA. Peter has a keen interest in evangelizing AWS solutions and has written multiple blog posts that focus on simplifying complex use cases. At AWS, Peter helps with designing and architecting variety of customer workloads.

GoDaddy to Suspend ‘Pirate’ Domain Following Music Industry Complaints

2018-06-01 Andy

Post Syndicated from Andy original https://torrentfreak.com/godaddy-to-suspend-pirate-domain-following-music-industry-complaints-180601/

Most piracy-focused sites online conduct their business with minimal interference from outside parties. In many cases, a heap of DMCA notices filed with Google represents the most visible irritant.

Others, particularly those with large audiences, can find themselves on the end of a web blockade. Mostly court-ordered, blocking measures restrict the ability of Internet users to visit a site due to ISPs restricting traffic.

In some regions, where copyright holders have the means to do so, they choose to tackle a site’s infrastructure instead, which could mean complaints to webhosts or other service providers. At times, this has included domain registries, who are asked to disable domains on copyright grounds.

This is exactly what has happened to Fox-MusicaGratis.com, a Spanish-language music piracy site that incurred the wrath of IFPI member UNIMPRO – the Peruvian Union of Phonographic Producers.

Pirate music, suspended domain

In a process that’s becoming more common in the region, UNIMPRO initially filed a complaint with the Copyright Commission (Comisión de Derecho de Autor (CDA)) which conducted an investigation into the platform’s activities.

“The CDA considered, among other things, the irreparable damage that would have been caused to the legitimate rights owners, taking into account the large number of users who could potentially have visited said website, which was making available endless musical recordings for commercial purposes, without authorization of the holders of rights,” a statement from CDA reads.

The administrative process was carried out locally with the involvement of the National Institute for the Defense of Competition and the Protection of Intellectual Property (Indecopi), an autonomous public body tasked with handling anti-competitive behavior, unfair competition, and intellectual property matters.

Indecopi HQ

The matter was decided in favor of the rightsholders and a subsequent ruling included an instruction for US-based domain name registry GoDaddy to suspend Fox-MusicaGratis.com. According to the copyright protection entity, GoDaddy agreed to comply, to prevent further infringement.

This latest action involving a music piracy site registered with GoDaddy follows on the heels of a similar enforcement process back in March.

Mp3Juices-Download-Free.com, Melodiavip.net, Foxmusica.site and Fulltono.me were all music sites offering MP3 content without copyright holders’ permission. They too were the subject of an UNIMPRO complaint which resulted in orders for GoDaddy to suspend their domains.

In the cases of all five websites, GoDaddy was given the chance to appeal but there is no indication that the company has done so. GoDaddy did not respond to a request for comment.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Majority of Canadians Consume Online Content Legally, Survey Finds

2018-05-31 Andy

Post Syndicated from Andy original https://torrentfreak.com/majority-of-canadians-consume-online-content-legally-survey-finds-180531/

Back in January, a coalition of companies and organizations with ties to the entertainment industries called on local telecoms regulator CRTC to implement a national website blocking regime.

Under the banner of Fairplay Canada, members including Bell, Cineplex, Directors Guild of Canada, Maple Leaf Sports and Entertainment, Movie Theatre Association of Canada, and Rogers Media, spoke of an industry under threat from marauding pirates. But just how serious is this threat?

The results of a new survey commissioned by Innovation Science and Economic Development Canada (ISED) in collaboration with the Department of Canadian Heritage (PCH) aims to shine light on the problem by revealing the online content consumption habits of citizens in the Great White North.

While there are interesting findings for those on both sides of the site-blocking debate, the situation seems somewhat removed from the Armageddon scenario predicted by the entertainment industries.

Carried out among 3,301 Canadians aged 12 years and over, the Kantar TNS study aims to cover copyright infringement in six key content areas – music, movies, TV shows, video games, computer software, and eBooks. Attitudes and behaviors are also touched upon while measuring the effectiveness of Canada’s copyright measures.

General Digital Content Consumption

In its introduction, the report notes that 28 million Canadians used the Internet in the three-month study period to November 27, 2017. Of those, 22 million (80%) consumed digital content. Around 20 million (73%) streamed or accessed content, 16 million (59%) downloaded content, while 8 million (28%) shared content.

Music, TV shows and movies all battled for first place in the consumption ranks, with 48%, 48%, and 46% respectively.

