Posts tagged ‘anonymous’

Darknet - The Darkside: Drones, Tor & Remailers – The Story Of A High-Tech Kidnapping

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

This whole thing sounds like something straight out of CSI: Cyber with references to Drones, Tor, remailers, anonymous image sharing and the scrubbing of meta data. Pretty interesting reading, although it rather smells like a lot of exageration. A super high-tech kidnapping – gone wrong in the end. Whoever wrote tho e-mails sent to the…

Read the full post at darknet.org.uk

Schneier on Security: Bizarre High-Tech Kidnapping

This post was syndicated from: Schneier on Security and was written by: schneier. Original post: at Schneier on Security

This is a story of a very high-tech kidnapping:

FBI court filings unsealed last week showed how Denise Huskins’ kidnappers used anonymous remailers, image sharing sites, Tor, and other people’s Wi-Fi to communicate with the police and the media, scrupulously scrubbing meta data from photos before sending. They tried to use computer spyware and a DropCam to monitor the aftermath of the abduction and had a Parrot radio-controlled drone standing by to pick up the ransom by remote control.

The story also demonstrates just how effective the FBI is tracing cell phone usage these days. They had a blocked call from the kidnappers to the victim’s cell phone. First they used an search warrant to AT&T to get the actual calling number. After learning that it was an AT&T prepaid Trakfone, they called AT&T to find out where the burner was bought, what the serial numbers were, and the location where the calls were made from.

The FBI reached out to Tracfone, which was able to tell the agents that the phone was purchased from a Target store in Pleasant Hill on March 2 at 5:39 pm. Target provided the bureau with a surveillance-cam photo of the buyer: a white male with dark hair and medium build. AT&T turned over records showing the phone had been used within 650 feet of a cell site in South Lake Tahoe.

Here’s the criminal complaint. It borders on surreal. Were it an episode of CSI:Cyber, you would never believe it.

TorrentFreak: Sweden’s Largest Streaming Site Will Close After Raid

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

swefilmlogoWhile millions associate Sweden with BitTorrent through its connections with The Pirate Bay, over the past several years the public has increasingly been obtaining its content in other ways.

Thanks to cheap bandwidth and an appetite for instant gratification, so-called streaming portals have grown in popularity, with movies and TV shows just a couple of clicks away in convenient Netflix-style interfaces.

Founded in 2011, Swefilmer is currently Sweden’s most popular streaming movie and TV show site. Research last year from Media Vision claimed that 25% of all web TV viewing in the country was carried out on Swefilmer and another similar site, Dreamfilm.

According to Alexa the site is currently the country’s 100th most popular domain, but in the next three days it will shut down for good.

swefilmer

The revelation comes from the site’s admin, who has just been revealed as local man Ola Johansson. He says that a surprise and unwelcome visit made it clear that he could not continue.

In a YouTube video posted yesterday, Johansson reports that earlier this month he was raided by the police who seized various items of computer equipment and placed him under arrest.

“It’s been a tough month to say the least. On 8 July, I received a search by the police at home. I lost a computer, mobile phone and other things,” Johansson says.

While most suspects in similar cases are released after a few hours or perhaps overnight, Johansson says he was subjected to an extended detention.

ola“I got to sit in jail for 90 hours. When I came out on Monday [after being raided on Wednesday] the site had been down since Friday,” he explains.

The Swede said he noticed something was amiss at the beginning of July when he began experiencing problems with the Russian server that was used to host the site’s videos.

“It started when all things from OK.ru disappeared. That’s the service where we have uploaded all the videos,” Johansson says.

While the site remains online for now, the Swede says that this Friday Swefilmer will close down for good. The closure will mark the end of an era but since he is now facing a criminal prosecution that’s likely to conclude in a high-profile trial, Johansson has little choice but to pull the plug.

The site’s considerable userbase will be disappointed with the outcome but there are others that are welcoming the crackdown.

“We are not an anonymous Hollywood studio,” said local director Anders Nilsson in response to the news.

“We are a group of film makers and we will not give up when someone spits in our faces by stealing our movies and putting them on criminal sites to share them in the free world. It is just as insulting as if someone had stolen the purely physical property.”

Aside from creating a gap in the unauthorized streaming market, the forthcoming closure of Swefilmer will have repercussions in the courtroom too, particularly concerning an important legal process currently playing out in Sweden.

Last November, Universal Music, Sony Music, Warner Music, Nordisk Film and the Swedish Film Industry filed a lawsuit in the Stockholm District Court against local ISP Bredbandsbolaget (The Broadband Company). It demands that the ISP blocks subscriber access to The Pirate Bay and also Swefilmer.

Even after negotiation Bredbandsbolaget refused to comply, so the parties will now meet in an October hearing to determine the future of website blocking in Sweden.

It is believed that the plaintiffs in the case were keen to tackle a torrent site and a streaming site in the same process but whether Swefilmer will now be replaced by another site is currently unknown. If it does, Dreamfilm could be the most likely candidate.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and the best VPN services.

Schneier on Security: Using Secure Chat

This post was syndicated from: Schneier on Security and was written by: schneier. Original post: at Schneier on Security

Micah Lee has a good tutorial on installing and using secure chat.

To recap: We have installed Orbot and connected to the Tor network on Android, and we have installed ChatSecure and created an anonymous secret identity Jabber account. We have added a contact to this account, started an encrypted session, and verified that their OTR fingerprint is correct. And now we can start chatting with them with an extraordinarily high degree of privacy.

FBI Director James Comey, UK Prime Minister David Cameron, and totalitarian governments around the world all don’t want you to be able to do this.

SANS Internet Storm Center, InfoCON: green: Web security subtleties and exploitation of combined vulnerabilities, (Thu, Jun 25th)

This post was syndicated from: SANS Internet Storm Center, InfoCON: green and was written by: SANS Internet Storm Center, InfoCON: green. Original post: at SANS Internet Storm Center, InfoCON: green

The goal of a penetration test is to report all identified vulnerabilities to the customer. Of course, every penetration tester puts most of his effort into finding critical security vulnerabilities: SQL injection, XSS and similar, which have the most impact for the tested web application (and, indeed, it does not hurt a penetration testers ego when such a vulnerability is identified :)

However, I strongly push towards reporting of every single vulnerability, no matter how harmless it might appear (and my penetration team coworkers sometimes complain about this, but lets prove them wrong).

Here well take a look at how two seemingly low risk vulnerabilities can be combined into a more dangerous one.

Accepting parameters in GET and POST requests

When processing parameters/responses received from the client, most of the todays web applications rely on POST HTTP requests. This is a preferred way of sending client-related input/output from the browser since it will not be visible in web servers (or proxys) logs. One of the tests I normally do is to check if the application accepts same parameters in GET HTTP requests. Lets take a look at this.

The official”>POST /page HTTP/1.1
Host: my.example.local
“>parameter=value”>GET /page?parameter=valuesecret=secret_value HTTP/1.1
Host: my.example.local
(other headers)

If this worked it means that the tested web application (the tested page/script) accepts parameters from any request. While this by itself is not really a security vulnerability, it is not a perfect way for receiving and processing parameters as we will see below. Additionally, keep in mind that this makes an attackers job a bit easier instead of working with POST HTTP requests he can simply put everything into GET HTTP request (yeah, it works for the defenders as well since well see what he put into the request).