Copyright Infringement

According to the study, the majority of Canadians do things completely by the book. An impressive 74% of media-consuming respondents said that they’d only accessed material from legal sources in the preceding three months.

The remaining 26% admitted to accessing at least one illegal file in the same period. Of those, just 5% said that all of their consumption was from illegal sources, with movies (36%), software (36%), TV shows (34%) and video games (33%) the most likely content to be consumed illegally.

Interestingly, the study found that few demographic factors – such as gender, region, rural and urban, income, employment status and language – play a role in illegal content consumption.

“We found that only age and income varied significantly between consumers who infringed by downloading or streaming/accessing content online illegally and consumers who did not consume infringing content online,” the report reads.

“More specifically, the profile of consumers who downloaded or streamed/accessed infringing content skewed slightly younger and towards individuals with household incomes of $100K+.”

Licensed services much more popular than pirate haunts

It will come as no surprise that Netflix was the most popular service with consumers, with 64% having used it in the past three months. Sites like YouTube and Facebook were a big hit too, visited by 36% and 28% of content consumers respectively.

Overall, 74% of online content consumers use licensed services for content while 42% use social networks. Under a third (31%) use a combination of peer-to-peer (BitTorrent), cyberlocker platforms, or linking sites. Stream-ripping services are used by 9% of content consumers.

“Consumers who reported downloading or streaming/accessing infringing content only are less likely to use licensed services and more likely to use peer-to-peer/cyberlocker/linking sites than other consumers of online content,” the report notes.

Attitudes towards legal consumption & infringing content

In common with similar surveys over the years, the Kantar research looked at the reasons why people consume content from various sources, both legal and otherwise.

Convenience (48%), speed (36%) and quality (34%) were the most-cited reasons for using legal sources. An interesting 33% of respondents said they use legal sites to avoid using illegal sources.

On the illicit front, 54% of those who obtained unauthorized content in the previous three months said they did so due to it being free, with 40% citing convenience and 34% mentioning speed.

Almost six out of ten (58%) said lower costs would encourage them to switch to official sources, with 47% saying they’d move if legal availability was improved.

Canada’s ‘Notice-and-Notice’ warning system

People in Canada who share content on peer-to-peer systems like BitTorrent without permission run the risk of receiving an infringement notice warning them to stop. These are sent by copyright holders via users’ ISPs and the hope is that the shock of receiving a warning will turn consumers back to the straight and narrow.

The study reveals that 10% of online content consumers over the age of 12 have received one of these notices but what kind of effect have they had?

“Respondents reported that receiving such a notice resulted in the following: increased awareness of copyright infringement (38%), taking steps to ensure password protected home networks (27%), a household discussion about copyright infringement (27%), and discontinuing illegal downloading or streaming (24%),” the report notes.

While these are all positives for the entertainment industries, Kantar reports that almost a quarter (24%) of people who receive a notice simply ignore them.

Stream-ripping

Once upon a time, people obtaining music via P2P networks was cited as the music industry’s greatest threat but, with the advent of sites like YouTube, so-called stream-ripping is the latest bogeyman.

According to the study, 11% of Internet users say they’ve used a stream-ripping service. They are most likely to be male (62%) and predominantly 18 to 34 (52%) years of age.

“Among Canadians who have used a service to stream-rip music or entertainment, nearly half (48%) have used stream-ripping sites, one-third have used downloader apps (38%), one-in-seven (14%) have used a stream-ripping plug-in, and one-in-ten (10%) have used stream-ripping software,” the report adds.

Set-Top Boxes and VPNs

Few general piracy studies would be complete in 2018 without touching on set-top devices and Virtual Private Networks and this report doesn’t disappoint.

More than one in five (21%) respondents aged 12+ reported using a VPN, with the main purpose of securing communications and Internet browsing (57%).

A relatively modest 36% said they use a VPN to access free content while 32% said the aim was to access geo-blocked content unavailable in Canada. Just over a quarter (27%) said that accessing content from overseas at a reasonable price was the main motivator.

One in ten (10%) of respondents reported using a set-top box, with 78% stating they use them to access paid-for content. Interestingly, only a small number say they use the devices to infringe.

“A minority use set-top boxes to access other content that is not legal or they are unsure if it is legal (16%), or to access live sports that are not legal or they are unsure if it is legal (11%),” the report notes.

“Individuals who consumed a mix of legal and illegal content online are more likely to use VPN services (42%) or TV set-top boxes (21%) than consumers who only downloaded or streamed/accessed legal content.”