A seemingly harmless XSS vulnerability

While further testing this application we found an XSS vulnerability. For sake of simplicity lets say its an anonymous application that has no login forms. However, since the application depends on a certain workflow, and since the XSS vulnerability was found in the 3rd step of the workflow, it does require a valid session cookie (aJSESSIONID cookie).

What does this mean? It means that the attacker cannot exploit the XSS vulnerability: if the request to the vulnerable page is made without a valid JSESSIONID cookie, the application simply redirects the user to the front page (the first step of the workflow). Even if the victim now again clicked on the malicious link, it still wouldnt work because the tested application checks the workflow phase/step and if it is not correct again simply redirects the user to the front page.

Ahh, such a disappointment after finding a very nice XSS vulnerability: the attacker can really exploit only himself and thats no fun at all. Or is there another way?

Taking this a bit further

Remember how we figured out that the application accepts parameters in both GET and POST HTTP requests above?
Let”>Cookie: JSESSIONID=560308266F93351159D8D20732C637FA

Since the cookie is normally sent as part of a header, the attacker cannot get the victims browser to set the cookie for the target web application, at least not without exploiting another vulnerability such as an XSS vulnerability but remember that we cannot exploit it without a valid cookie. Catch 22 isnt it?

But, let”>GET /page?JSESSIONID=560308266F93351159D8D20732C637FAmeter=valuesecret=secret_value HTTP/1.1
Host: my.example.local
(other headers)

Bingo! This worked the tested web application happily took and parsed all submitted parameters, even the JSESSIONID parameter that should be normally delivered as a cookie. The developers probably wanted to be as flexible as possible.

Combining the vulnerabilities into an exploit

So, the attacker can now deploy the following attack:

  • Create a new session where he navigates to the required screen. The application now knows that the JSESSIONID cookie that was given to the attacker relates to a session that is at the vulnerable screen.
  • Create a malicious URL that exploits the XSS vulnerability. Append the JSESSIONID parameter that contains the attackers cookie value to the malicious URL. This URL will work because the vulnerable web application will verify the session state and see that the user is accessing a valid screen in the workflow.
  • Send the malicious URL to the victim, wait and profit.

Finally, last thing to discuss is maybe what we exploit with the XSS vulnerability in the first place: typically the attacker tries to steal cookies in order to gain access to the victims session. Since here sessions are irrelevant, the attacker will not use XSS to steal cookies but instead to change what the web page displays to the victim. This can be used for all sorts of phishing exploits and, depending on the URL and context of the attack, can be even more devastating than stealing the sessions.


Bojan
@bojanz
INFIGO IS

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Krebs on Security: “Free” Proxies Aren’t Necessarily Free

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

Netflix, Hulu and a host of other content streaming services block non-U.S. users from viewing their content. As a result, many people residing in or traveling outside of the United States seek to circumvent such restrictions by using services that advertise “free” and “open” Web proxies capable of routing browser traffic through U.S.-based computers and networks. Perhaps unsurprisingly, new research suggests that most of these “free” offerings are anything but, and actively seek to weaken browser security and privacy.

proxyThe data comes from Austrian researcher and teacher Christian Haschek, who published a simple script to check 443 open Web proxies (no, that number was not accidental). His script tries to see if a given proxy allows encrypted browser traffic (https://), and whether the proxy tries to modify site content or inject any content into the user’s browser session, such as ads or malicious scripts.

Haschek found that 79 percent of the proxies he tested forced users to load pages in unencrypted (http://) mode, meaning the owners of those proxies could see all of the traffic in plain text.

“It could be because they want you to use http so they can analyze your traffic and steal your logins,” Haschek said. “If I’m a good guy setting up a server so that people can use it to be secure and anonymous, I’m going to allow people to use https. But what is my motive if I tell users http only?”

Haschek’s research also revealed that slightly more than 16 percent of the proxy servers were actively modifying static HTML pages to inject ads.

Virtual private networks (VPNs) allow users to tunnel their encrypted traffic to different countries, but increasingly online content providers are blocking popular VPN services as well. Tor offers users the ability to encrypt and tunnel traffic for free, but in my experience the service isn’t reliably fast enough to stream video.

Haschek suggests that users who wish to take advantage of open proxies pick ones that allow https traffic. He’s created and posted online a free tool that allows anyone to test whether a given proxy permits encrypted Web traffic, as well as whether the proxy truly hides the user’s real Internet address. This blog post explains more about his research methodology and script.

Users who wish to take advantage of open proxies also should consider doing so using a Live CD or virtual machine setup that makes it easy to reset the system to a clean installation after each use. I rely on the free VirtualBox platform to run multiple virtual machines, a handful of which I use to do much of my regular browsing, tweeting, emailing and other things that can lead sometimes to malicious links, scripts, etc.

I’ll most likely revisit setting up your own VirtualBox installation in a future post, but this tutorial offers a fairly easy-to-follow primer on how to run a Live CD installation of a Linux distribution of your choosing on top of VirtualBox.

TorrentFreak: Libgen Goes Down As Legal Pressure Mounts

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

libhenMost of the top academic articles are published in journals that can only be accessed legally through expensive paywalls.

The Library Genesis Project, or Libgen for short, has systematically breached this barrier by hosting pirated copies of scientific publications as well as mainstream books.

Earlier this month one of the largest publishers went into action to stop this threat. Elsevier filed a complaint at a New York District Court, hoping to shut down Libgen.org and several sister sites.

The case has barely got going but the main Libgen.org site as well as several of its mirrors have been offline for the past few days.

The downtime is not the result of the preliminary injunction Elsevier requested, as that hasn’t been granted yet. However, a few days ago the court did approve the publishers’ motion to serve Libgen’s operators via email.

In addition, a recent court filing shows that Elsevier’s lawyers have taken action on their own. They contacted the Public Interest Registry (.ORG) hoping to disable an infringing domain name without interference of the court.

The .ORG registry refused to do so, noting that it would require a valid court order to suspend a domain name.

“Through its counsel, the Public Interest Registry informed me that it does not disable domains absent a valid court order, but would promptly comply with a valid court order to disable a domain,” Elsevier’s lawyer informs the court.

Whether Libgen’s downtime is a direct result of Elsevier’s interference is unknown at this point, but the .org domain as well as the popular .in alternative are currently unreachable due to nameserver issues.

There are some other ‘mirrors’ that still work though, including Libgen.biz and Gen.lib.rus.ec. The .biz domain points to the same IP-address range the official domain used, suggesting that Libgen’s hosting servers are still operational.

Several other domains named in the lawsuit, including bookfi.org and sci-hub.org, also remain online.

In a few weeks the New York federal court will decide whether to issue the preliminary injunction or not. Until then, Libgen’s operators have the option to oppose the request.

If the injunction is granted it will be much harder for Libgen to operate. Among other things, it would allow Elsevier to order hosting companies, domain name registries and search engines to stop providing services to the site.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Schneier on Security: The Secrecy of the Snowden Documents

This post was syndicated from: Schneier on Security and was written by: schneier. Original post: at Schneier on Security

Last weekend, the Sunday Times published a front-page story (full text here), citing anonymous British sources claiming that both China and Russia have copies of the Snowden documents. It’s a terrible article, filled with factual inaccuracies and unsubstantiated claims about both Snowden’s actions and the damage caused by his disclosure, and others have thoroughly refuted the story. I want to focus on the actual question: Do countries like China and Russia have copies of the Snowden documents?

I believe the answer is certainly yes, but that it’s almost certainly not Snowden’s fault.

Snowden has claimed that he gave nothing to China while he was in Hong Kong, and brought nothing to Russia. He has said that he encrypted the documents in such a way that even he no longer has access to them, and that he did this before the US government stranded him in Russia. I have no doubt he did as he said, because A) it’s the smart thing to do, and B) it’s easy. All he would have had to do was encrypt the file with a long random key, break the encrypted text up into a few parts and mail them to trusted friends around the world, then forget the key. He probably added some security embellishments, but — regardless — the first sentence of the Times story simply makes no sense: “Russia and China have cracked the top-secret cache of files…”

But while cryptography is strong, computer security is weak. The vulnerability is not Snowden; it’s everyone who has access to the files.

First, the journalists working with the documents. I’ve handled some of the Snowden documents myself, and even though I’m a paranoid cryptographer, I know how difficult it is to maintain perfect security. It’s been open season on the computers of the journalists Snowden shared documents with since this story broke in July 2013. And while they have been taking extraordinary pains to secure those computers, it’s almost certainly not enough to keep out the world’s intelligence services.

There is a lot of evidence for this belief. We know from other top-secret NSA documents that as far back as 2008, the agency’s Tailored Access Operations group has extraordinary capabilities to hack into and “exfiltrate” data from specific computers, even if those computers are highly secured and not connected to the Internet.

These NSA capabilities are not unique, and it’s reasonable to assume both that other countries had similar capabilities in 2008 and that everyone has improved their attack techniques in the seven years since then. Last week, we learned that Israel had successfully hacked a wide variety of networks, including that of a major computer antivirus company. We also learned that China successfully hacked US government personnel databases. And earlier this year, Russia successfully hacked the White House’s network. These sorts of stories are now routine.

Which brings me to the second potential source of these documents to foreign intelligence agencies: the US and UK governments themselves. I believe that both China and Russia had access to all the files that Snowden took well before Snowden took them because they’ve penetrated the NSA networks where those files reside. After all, the NSA has been a prime target for decades.

Those government hacking examples above were against unclassified networks, but the nation-state techniques we’re seeing work against classified and unconnected networks as well. In general, it’s far easier to attack a network than it is to defend the same network. This isn’t a statement about willpower or budget; it’s how computer and network security work today. A former NSA deputy director recently said that if we were to score cyber the way we score soccer, the tally would be 462­456 twenty minutes into the game. In other words, it’s all offense and no defense.

In this kind of environment, we simply have to assume that even our classified networks have been penetrated. Remember that Snowden was able to wander through the NSA’s networks with impunity, and that the agency had so few controls in place that the only way they can guess what has been taken is to extrapolate based on what has been published. Does anyone believe that Snowden was the first to take advantage of that lax security? I don’t.

This is why I find allegations that Snowden was working for the Russians or the Chinese simply laughable. What makes you think those countries waited for Snowden? And why do you think someone working for the Russians or the Chinese would go public with their haul?

I am reminded of a comment made to me in confidence by a US intelligence official. I asked him what he was most worried about, and he replied: “I know how deep we are in our enemies’ networks without them having any idea that we’re there. I’m worried that our networks are penetrated just as deeply.”

Seems like a reasonable worry to me.

The open question is which countries have sophisticated enough cyberespionage operations to mount a successful attack against one of the journalists or against the intelligence agencies themselves. And while I have my own mental list, the truth is that I don’t know. But certainly Russia and China are on the list, and it’s just as certain they didn’t have to wait for Snowden to get access to the files. While it might be politically convenient to blame Snowden because, as the Sunday Times reported an anonymous source saying, “we have now seen our agents and assets being targeted,” the NSA and GCHQ should first take a look into their mirrors.

This essay originally appeared on Wired.com.

EDITED TO ADD: I wrote about this essay on Lawfare:

A Twitter user commented: “Surely if agencies accessed computers of people Snowden shared with then is still his fault?”

Yes, that’s right. Snowden took the documents out of the well-protected NSA network and shared with people who don’t have those levels of computer security. Given what we’ve seen of the NSA’s hacking capabilities, I think the odds are zero that other nations were unable to hack at least one of those journalists’ computers. And yes, Snowden has to own that.

The point I make in the article is that those nations didn’t have to wait for Snowden. More specifically, GCHQ claims that “we have now seen our agents and assets being targeted.” One, agents and assets are not discussed in the Snowden documents. Two, it’s two years after Snowden handed those documents to reporters. Whatever is happening, it’s unlikely to be related to Snowden.

EDITED TO ADD: Slashdot thread. Hacker News thread.

TorrentFreak: Australia Passes ‘Pirate’ Site Blocking Law

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

stopstopFollowing intense pressure from entertainment industry groups, late 2014 Australia’s Attorney-General George Brandis and Communications Minister Malcolm Turnbull asked the Cabinet to develop legislation which would allow ‘pirate’ sites to be blocked at the ISP level.

In March 2015 the Copyright Amendment (Online Infringement) Bill 2015 (pdf) was introduced to parliament and earlier this month it received the green light following a parliamentary committee investigation.

A few moments ago and following just three months of consideration by parliament, the Australian Senate passed the legislation into law. The net result is that in the months and years to come, sites like The Pirate Bay will become inaccessible by regular direct means to most local Internet users.

While there will be celebrations in Hollywood, not everyone in the process is happy with the outcome. The Australian Greens outright rejected the legislation, a position shared by several independents. ISPs and technology companies also complained about elements of the legislation, alongside consumer groups such as Choice who expressed concern that the scope of the law could be expanded in future.

In the final count, 37 voted in favor and 13 against, with the Coalition and Labor in favor and the Greens and three other senators voting against. Labor joined the government to vote down several amendments tabled by the Greens aimed at narrowing the scope of the legislation.

Despite an effort by the government to calm nerves last week by ensuring consumers that VPNs won’t be targeted by the legislation, a specific exemption for VPN providers was rejected.

The legislation does not detail who will pay the ISPs’ costs associated with blocking websites. Earlier this month it was noted by a parliamentary committee that costs should “primarily be borne by those parties who are seeking the remedy” but nothing firm has been agreed thus far.

The passing of the law was welcomed by Foxtel Chief Executive, Richard Freudenstein.

“We are pleased that the Government and Opposition have taken strong action to combat online piracy. They recognize that, not only is piracy theft and therefore morally wrong, it is harmful to Australia’s creative communities and to businesses that employ hundreds of thousands of Australians,” Freudenstein said.

“These offshore sites are not operated by noble spirits fighting for the freedom of the internet, they are run by criminals who profit from stealing other people’s creative endeavors.”

The Bill will now be sent to the Governor-General for royal assent at which point it will become effective immediately.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Top 10 Most Pirated Movies of The Week – 06/22/15

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

gethardThis week we have three newcomers in our chart.

Get Hard is the most downloaded movie for the second week in a row.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are BD/DVDrips unless stated otherwise.

RSS feed for the weekly movie download chart.

Ranking (last week) Movie IMDb Rating / Trailer
torrentfreak.com
1 (1) Get Hard 6.1 / trailer
2 (4) Jurassic World (TS) 7.7 / trailer
3 (…) Cinderella 7.3 / trailer
4 (2) Run All Night 6.7 / trailer
5 (3) Kingsman: The Secret Service 8.1 / trailer
6 (…) The Gunman 5.6 / trailer
7 (5) Chappie 7.1 / trailer
8 (…) Woman in Gold 7.5 / trailer
9 (6) San Andreas Quake 2.1 / trailer
10 (7) Furious 7 (Subbed/cropped HDRip) 8.8 / trailer

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: The Entire Copyright Monopoly Idea is Based on a Colossal Lie

This post was syndicated from: TorrentFreak and was written by: Rick Falkvinge. Original post: at TorrentFreak

copyright-brandedThe copyright monopoly was reinstated in Great Britain in 1710, after having lapsed in England in 1695. It was enacted because printers (not writers) insisted, that if they didn’t have exclusive rights to boost profitability, nothing would get printed.