Kantar says that the findings of the report will be used to help policymakers evaluate how Canada’s Copyright Act is coping with a changing market and technological developments.

“This research will provide the necessary information required to further develop copyright policy in Canada, as well as to provide a foundation to assess the effectiveness of the measures to address copyright infringement, should future analysis be undertaken,” it concludes.

The full report can be found here (pdf)

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Hiring a Director of Sales

2018-05-31 Yev

Post Syndicated from Yev original https://www.backblaze.com/blog/hiring-a-director-of-sales/

Backblaze is hiring a Director of Sales. This is a critical role for Backblaze as we continue to grow the team. We need a strong leader who has experience in scaling a sales team and who has an excellent track record for exceeding goals by selling Software as a Service (SaaS) solutions. In addition, this leader will need to be highly motivated, as well as able to create and develop a highly-motivated, success oriented sales team that has fun and enjoys what they do.

The History of Backblaze from our CEO
In 2007, after a friend’s computer crash caused her some suffering, we realized that with every photo, video, song, and document going digital, everyone would eventually lose all of their information. Five of us quit our jobs to start a company with the goal of making it easy for people to back up their data.

Like many startups, for a while we worked out of a co-founder’s one-bedroom apartment. Unlike most startups, we made an explicit agreement not to raise funding during the first year. We would then touch base every six months and decide whether to raise or not. We wanted to focus on building the company and the product, not on pitching and slide decks. And critically, we wanted to build a culture that understood money comes from customers, not the magical VC giving tree. Over the course of 5 years we built a profitable, multi-million dollar revenue business — and only then did we raise a VC round.

Fast forward 10 years later and our world looks quite different. You’ll have some fantastic assets to work with:

A brand millions recognize for openness, ease-of-use, and affordability.
A computer backup service that stores over 500 petabytes of data, has recovered over 30 billion files for hundreds of thousands of paying customers — most of whom self-identify as being the people that find and recommend technology products to their friends.
Our B2 service that provides the lowest cost cloud storage on the planet at 1/4th the price Amazon, Google or Microsoft charges. While being a newer product on the market, it already has over 100,000 IT and developers signed up as well as an ecosystem building up around it.
A growing, profitable and cash-flow positive company.
And last, but most definitely not least: a great sales team.

You might be saying, “sounds like you’ve got this under control — why do you need me?” Don’t be misled. We need you. Here’s why:

We have a great team, but we are in the process of expanding and we need to develop a structure that will easily scale and provide the most success to drive revenue.
We just launched our outbound sales efforts and we need someone to help develop that into a fully successful program that’s building a strong pipeline and closing business.
We need someone to work with the marketing department and figure out how to generate more inbound opportunities that the sales team can follow up on and close.
We need someone who will work closely in developing the skills of our current sales team and build a path for career growth and advancement.
We want someone to manage our Customer Success program.

So that’s a bit about us. What are we looking for in you?

Experience: As a sales leader, you will strategically build and drive the territory’s sales pipeline by assembling and leading a skilled team of sales professionals. This leader should be familiar with generating, developing and closing software subscription (SaaS) opportunities. We are looking for a self-starter who can manage a team and make an immediate impact of selling our Backup and Cloud Storage solutions. In this role, the sales leader will work closely with the VP of Sales, marketing staff, and service staff to develop and implement specific strategic plans to achieve and exceed revenue targets, including new business acquisition as well as build out our customer success program.

Leadership: We have an experienced team who’s brought us to where we are today. You need to have the people and management skills to get them excited about working with you. You need to be a strong leader and compassionate about developing and supporting your team.

Data driven and creative: The data has to show something makes sense before we scale it up. However, without creativity, it’s easy to say “the data shows it’s impossible” or to find a local maximum. Whether it’s deciding how to scale the team, figuring out what our outbound sales efforts should look like or putting a plan in place to develop the team for career growth, we’ve seen a bit of creativity get us places a few extra dollars couldn’t.

Jive with our culture: Strong leaders affect culture and the person we hire for this role may well shape, not only fit into, ours. But to shape the culture you have to be accepted by the organism, which means a certain set of shared values. We default to openness with our team, our customers, and everyone if possible. We love initiative — without arrogance or dictatorship. We work to create a place people enjoy showing up to work. That doesn’t mean ping pong tables and foosball (though we do try to have perks & fun), but it means people are friendly, non-political, working to build a good service but also a good place to work.

Do the work: Ideas and strategy are critical, but good execution makes them happen. We’re looking for someone who can help the team execute both from the perspective of being capable of guiding and organizing, but also someone who is hands-on themselves.

Additional Responsibilities needed for this role:

Recruit, coach, mentor, manage and lead a team of sales professionals to achieve yearly sales targets. This includes closing new business and expanding upon existing clientele.
Expand the customer success program to provide the best customer experience possible resulting in upsell opportunities and a high retention rate.
Develop effective sales strategies and deliver compelling product demonstrations and sales pitches.
Acquire and develop the appropriate sales tools to make the team efficient in their daily work flow.
Apply a thorough understanding of the marketplace, industry trends, funding developments, and products to all management activities and strategic sales decisions.
Ensure that sales department operations function smoothly, with the goal of facilitating sales and/or closings; operational responsibilities include accurate pipeline reporting and sales forecasts.
This position will report directly to the VP of Sales and will be staffed in our headquarters in San Mateo, CA.

Requirements:

7 – 10+ years of successful sales leadership experience as measured by sales performance against goals.
Experience in developing skill sets and providing career growth and opportunities through advancement of team members.
Background in selling SaaS technologies with a strong track record of success.
Strong presentation and communication skills.
Must be able to travel occasionally nationwide.
BA/BS degree required

Think you want to join us on this adventure?
Send an email to jobscontact@backblaze.com with the subject “Director of Sales.” (Recruiters and agencies, please don’t email us.) Include a resume and answer these two questions:

How would you approach evaluating the current sales team and what is your process for developing a growth strategy to scale the team?
What are the goals you would set for yourself in the 3 month and 1-year timeframes?

Thank you for taking the time to read this and I hope that this sounds like the opportunity for which you’ve been waiting.

Backblaze is an Equal Opportunity Employer.

The post Hiring a Director of Sales appeared first on Backblaze Blog | Cloud Storage & Cloud Backup.

Amazon Neptune Generally Available

2018-05-30 Randall Hunt

Post Syndicated from Randall Hunt original https://aws.amazon.com/blogs/aws/amazon-neptune-generally-available/

Amazon Neptune is now Generally Available in US East (N. Virginia), US East (Ohio), US West (Oregon), and EU (Ireland). Amazon Neptune is a fast, reliable, fully-managed graph database service that makes it easy to build and run applications that work with highly connected datasets. At the core of Neptune is a purpose-built, high-performance graph database engine optimized for storing billions of relationships and querying the graph with millisecond latencies. Neptune supports two popular graph models, Property Graph and RDF, through Apache TinkerPop Gremlin and SPARQL, allowing you to easily build queries that efficiently navigate highly connected datasets. Neptune can be used to power everything from recommendation engines and knowledge graphs to drug discovery and network security. Neptune is fully-managed with automatic minor version upgrades, backups, encryption, and fail-over. I wrote about Neptune in detail for AWS re:Invent last year and customers have been using the preview and providing great feedback that the team has used to prepare the service for GA.

Now that Amazon Neptune is generally available there are a few changes from the preview:

A large number of performance enhancements and updates
AWS CloudFormation support
AWS Command Line Interface (CLI)/SDK support
Updated to Apache TinkerPop 3.3.2
Support for IAM roles with bulk loading from Amazon Simple Storage Service (S3)

Launching an Amazon Neptune Cluster

Launching a Neptune cluster is as easy as navigating to the AWS Management Console and clicking create cluster. Of course you can also launch with CloudFormation, the CLI, or the SDKs.

You can monitor your cluster health and the health of individual instances through Amazon CloudWatch and the console.

Additional Resources

We’ve created two repos with some additional tools and examples here. You can expect continuous development on these repos as we add additional tools and examples.

Amazon Neptune Tools Repo
This repo has a useful tool for converting GraphML files into Neptune compatible CSVs for bulk loading from S3.
Amazon Neptune Samples Repo
This repo has a really cool example of building a collaborative filtering recommendation engine for video game preferences.

Purpose Built Databases

There’s an industry trend where we’re moving more and more onto purpose-built databases. Developers and businesses want to access their data in the format that makes the most sense for their applications. As cloud resources make transforming large datasets easier with tools like AWS Glue, we have a lot more options than we used to for accessing our data. With tools like Amazon Redshift, Amazon Athena, Amazon Aurora, Amazon DynamoDB, and more we get to choose the best database for the job or even enable entirely new use-cases. Amazon Neptune is perfect for workloads where the data is highly connected across data rich edges.