(Do note the difference between books getting written on one hand, and getting printed and distributed on the other. It was printers, not writers and authors, that drove the reinstatement of the copyright monopoly through the so-called Statute of Anne.)

The Parliament of Great Britain accepted this premise, and thus, the social contract of the copyright monopoly was formed: “In return for providing the only service that can make culture come into being for the benefit of the public, the publishers and distributors are awarded with time-limited exclusive rights.”

Note the very important assumption here: if the exclusive rights – the copyright monopoly – don’t exist, there will not be any culture. This is the contract which governments have been acting on ever since: in exchange for providing a magic service that calls culture into being in the first place, the publishers have enjoyed exclusive rights that allow them to punish and withhold.

The social contract between the public and the copyright industry is, that in exchange for exclusive rights, the publishers will make culture available, being the only ones who can supply such availability of culture.

It turns out the entire premise is bullshit.

With the advent of the Internet, we see that people are creating despite these exclusive rights, this monopoly, instead of because of it. Millions of creators – millions! – have publicly renounced their already-awarded exclusive rights by publishing under a Creative Commons license.

YouTube alone receives 300 hours of new video every minute. This means YouTube alone provides 18,000 24/7 TV channels, most of which are not worth watching – in other words, just like the legacy TV channels.

The notion that the copyright industry alone is capable of providing culture has been exposed as an enormous, audacious, bold-faced utter lie.

So if you were the government, the buyer in this scenario, what would you do? The buyer who gives very valuable exclusive rights to the copyright industry who claimed that the existence of such a contract was the only way to have any culture available at all – what would you do now that it’s clear that you’ve been paying much much much too high a price?

You would terminate the contract with this lying seller of public culture who demanded harmful exclusive rights in exchange for culture to be created. You would find another supplier who provided better terms to the public. And most importantly, you would not care about what the old seller – the copyright industry – had to say about your new negotiations.

That’s now any other procurement works, after all: if you’re unhappy with a supplier, you find a new supplier, and obviously, the old supplier doesn’t get to have a say about the next deal with another supplier. There is no reason at all why culture and knowledge should work differently.

In other words, there is no reason at all why the copyright industry should enjoy any exclusive rights at all, and in particular, there is no reason why they should have any say about having them revoked. They haven’t delivered on the social contract, so the contract gets revoked. End of story.

About The Author

Rick Falkvinge is a regular columnist on TorrentFreak, sharing his thoughts every other week. He is the founder of the Swedish and first Pirate Party, a whisky aficionado, and a low-altitude motorcycle pilot. His blog at falkvinge.net focuses on information policy.

Book Falkvinge as speaker?

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: TorrentTags: A Database of ‘Risky’ Torrents

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

spyYou’ve spotted a hot music torrent in the top 100 most popular downloads on The Pirate Bay. You’re keen to obtain it but if you grab it now, the chances are that several anti-piracy companies will monitor the transaction.

Whether that decision will result in a strike on your ISP account, a $3,000 lawsuit, a $20 fine, or absolutely nothing at all, depends largely on a combination of luck and a collision of circumstances. However, a project currently in beta aims to better inform users whether the torrent they’re about to grab is of interest to anti-piracy companies.

Created by a team of Australian software developers in response to tougher anti-piracy legislation, TorrentTags is currently building a user-searchable database which aims to provide a level of ‘risk’ advice on any given torrent while helping to reduce piracy.

ttag-main

TorrentTags obtains its data in two ways. Firstly, it uses the Chilling Effects database to import the details of torrents that have already been subjected to a DMCA notice on feeder sites including Google search, Twitter and Facebook.

Second, and more controversially, the site is calling on rightsholders to submit details and hashes of content they do not want freely shared on BitTorrent. These can then be added to the TorrentTags database so that when people search for content, warnings are clearly displayed.

“Rightsholders can inform torrent users about copyrighted torrents by sending claims to our database. This is likely to lead to a decrease in the number of downloads of those torrents,” the team informs TF.

However, the team also views the problem from another angle. Concerned by companies such as Dallas Buyers Club LLC using downloaders as a cash-settlement revenue stream, TorrentTags would like to see public declarations placed on their site to warn potential targets in advance.

“Without a public claim [by copyright holders] the monitoring of users’ activity with the goal of suing would be equivalent to ‘honeypot’ strategies. This is because, from a user’s perspective, any torrent without a public claim is indistinguishable from a torrent created by a copyright owner with the aim of operating a ‘honeypot’,” the team explain.

Warning: Dallas Buyers Club

tab-dbc

And herein lies a problem. While it seems unlikely that companies like DBC are operating their own ‘honeypots’, copyright trolls do rely on users sharing their content on BitTorrent in order to track and eventually demand settlement from them. It is therefore unlikely that the most ‘dangerous’ torrents would be voluntarily submitted to TorrentTags by those monitoring them.

It’s certainly possible for information to be added to the database once a lawsuit is made public, but by this time many downloaders will have already been caught. Of course, it may serve as assistance for the future, but it’s also worth noting that Dallas Buyers Club have been suing people publicly for years and still people continue to download the movie.

On the other hand, for companies that simply don’t want their content shared in public, submitting data to a site like TorrentTags might be a way to deter at least some people from downloading their content without permission. Whether they could be encouraged to do so in large volumes remains to be seen – a strong level of participation from a broad range of rightsholders will be required in order to maximize the value of the resource.

While certainly an interesting concept, the TorrentTags team have significant hurdles to overcome to ensure that users of the site aren’t inadvertently misled. Although the importation of millions of notices from Chilling Effects is a good start, the existence of a DMCA notice doesn’t necessarily mean that a torrent is being monitored by trolls. Equally, just because a torrent isn’t listed as ‘dangerous’ it shouldn’t automatically be presumed that it’s safe to download.

In some ways TorrentTags faces some of the same challenges presented to blocklist providers. Although some users swear by them, IP blockers are well-known for not only overblocking, but also letting through a significant number of IP addresses that they should’ve blocked. Time will tell how the balance will be achieved.

Nevertheless, if TorrentTags indeed develops in the manner envisioned by its creators, it could turn into a fascinating resource, not only for BitTorrent users but also those researching anti-piracy methods.

“We hope that TorrentTags will be able to serve as a comprehensive and easily accessible claim database for users. We also hope that TorrentTags will help dissolve the social stigma unjustly associated with Torrents and allow them to be widely used by society for file sharing purposes,” the team conclude.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Popcorn Time Tops Google Search Results for “Popcorn”

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

popcorntDubbed the “Netflix for Pirates,” the Popcorn Time app quickly gathered a user base of millions of people over the past year.

The application has some of the major media giants worried, including Netflix which sees the pirate app as a serious competitor to its business.

Increasing this threat, Popcorn Time has now taken the top spot in Google search results, a position that used to be held by the popular movie snack “popcorn“.

For years, the Popcorn Wikipedia entry has been listed as the number one result but it has now been replaced by the Popcorntime.io website.

Results may vary based on location, but TF has confirmed that the pirate app has seized the top spot in the US, UK and the Netherlands. The screenshot below shows Google’s results from California.

Popcorn Time’s domination is not shared on Bing, where the app is nowhere near the top results.

popgoogletop

In addition to the top listing, Google’s Autocomplete feature also favors Popcorn Time over the snack. Just entering the three letters “pop” is enough for the suggestion to appear.

It’s unclear why Google favors Popcorn Time over Popcorn, as the latter is still more sought after in the search engine. Perhaps the recent rise of the application and the many online discussions have something to do with it.

popcsuggest

Whatever the case, Hollywood is not going to be pleased with how Google algorithms have pushed Popcorn Time into the limelight.

The MPAA has been complaining bitterly about pirate sites outranking legitimate content, and they’ll see this recent example as yet more ammunition to keep pushing. So get the popcorn ready!

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: The Dawn of Online Music Piracy

This post was syndicated from: TorrentFreak and was written by: Stephen Witt. Original post: at TorrentFreak

fraunThe Dawn of Online Music Piracy

By 1994, the development of the first mp3 encoder was complete. Working at an audio research laboratory at Germany’s state-funded Fraunhofer Institute, engineers had labored for seven years and spent millions of dollars to develop a functioning prototype.

The encoder was marvelous—by exploiting inherent flaws in the human ear, it could reduce the size of compact disc audio by more than 90%, with minimal losses in quality. But Fraunhofer had been outmaneuvered in the marketplace, and couldn’t generate sales.

In desperation, they decided to distribute their encoder for free. They began by handing out floppy disks at trade shows and conferences. Soon, distribution moved to the Internet, with a limited-functionality DOS-based encoder posted on Fraunhofer’s FTP sites. The encoder was supposed to produce only low-bitrate files, and stop working after 20 uses. Quickly, it was cracked.

By late 1995, USENET was awash with pirated music files. Most of these were simple demonstrations of the technology, not full songs. Modern conveniences make it hard to remember the limitations of media distribution of the time; bandwidth meant 28,800 bits per second over a screeching telephone line, and compressing an mp3 from a CD meant a dedicated hour of CPU resources, accompanied by the buzz of a whirring fan.

The underground pirates of the Scene first adopted the technology in August of 1996. The pioneering group was Compress ‘Da Audio (CDA); their first release was Metallica’s “Until It Sleeps.” The full song was stored as a RAR file across four 3.5” floppy disk drives. These disks were then sent through the mail.

Compress ‘Da Audio’s first releases, from the Affinity scene zine.
afflinity 3 early mp3 releases

By late August, the rival Digital Audio Crew (DAC) had moved into the space; they posted an mp3-ripping tutorial to USENET, along with a direct link to Fraunhofer’s FTP site, accompanied by the serial numbers needed to unlock the encoder.

By the start of 1997, piracy had moved from floppy disks to campus servers, and processing power had doubled. Scene groups started releasing whole albums, not just individual singles. The files were no longer distributed through the postal service, but instead through IRC networks, FTP sites and even HTML links.

The Scene celebrated a “0-day” mentality—one gained notoriety by being the first to post pirated material to the Net. With music, that meant getting inside the retail industry’s supply chain.

The pioneering Scene group Rabid Neurosis (RNS) began infiltrating record stores, exploiting offset international release dates, and recruiting music journalists and commercial radio DJs. Music became available on the Internet weeks, sometimes months, before it was due in stores. In time, RNS became the dominant player, sourcing thousands of pre-release albums from Dell Glover and Tony Dockery, two workers at a North Carolina CD manufacturing plant.

RNS’ first release, distributed on four 1.44 MB disks (NFO)
rns

A generation came of age in that IRC underground—for many users it was their formative experience online. Included were Shawn Fanning and Sean Parker, who’d met in an chat channel, where they’d shared their frustrations with the inefficiencies of late-90s file-swapping. Fanning, 18, wrote 80,000 lines of code, for a new peer-to-peer platform he called Napster. Parker, 19, was deputized to promote it. In June of 1999, the software débuted.

The golden age of online piracy had begun.

About The Author

stephen

Stephen Witt is a journalist from Brooklyn, New York.

He’s the author of “How Music Got Free,” a well-researched book about the rise of music piracy and the key players that contributed to the early success of online file-sharing.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: When Piracy Gets Too Easy, Expect a Big Response

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

moviesAfter one and a half decades of mainstream file-sharing, millions of people now have little trouble finding and consuming unauthorized content online.

For many the process is no more difficult than browsing the web but due to its technical nature the majority still find it bewildering. Then along came Popcorn Time, software that turned viewing movies into child’s play for anyone with a PC, tablet or phone.

But the idea behind Popcorn Time isn’t new. Advanced users of the popular Kodi software (previously known as XBMC) have been enjoying a super-charged Popcorn Time rival for many years. However, that largely requires the mastering of an often confusing third-party addon system. Inevitably, of course, that became streamlined too.

Just as Popcorn Time works out of the box, custom installations of Kodi do too. These installers make the previously complex setup process a breeze and in doing so introduce a whole new audience of novices to piracy, just like Popcorn Time has.

Of course, this simplicity hasn’t gone unnoticed by anti-piracy outfits. Legal action against Popcorn Time was common in 2014 and continued in 2015. No surprise then that those peddling ‘pirate’ Kodi variants (which have nothing to do with the team behind the project) are now getting more attention.

The problem is availability and ease of use. Sold pre-configured in Android set-top box form on both eBay and Amazon, the devices are essentially a one-stop shop for not only pirate movies and TV shows, but also a streaming hub for live sports and PPV. Anyone can have one of these devices delivered next day and learn how to use it in under an hour. Oh, and they run Popcorn Time too. And Showbox.

As a result, piracy has never been easier and anti-piracy groups are scrambling to stem the tide. Just last week a seller of ‘pirate’ Android boxes was raided by police in the UK and just days ago Amazon overreacted by banning the entirely legal Kodi software itself, presumably after a copyright holder complaint.

Other attacks have been more targeted. Last year the Federation Against Copyright Theft filed a complaint against a popular live sports plugin for Kodi known as Sports Devil. But according to FACT, this was just the beginning of their crackdown on these piracy platforms.

“Those engaged in piracy have always been quick to take advantage of technological advances to create new methods to profit from delivering stolen content to a wider audience. The proliferation of IPTV and set-top boxes which can stream content is no exception,” the anti-piracy group told TF.

“We are working with our members and partners in law enforcement on addressing these threats and significant measures are being taken by all parties, including online market places, to address the availability of these devices, as well as the apps and add ons that facilitate illegal streams, and bring those responsible to account.”

The ‘custom Kodi’ epidemic hasn’t gone unnoticed in the Netherlands either. Dutch anti-piracy group BREIN is currently engaged in legal action against Filmspeler.nl, a seller of “fully loaded” (a euphemism for “piracy configured”) Android boxes.

In fact, BREIN is so serious about ending the problem that the case is being sent to the European Court of Justice so that an opinion can be gained on whether streaming from illegal sources represents a breach of EU law. If BREIN wins it won’t end the problem, but it will draw a line in the sand in terms of how such products can be advertised and sold.

“We will always look at any system that is aimed at providing access to copyrighted content without consent of the right holders and by doing so is causing damage to the earning potential of right holders and licensed platforms,” BREIN chief Tim Kuik told TorrentFreak.

Finally, since these devices are increasingly being targeted at the non-tech savvy, is it possible that buyers are naive to the point that they don’t appreciate their dubious legal standing? Kuik thinks not.