I’m really excited about graph databases and I see a huge number of applications. Looking for ideas of cool things to build? I’d love to build a web crawler in AWS Lambda that uses Neptune as the backing store. You could further enrich it by running Amazon Comprehend or Amazon Rekognition on the text and images found and creating a search engine on top of Neptune.

As always, feel free to reach out in the comments or on twitter to provide any feedback!

– Randall

FCC Asks Amazon & eBay to Help Eliminate Pirate Media Box Sales

2018-05-30 Andy

Post Syndicated from Andy original https://torrentfreak.com/fcc-asks-amazon-ebay-to-help-eliminate-pirate-media-box-sales-180530/

Over the past several years, anyone looking for a piracy-configured set-top box could do worse than search for one on Amazon or eBay.

Historically, people deploying search terms including “Kodi” or “fully-loaded” were greeted by page after page of Android-type boxes, each ready for illicit plug-and-play entertainment consumption following delivery.

Although the problem persists on both platforms, people are now much less likely to find infringing devices than they were 12 to 24 months ago. Under pressure from entertainment industry groups, both Amazon and eBay have tightened the screws on sellers of such devices. Now, however, both companies have received requests to stem sales from a completetey different direction.

In a letter to eBay CEO Devin Wenig and Amazon CEO Jeff Bezos first spotted by Ars, FCC Commissioner Michael O’Rielly calls on the platforms to take action against piracy-configured boxes that fail to comply with FCC equipment authorization requirements or falsely display FCC logos, contrary to United States law.

“Disturbingly, some rogue set-top box manufacturers and distributors are exploiting the FCC’s trusted logo by fraudulently placing it on devices that have not been approved via the Commission’s equipment authorization process,” O’Rielly’s letter reads.

“Specifically, nine set-top box distributors were referred to the FCC in October for enabling the unlawful streaming of copyrighted material, seven of which displayed the FCC logo, although there was no record of such compliance.”

While O’Rielly admits that the copyright infringement aspects fall outside the jurisdiction of the FCC, he says it’s troubling that many of these devices are used to stream infringing content, “exacerbating the theft of billions of dollars in American innovation and creativity.”

As noted above, both Amazon and eBay have taken steps to reduce sales of pirate boxes on their respective platforms on copyright infringement grounds, something which is duly noted by O’Rielly. However, he points out that devices continue to be sold to members of the public who may believe that the devices are legal since they’re available for sale from legitimate companies.

“For these reasons, I am seeking your further cooperation in assisting the FCC in taking steps to eliminate the non-FCC compliant devices or devices that fraudulently bear the FCC logo,” the Commissioner writes (pdf).

“Moreover, if your company is made aware by the Commission, with supporting evidence, that a particular device is using a fraudulent FCC label or has not been appropriately certified and labeled with a valid FCC logo, I respectfully request that you commit to swiftly removing these products from your sites.”

In the event that Amazon and eBay take action under this request, O’Rielly asks both platforms to hand over information they hold on offending manufacturers, distributors, and suppliers.

Amazon was quick to respond to the FCC. In a letter published by Ars, Amazon’s Public Policy Vice President Brian Huseman assured O’Rielly that the company is not only dedicated to tackling rogue devices on copyright-infringement grounds but also when there is fraudulent use of the FCC’s logos.

Noting that Amazon is a key member of the Alliance for Creativity and Entertainment (ACE) – a group that has been taking legal action against sellers of infringing streaming devices (ISDs) and those who make infringing addons for Kodi-type systems – Huseman says that dealing with the problem is a top priority.

“Our goal is to prevent the sale of ISDs anywhere, as we seek to protect our customers from the risks posed by these devices, in addition to our interest in protecting Amazon Studios content,” Huseman writes.

“In 2017, Amazon became the first online marketplace to prohibit the sale of streaming media players that promote or facilitate piracy. To prevent the sale of these devices, we proactively scan product listings for signs of potentially infringing products, and we also invest heavily in sophisticated, automated real-time tools to review a variety of data sources and signals to identify inauthentic goods.

“These automated tools are supplemented by human reviewers that conduct manual investigations. When we suspect infringement, we take immediate action to remove suspected listings, and we also take enforcement action against sellers’ entire accounts when appropriate.”