“We see that people using such systems tend to be aware they are getting access to unauthorized content even if they don’t know how it works technically,” the BREIN chief concludes.

The big question now is what comes next, and what will be the industry’s response? That will become clear in the months and years to come but rest assured, the easier piracy becomes, the more vigorous the response will be.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Popular Torrents Being Sabotaged by IPv6 Peer Flood

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

utorrent-logo-newGenerally speaking, BitTorrent is a highly robust file-sharing protocol that’s not easily disrupted. However, in recent weeks there have been systematic efforts to prevent large groups of people from sharing popular pirated TV-shows and movies.

The sabotaging technique tries to make it impossible for downloaders to connect to other people by overwhelming BitTorrent swarms with IPv6 peers.

Because of its focus on IPv6, not all users are affected, but those who are sometimes see their download speeds grind to a halt. As a result it can take days to download a file, if at all.

In short the process works as follows. The attacker joins a popular torrent swarm with hundreds, if not thousands of IPv6 addresses. These fake peers request data from real downloaders, quickly filling up their request queues.

The fake peers never exchange any data but keep the client busy until they are banned, as is shown in the screenshot below.

ipv6f

The attack has been confirmed to affect the popular client uTorrent. After a few minutes uTorrent does ban the malicious peers, but this makes little difference as the attackers use so many different IP-addresses.

Because all the fake peers have filled up the connection slots, real peers can no longer connect. This means that hardly any real data is transferred.

“Got unchoke from µTorrent 3.4.3 (12.345.678.9:9999), can’t request immediately because request queue is full”

TF was tipped off by the operator of one of the largest torrent trackers, who informed us that this type of attack is rampant. Many people are complaining about slow download speeds or torrents that are stuck.

“This new method of peer flooding makes a lot of people think there are issues with torrents. From an anti-piracy point of view it is achieving the purposed effect,” the tracker operator, who prefers to remain anonymous, said.

We were able to replicate the effect, which indeed makes downloading nearly impossible. After testing all of the larger BitTorrent clients it appears that only uTorrent and BitTorrent Mainline are vulnerable to the attack. However, together these two clients are used by the majority of all BitTorrent users.

We informed BitTorrent Inc, who develop the two clients, about the vulnerability. The company informed us that they are currently looking into the issue and may comment later.

Without an immediate fix, the tracker operator is advising affected users to switch to a different client for the time being, or disable IPv6 in Windows, if that’s an option.

“People experiencing download slowness – torrents stuck at 0% for more than 10 minutes, in a case where there are seeds available, should immediately switch to a different client or disable IPv6 in Windows,” the tracker operator says.

It is unclear who is behind the attacks, but considering the fact that it targets nearly all new TV and movie torrents, it could very well be a novel anti-piracy strategy. In any case, it’s definitely one of the most effective attempts to disrupt BitTorrent downloads in recent years.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: UK’s Legalization of CD Ripping is Unlawful, Court Rules

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

uk-flagLate last year the UK Government legalized copying for private use, a practice which many citizens already believed to be legal.

However, until last October, anyone who transferred music from a purchased CD to an MP3 player was committing an offense.

The change was “in the best interest” of consumers, the Government reasoned, but several music industry organizations disagreed.

In November the Musicians’ Union (MU), the British Academy of Songwriters, Composers and Authors (BASCA) and UK Music applied for a judicial review of the new legislation.

While the groups are not against private copying exceptions, they disagreed with the Government’s conclusion that the change would cause no financial harm to the music industry.

Instead of keeping copies free, they suggested that a tax should be applied to blank media including blank CDs, hard drives, memory sticks and other blank media. This money would then be shared among rightsholders, a mechanism already operating in other European countries.

Today the High Court largely agreed with the music industry groups. The Government’s conclusion that copyright holders will not suffer any significant harm was based on inadequate evidence, Mr Justice Green ruled.

“In conclusion, the decision to introduce section 28B [private copying] in the absence of a compensation mechanism is unlawful,” the Judge writes.

The Judge didn’t agree with all claims from the music groups. For example, he rejected the allegation that the Government had unlawfully predetermined the outcome of the private copying consultation.

Nonetheless, the application for a judicial review succeeded meaning that the private copying exceptions are now deemed unlawful. As a result, the Government will likely have to amend the legislation, which took roughly half a decade to implement.

The UK music groups are happy with the outcome and are eager to discuss possible changes with lawmakers.

“The High Court agreed with us that Government acted unlawfully. It is vitally important that fairness for songwriters, composers and performers is written into the law,” UK Music CEO Jo Dipple commented on the ruling.

“Changes to copyright law that affect such a vital part of the creative economy, which supports one in twelve jobs, must only be introduced if there is a robust evidential basis for doing so,” Dipple added.

The High Court scheduled a new hearing next month to decide what action should be taken in response to the judgment, including whether the private copying exceptions should be scrapped from law.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Porn Time For Android Debuts After Huge Desktop Success

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

porntimeAfter becoming a smash hit with viewers of mainstream movies for more than a year, earlier this month a new version of Popcorn Time thrust onto the scene.

Titled Porn Time, this hot variant allows users to access a wide range of adult content pulled from Pornleech, the largest public adult oriented BitTorrent tracker.

With the ability to cast directly to big screens using Chromecast, Airplay or DLNA, Porn Time was always destined for success, but new figures reveal that the software has exceeded all expectations.

According to the people behind the project, in the week following its release the software was downloaded an impressive 450,000 times.

“We’re pretty shocked and find it a little hard to believe and amusing in a way. But Porn Time, the Popcorn Time for Porn, became an Internet phenomenon just one week after it went live!” the team informs TF.

But it didn’t stop there. Figures complete up until this Wednesday reveal that the software now has 598,580 active users, an impressive feat for software with zero marketing budget and no app store to rely upon. However, this growth wasn’t achieved entirely smoothly.

“We weren’t prepared for such an eruption of people coming to get Porn Time and our servers crashed. Twice,” the team reveal.

“Pornleech also crashed!! They just couldn’t handle the heat. It took them a few days to get their act back together and got back online just recently. In the meantime we went and fetched some more sources of content, The Pirate Bay for example, which made our users happier and more addicted.”

With 58.6% of installs the Windows edition of Porn Time proved most exciting, with Mac users holding their own with 32.71% of the total. That left Linux users to bring up the rear with 8.69%.

Keen to keep pressing forward, a few hours ago the Porn Time team debuted a brand new Android edition. They expect that it too will become a roaring success.

“Anyone can understand why an app like this on your personal mobile device is the best thing that has happened to humanity since bread came sliced,” the team told TF.

“Creating the first Android app was pretty easy because of Popcorn Time’s awesome Android app. We just took their app, made some cosmetic changes, and voila! Now you can see content that puts a smile on your face.”

And if Apple users are feeling left out, that sensation shouldn’t last for long. The team inform us that an iOS edition is just around the corner.

“I think we will release it in three weeks. We are in an advanced development stage, but the truth is that this is the first time we are programming in Objective C and it’s taking us some time,” the team concludes.

More information on Porn Time for Android can be found here.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Pirate Bay Domains No Longer Accessible Through ‘WWW’

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

pirate bayThe Pirate Bay has had its fair share of legal problems and technical difficulties over the years.

Just last month a Swedish court ordered the seizure of site’s main .se domain name. This case is currently on appeal but in the meantime TPB is rotating several new domains.

A few days ago, however, reports started rolling in that the notorious torrent site is no longer accessible to some, across all domains.

Instead of the usual homepage visitors see an error message in their browser, suggesting that the DNS lookup failed.

Luckily enough, the problems are only affecting URLs with a www prefix. For some reason, the corresponding DNS entries have been removed rendering all www links inaccessible.

tpbdns

While it’s quite common for websites not to use the www prefix (we don’t), there’s usually a redirect setup so visitors are directed to the correct URL.

Since TPB doesn’t have a redirect set up, many people are inaccurately assuming that the site is suffering downtime.

For now it remains a mystery why the DNS entries were updated. TF spoke with a moderator of the site, who told us that he and his team were not informed about the changes.

The dropped www prefix is not the only issue The Pirate Bay has been facing recently. Over the past weeks several parts of the site broke temporarily, including user registrations and torrent uploads.

To inform users about these and other technical difficulties, the TPB crew has a status page showing which services are up and running. This page is maintained by the moderators and separately hosted at the Suprbay forum.

As shown below, all crucial features are fully operational at the time of writing. That is, if users have dropped the www prefix from their bookmarks.

TPB status
tpbstatus

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Trolls Want to Interrogate BitTorrent ‘Pirates’ By Phone

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

Following prolonged legal action in Australia, the company behind the hit movie Dallas Buyers Club was given permission to chase down individuals said to have downloaded the movie illegally.

An estimated 4,726 internet account holders will be targeted under the legal action and all will come under considerable pressure to pay Voltage Pictures a cash settlement to make a supposed lawsuit go away. Somewhat surprisingly, it has now emerged that the movie company will not only target people via letter, but will also phone account holders to interrogate them in person.

During a Federal Court hearing today it was revealed that Dallas Buyers Club (DBC) have prepared a script which details several questions the company intends to ask its targets. Shockingly they include requests for individuals to reveal how much they earn each year and how many movies they have previously shared using BitTorrent.

ISP iiNet, whose customers are targeted in the action, say that ‘fines’ should be as little as $5, but DBC wants to charge individuals variable amounts based on their income, how damaging their sharing of Dallas Buyers Club was, and how much infringement they have been involved in during the past.

Richard Lancaster SC, representing iiNet, said the script “comes on too strong” and is too broad in scope.

“There’s no justification for getting into a royal commission into end users’ use of the BitTorrent network,” Mr Lancaster said. “It’s about the film.”

Lancaster also complained that the texts of both the script and letter imply that guilt of copyright infringement had already been established when in fact that is not the case.

“The people on the phone aren’t told, ‘We’ve been given your details in respect to a court order,” he said. “They are being told much more firmly, ‘You have infringed and we are going to sue if you don’t settle’.”

How much DBC will demand from alleged infringers is unknown, but it seems inevitable that anything said on the telephone by an account holder will be used against them in a bid to boost the amount. Counsel for DBC, Ian Pike SC, said that it will be up to the individual whether they choose to answer the company’s questions.

While most lawyers will advise anyone getting a call from DBC to tell the company absolutely nothing, the movie company is keen for its targets to be unprepared.

Firstly, DBC is refusing to reveal how it will calculate the amount each person will be asked to pay. However, it is believed the company will seek some kind of licensing fee and/or damages based on how many times the content was shared online, plus relevant court costs. Alternatively, DBC might simply arrive at the highest figure it can reasonably expect to retrieve from the alleged infringer based on what the company is told on the telephone.

However, people being targeted by the company won’t be going into their ‘negotiations’ completely blind. Despite expressing concern that people will read their contents and learn how to reduce the claim against them, on the orders of Judge Nye Perram, DBC will be required to submit the texts of both their telephone script and settlement demand letters to the court.

A final judgment on the case is expected between July 10 and 15.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Netflix VPN Problem? Leave Consumers Alone, Aussie Minister Says

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

ausAfter struggling with the issue of online piracy for many years, last week the Australian parliamentary committee investigating the government’s ‘pirate’ site-blocking Bill gave the legislation the green light.

After Coalition and Labor senators endorsed the Bill with four modifications, it is now guaranteed to become law.

Last evening the Bill passed the Australian House of Representatives but while doing so provoked interesting comment from Communications Minister Malcolm Turnbull on the issue of VPN use.

Noting that there is no “silver bullet” to deal with Internet piracy, Turnbull said that the Bill contains a number of safeguards and amendments designed to protect “public and private interests”, including the use of VPNs that are promoted or used for legitimate purposes.

“VPNs have a wide range of legitimate purposes, not least of which is the preservation of privacy — something which every citizen is entitled to secure for themselves — and [VPN providers] have no oversight, control or influence over their customers’ activities,” Turnbull said.

The Communications Minister went on to give the example of an Australian consumer using a VPN to ‘trick’ a U.S.-based site into thinking they were located inside the United States.

“This Australian could then — and this is widely done — purchase the content in the normal way with a credit card. The owner of the Australian rights to the content so acquired might well be quite unhappy about that, but they could take a remedy against the American site or the underlying owner of the rights. This bill does not apply to a site like this. It is not intended to apply to VPNs,” Turnbull confirmed.

There are key reasons why the Copyright Amendment (Online Infringement) Bill 2015 does not apply to VPN use, but for clarity’s sake, Turnbull spelled them out.

“Where someone is using a VPN to access, for example, Netflix from the United States to get content in respect of which Netflix does not have an Australian licence, this bill would not deal with that, because you could not say that Netflix in the United States has as its primary purpose the infringement, or facilitation of the infringement, of copyright,” the Minister said.

Indeed, for this scenario to be covered by the legislation then Netflix and/or the VPN provider would need to show a general disregard for copyright and meet several of at least eight criteria laid out in the Bill, including demonstrating “flagrant” infringement.

Turnbull went on to make it clear that if local entertainment companies have a problem with Australians utilizing VPNs to obtain a better content offering, then they should direct their grievances overseas and leave the man in the street alone.

“If Australian rights owners have got issues about American sites selling content to Australians in respect of which they do not have Australian rights, they should take it up with them. The big boys can sort it out between themselves and leave the consumers out of it,” Turnbull said.

Finally, the timely delivery of quality content at a fair price has always been a problem in Australia and one of the key local drivers behind both piracy and the VPN ‘problem’. Thankfully the issue was underlined by the Communications Minister who noted that blocking alone would not solve the country’s problems.

“The bill is not intended to operate in a vacuum. The availability of content that is timely and affordable is a key factor in the solution to online copyright infringement,” Turnbull said.

“When infringing sources of content are disrupted, this disruption will be most effective if Australian consumers have legitimate sources to turn to that provide content at competitive prices and at the same time that it is available overseas.”

Whether that situation comes to pass is up to the entertainment industries but if grand efforts aren’t made, Aussies will use their VPNs not only to access Netflix, but also evade every site blocking measure this legislation hopes to impose.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: MPAA: Google Assists and Profits from Piracy

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

google-bayLate last year leaked documents from the Sony hack revealed that the MPAA helped Mississippi State Attorney General Hood to revive SOPA-esque censorship efforts in the United States.

In a retaliatory move Google sued the Attorney General, hoping to find out more about the secret effort. As part of these proceedings Google also demanded internal communication from the MPAA, but the Hollywood group has been hesitant to share these details.

After several subpoenas remained largely unanswered Google took the MPAA to court earlier this month. The search giant asked a Columbia federal court to ensure that the MPAA and its law firm Jenner & Block hands over the requested documents.