Huseman also reveals that since implementing a proactive policy against such devices, “tens of thousands” of listings have been blocked from Amazon. In addition, the platform has been making criminal referrals to law enforcement as well as taking civil action (1,2,3) as part of ACE.

“As noted in your letter, we would also appreciate the opportunity to collaborate further with the FCC to remove non-compliant devices that improperly use the FCC logo or falsely claim FCC certification. If any FCC non-compliant devices are identified, we seek to work with you to ensure they are not offered for sale,” Huseman concludes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Hong Kong Customs Arrest Pirate Streaming Device Vendors

2018-05-29 Andy

Post Syndicated from Andy original https://torrentfreak.com/hong-kong-customs-arrest-pirate-streaming-device-vendors-180529/

As Internet-capable set-top boxes pour into homes across all populated continents, authorities seem almost powerless to come up with a significant response to the growing threat.

In standard form these devices, which are often Android-based, are entirely legal. However, when configured with specialist software they become piracy powerhouses providing access to all content imaginable, often at copyright holders’ expense.

A large proportion of these devices come from Asia, China in particular, but it’s relatively rare to hear of enforcement action in that part of the world. That changed this week with an announcement from Hong Kong customs detailing a series of raids in the areas of Sham Shui Po and Wan Chai.

After conducting an in-depth investigation with the assistance of copyright holders, on May 25 and 26 Customs and Excise officers launched Operation Trojan Horse, carrying out a series of raids on four premises selling suspected piracy-configured set-top boxes.

During the operation, officers arrested seven men and one woman aged between 18 and 45. Four of them were shop owners and the other four were salespeople. Around 354 suspected ‘pirate’ boxes were seized with an estimated market value of HK$320,000 (US$40,700).

“In the past few months, the department has stepped up inspections of hotspots for TV set-top boxes,” a statement from authorities reads.

“We have discovered that some shops have sold suspected illegal set-top boxes that bypass the copyright protection measures imposed by copyright holders of pay television programs allowing people to watch pay television programs for free.”

Some of the devices seized by Hong Kong Customs

During a press conference yesterday, a representative from the Customs Copyright and Trademark Investigations (Action) Division said that in the run up to the World Cup in 2018, measures against copyright infringement will be strengthened both on and online.

The announcement was welcomed by the Cable and Satellite Broadcasting Association of Asia’s (CASBAA) Coalition Against Piracy, which is back by industry heavyweights including Disney, Fox, HBO Asia, NBCUniversal, Premier League, Turner Asia-Pacific, A&E Networks, Astro, BBC Worldwide, National Basketball Association, TV5MONDE, Viacom International, and others.

“We commend the great work of Hong Kong Customs in clamping down on syndicates who profit from the sale of Illicit Streaming Devices,” said General Manager Neil Gane.

“The prevalence of ISDs in Hong Kong and across South East Asia is staggering. The criminals who sell ISDs, as well as those who operate the ISD networks and pirate websites, are profiting from the hard work of talented creators, seriously damaging the legitimate content ecosystem as well as exposing consumers to dangerous malware.”

Malware warnings are very prevalent these days but it’s not something the majority of set-top box owners have a problem with. Indeed, a study carried by Sycamore Research found that pirates aren’t easily deterred by such warnings.

Nevertheless, there are definite risks for individuals selling devices when they’re configured for piracy.

Recent cases, particularly in the UK, have shown that hefty jail sentences can hit offenders while over in the United States (1,2,3), lawsuits filed by the Alliance for Creativity and Entertainment (ACE) have the potential to end in unfavorable rulings for multiple defendants.

Although rarely reported, offenders in Hong Kong also face stiff sentences for this kind of infringement including large fines and custodial sentences of up to four years.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.

Kidnapping Fraud

2018-05-29 Bruce Schneier

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2018/05/kidnapping_frau.html

Fake kidnapping fraud:

“Most commonly we have unsolicited calls to potential victims in Australia, purporting to represent the people in authority in China and suggesting to intending victims here they have been involved in some sort of offence in China or elsewhere, for which they’re being held responsible,” Commander McLean said.
The scammers threaten the students with deportation from Australia or some kind of criminal punishment.
The victims are then coerced into providing their identification details or money to get out of the supposed trouble they’re in.
Commander McLean said there are also cases where the student is told they have to hide in a hotel room, provide compromising photos of themselves and cut off all contact.
This simulates a kidnapping.
“So having tricked the victims in Australia into providing the photographs, and money and documents and other things, they then present the information back to the unknowing families in China to suggest that their children who are abroad are in trouble,” Commander McLean said.
“So quite circular in a sense…very skilled, very cunning.”

Protecting your API using Amazon API Gateway and AWS WAF — Part I

2018-05-25 Chris Munns

Post Syndicated from Chris Munns original https://aws.amazon.com/blogs/compute/protecting-your-api-using-amazon-api-gateway-and-aws-waf-part-i/

This post courtesy of Thiago Morais, AWS Solutions Architect

When you build web applications or expose any data externally, you probably look for a platform where you can build highly scalable, secure, and robust REST APIs. As APIs are publicly exposed, there are a number of best practices for providing a secure mechanism to consumers using your API.

Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.

In this post, I show you how to take advantage of the regional API endpoint feature in API Gateway, so that you can create your own Amazon CloudFront distribution and secure your API using AWS WAF.

AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources.

As you make your APIs publicly available, you are exposed to attackers trying to exploit your services in several ways. The AWS security team published a whitepaper solution using AWS WAF, How to Mitigate OWASP’s Top 10 Web Application Vulnerabilities.

Regional API endpoints

Edge-optimized APIs are endpoints that are accessed through a CloudFront distribution created and managed by API Gateway. Before the launch of regional API endpoints, this was the default option when creating APIs using API Gateway. It primarily helped to reduce latency for API consumers that were located in different geographical locations than your API.

When API requests predominantly originate from an Amazon EC2 instance or other services within the same AWS Region as the API is deployed, a regional API endpoint typically lowers the latency of connections. It is recommended for such scenarios.

For better control around caching strategies, customers can use their own CloudFront distribution for regional APIs. They also have the ability to use AWS WAF protection, as I describe in this post.

Edge-optimized API endpoint

The following diagram is an illustrated example of the edge-optimized API endpoint where your API clients access your API through a CloudFront distribution created and managed by API Gateway.

Regional API endpoint

For the regional API endpoint, your customers access your API from the same Region in which your REST API is deployed. This helps you to reduce request latency and particularly allows you to add your own content delivery network, as needed.

Walkthrough

In this section, you implement the following steps:

Create a regional API using the PetStore sample API.
Create a CloudFront distribution for the API.
Test the CloudFront distribution.
Set up AWS WAF and create a web ACL.
Attach the web ACL to the CloudFront distribution.
Test AWS WAF protection.

Create the regional API

For this walkthrough, use an existing PetStore API. All new APIs launch by default as the regional endpoint type. To change the endpoint type for your existing API, choose the cog icon on the top right corner:

After you have created the PetStore API on your account, deploy a stage called “prod” for the PetStore API.

On the API Gateway console, select the PetStore API and choose Actions, Deploy API.

For Stage name, type prod and add a stage description.

Choose Deploy and the new API stage is created.

Use the following AWS CLI command to update your API from edge-optimized to regional:

aws apigateway update-rest-api \
--rest-api-id {rest-api-id} \
--patch-operations op=replace,path=/endpointConfiguration/types/EDGE,value=REGIONAL

A successful response looks like the following:

{
    "description": "Your first API with Amazon API Gateway. This is a sample API that integrates via HTTP with your demo Pet Store endpoints", 
    "createdDate": 1511525626, 
    "endpointConfiguration": {
        "types": [
            "REGIONAL"
        ]
    }, 
    "id": "{api-id}", 
    "name": "PetStore"
}

After you change your API endpoint to regional, you can now assign your own CloudFront distribution to this API.

Create a CloudFront distribution

To make things easier, I have provided an AWS CloudFormation template to deploy a CloudFront distribution pointing to the API that you just created. Click the button to deploy the template in the us-east-1 Region.

For Stack name, enter RegionalAPI. For APIGWEndpoint, enter your API FQDN in the following format:

{api-id}.execute-api.us-east-1.amazonaws.com

After you fill out the parameters, choose Next to continue the stack deployment. It takes a couple of minutes to finish the deployment. After it finishes, the Output tab lists the following items:

A CloudFront domain URL
An S3 bucket for CloudFront access logs

Output from CloudFormation

Test the CloudFront distribution

To see if the CloudFront distribution was configured correctly, use a web browser and enter the URL from your distribution, with the following parameters:

https://{your-distribution-url}.cloudfront.net/{api-stage}/pets

You should get the following output:

[
  {
    "id": 1,
    "type": "dog",
    "price": 249.99
  },
  {
    "id": 2,
    "type": "cat",
    "price": 124.99
  },
  {
    "id": 3,
    "type": "fish",
    "price": 0.99
  }
]

Set up AWS WAF and create a web ACL

With the new CloudFront distribution in place, you can now start setting up AWS WAF to protect your API.

For this demo, you deploy the AWS WAF Security Automations solution, which provides fine-grained control over the requests attempting to access your API.

For more information about deployment, see Automated Deployment. If you prefer, you can launch the solution directly into your account using the following button.

For CloudFront Access Log Bucket Name, add the name of the bucket created during the deployment of the CloudFormation stack for your CloudFront distribution.

The solution allows you to adjust thresholds and also choose which automations to enable to protect your API. After you finish configuring these settings, choose Next.

To start the deployment process in your account, follow the creation wizard and choose Create. It takes a few minutes do finish the deployment. You can follow the creation process through the CloudFormation console.

After the deployment finishes, you can see the new web ACL deployed on the AWS WAF console, AWSWAFSecurityAutomations.

Attach the AWS WAF web ACL to the CloudFront distribution

With the solution deployed, you can now attach the AWS WAF web ACL to the CloudFront distribution that you created earlier.

To assign the newly created AWS WAF web ACL, go back to your CloudFront distribution. After you open your distribution for editing, choose General, Edit.

Select the new AWS WAF web ACL that you created earlier, AWSWAFSecurityAutomations.

Save the changes to your CloudFront distribution and wait for the deployment to finish.

Test AWS WAF protection

To validate the AWS WAF Web ACL setup, use Artillery to load test your API and see AWS WAF in action.

To install Artillery on your machine, run the following command:

$ npm install -g artillery

After the installation completes, you can check if Artillery installed successfully by running the following command:

$ artillery -V
$ 1.6.0-12

As the time of publication, Artillery is on version 1.6.0-12.

One of the WAF web ACL rules that you have set up is a rate-based rule. By default, it is set up to block any requesters that exceed 2000 requests under 5 minutes. Try this out.

First, use cURL to query your distribution and see the API output:

$ curl -s https://{distribution-name}.cloudfront.net/prod/pets
[
  {
    "id": 1,
    "type": "dog",
    "price": 249.99
  },
  {
    "id": 2,
    "type": "cat",
    "price": 124.99
  },
  {
    "id": 3,
    "type": "fish",
    "price": 0.99
  }
]

Based on the test above, the result looks good. But what if you max out the 2000 requests in under 5 minutes?

Run the following Artillery command:

artillery quick -n 2000 --count 10  https://{distribution-name}.cloudfront.net/prod/pets

What you are doing is firing 2000 requests to your API from 10 concurrent users. For brevity, I am not posting the Artillery output here.

After Artillery finishes its execution, try to run the cURL request again and see what happens:

$ curl -s https://{distribution-name}.cloudfront.net/prod/pets

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
Request blocked.
<BR clear="all">
<HR noshade size="1px">
<PRE>
Generated by cloudfront (CloudFront)
Request ID: [removed]
</PRE>
<ADDRESS>
</ADDRESS>
</BODY></HTML>

As you can see from the output above, the request was blocked by AWS WAF. Your IP address is removed from the blocked list after it falls below the request limit rate.

Conclusion

In this first part, you saw how to use the new API Gateway regional API endpoint together with Amazon CloudFront and AWS WAF to secure your API from a series of attacks.

In the second part, I will demonstrate some other techniques to protect your API using API keys and Amazon CloudFront custom headers.

Noise

Tag Archives: USTR

Tech Companies Warn U.S. Against Harmful Copyright Laws Worldwide

MPA’s Piracy Claims Caused Financial Damage, VOD Site Says

Cloudflare Refutes MPA and RIAA’s Piracy Concerns

Key Internet Players Call For Clarification of ‘Notorious Piracy Market’ Term

MPA Adds 1XBET and Baidu to Latest Piracy Threat Report

RIAA Reports Telegram to US Govt. Over Piracy Concerns

House Judiciary Committee Doesn’t Want ‘DMCA-Style’ Safe Harbor in Trade Agreements

U.S. Places 36 Countries on Annual ‘Piracy Watchlist’

US Govt Identifies Top Pirate Sites and Other ‘Notorious Markets’

Kidnapping Fraud

The collective thoughts of the interwebz