The MPAA and its law firm responded to the complaint this week, stressing that Google’s demands are overbroad. They reject the argument that internal discussions or communications with its members and law firm will reveal Attorney General Hood’s intent, not least due to the Attorney General not being part of these conversations himself.

According to the Hollywood group, Google’s broad demands are part of a public relations war against the MPAA, one in which Google inaccurately positions itself as the victim.

“Google portrays itself as the innocent victim of malicious efforts to abridge its First Amendment rights. In reality, Google is far from innocent,” the MPAA informs the federal court (pdf).

The MPAA notes that Google is knowingly facilitating and profiting from distributing “illegal” content, including pirated material.

“Google facilitates, and profits from, the distribution of third-party content that even Google concedes is ‘objectionable.’ ‘Objectionable’ is Google’s euphemism for ‘illegal’,” the MPAA writes.

The opposition brief states that for a variety of reasons the subpoenaed documents are irrelevant to the original lawsuit and are far too broad in scope. The MPAA’s initial searches revealed that 100,000 documents would likely require review, many of which it believes are protected by attorney-client privilege.

The MPAA says that Google is trying to leverage the information revealed in the Sony hack to expose the MPAA’s broader anti-piracy strategies in public, and that this is all part of an ongoing PR war.

“The purpose of these Subpoenas is to gather information — beyond the information that was already stolen via the Sony hack on which it relies — on the MPAA’s strategies to protect its members’ copyrighted material and address violations of law on the Internet affecting its members’ copyrights and the rights of others,” they write.

“Moreover, Google openly admits that it opposes any order to keep these discovery materials in confidence, revealing its goal to disseminate these documents publicly as part of its ongoing public relations war.”

Positioning itself as the victim, the MPAA goes on to slam Google for going after anyone who “dares” to expose the search engine’s alleged facilitation of piracy and other unlawful acts.

“…the most fundamental purpose of these Subpoenas is to send a message to anyone who dares to seek government redress for Google’s facilitation of unlawful conduct: If you and your attorneys exercise their First Amendment right to seek redress from a government official, Google will come after you.”

In conclusion, the MPAA and its law firm ask the court to reject Google’s broad demands and stop the “abuse” of the litigation process.

It’s now up to the judge to decide how to proceed, but based on the language used, the stakes at hand and the parties involved, this dispute isn’t going to blow over anytime soon. It’s more likely to blow up instead.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Pirate Bay’s Gottfrid Svartholm Loses Hacking Appeal

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

gottfridTwo years after being arrested in his Cambodian apartment in September 2012, Gottfrid Svartholm went on trial in Denmark.

The Pirate Bay founder and a 21-year-old co-defendant stood accused of hacking computer mainframes operated by US IT giant CSC. It was billed as the largest case of its kind ever seen in the Scandinavian country.

Right from the outset Gottfrid’s position was that his computer, from where the hacking had taken place, had been compromised by outside attackers. Respected security expert Jacob Appelbaum gave evidence for the defense in support of this theory. However, the court was not convinced.

Dismissing the “remote control” defense, Judge Ulla Otken described the hacking of CSC as both “systematic and comprehensive.” Three judges and four of six jurors returned guilty verdicts in 2014 and Gottfrid was sentenced to 3.5 years in prison.

Never one to give up, Gottfrid immediately filed an appeal and this month his case came before the Eastern High Court. According to local media, whose coverage has been much less intense than when the Swede went on trial last year, the evidence presented by both sides was of a highly technical nature.

Writing earlier this week for Version2.dk, Elías Lundström reported that even as an IT journalist he had difficulty in following the evidence, a sentiment shared by Gottfrid’s mother.

“I also have trouble understanding it – how should any of the jurors be able to follow the evidence?” Kristina Svartholm said.

Gottfrid’s lawyer Luise Høj also underlined the difficulty in dealing fairly with such a complex case.

“I think overall that progress continues to be characterized by the fact that we all lack the technical knowledge to deal with this matter, and it characterizes the whole process,” she said.

Whether the complexity of the case affected the jury will be a matter for future debate, but a few moments ago all three judges and all nine jurors upheld the District Court’s decision handed down last October.

Addressing the “remote access” defense, the High Court ruling notes that it would be unlikely that Gottfrid’s computer could be accessed without him noticing it. Furthermore, the Court found it unusual that the Swede refused to assist police in getting to the bottom of the crime.

While the guilty verdict will undoubtedly come as a disappointment to Gottfrid himself, his mother Kristina – who has endured two court cases and numerous trips to Denmark in support of her son – has been openly critical of the entire process.

In a series of tweets this week she complained of how the case has been handled, from its roots in Cambodia, via Sweden and ultimately to Denmark.

Breaking news story, updates to follow

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Man Pleads Guilty to Costing Film Industry “Millions” Through Piracy

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

fastpasstvIn May 2011, police reported seizing £83,000 and computer equipment following a raid in Londonderry, Northern Ireland. The operation was a culmination of an investigation carried out by the Hollywood-funded anti-piracy group Federation Against Copyright Theft (FACT).

By the end of the month more details began to emerge, with TorrentFreak sources confirming that an operator of video streaming site known as ‘FastPassTV’ had been arrested.

With hundreds of thousands of daily visitors the site was a significant player in the streaming market. However, FastPassTV did not store any content of its own, instead linking to movies hosted elsewhere.

“Fast Pass TV does not host, store, or distribute any of the videos listed on the site and only link to user submitted content that is freely available on the Internet,” a notice on the website read.

Somewhat typically the case dragged on through the legal system and it took more than four years to come to court. However, the case was more complex than it first appeared.

At his arraignment in February 2015, Paul Mahoney from Carnhill, Londonderry, was not only charged with offenses connected with FastPassTV but also BedroomMedia, a discussion and linking forum he also operated. It’s alleged that the man generated £82,390 in advertising revenue from the criminal operation of both sites.

Mahoney was also charged with two further offenses of conspiring with individuals known online as ‘Hunter Grubbs’ and ‘ADigitalOrange’ to defraud the movie industry. The 28-year-old pleaded not guilty to all charges and was bailed to appear at a later date.

This week, however, Mahoney was back in court with an apparent change of heart, pleading guilty to all four charges. In what’s being described as the first prosecution of its type in Northern Ireland, Mahoney was re-arraigned Monday.

He pleaded guilty to a charge that between April 2008 and May 2011 he conspired with others to operate websites which allow the public to view copyrighted movies without permission from rightsholders.

Mahoney also pleaded guilty to a charge of generating £82,390 in advertising revenue between April 2010 and April 2013 from this websites FastPassTV and BedroomMedia.

Finally, the 28-year-old pleaded guilty to the charge of conspiring with ‘Hunter Grubbs’ and ‘ADigitalOrange’ between May 2011 and April 2013.

“Paul Mahoney operated websites over a number of years which knowingly provided illegal access to thousands of films, generating significant income for himself and causing the film industry millions of pounds of loses,” Kieron Sharp, Director General of FACT, informs TorrentFreak.

Unusually, however, there will be no claim for compensation. FACT hopes that Mahoney’s prosecution alone will send a clear message to others thinking of embarking on the same line of business.

“Websites of this kind cause untold harm to the UK’s creative industries. We hope that this prosecution will serve as a deterrent to others engaging in this type of criminality, and look forward to Mr Mahoney’s sentencing on 25th August,” Sharp concludes.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Amazon Bans Kodi/XBMC App Over Piracy Concerns

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

kodiTaking “infringing” apps out of popular app stores is one of Hollywood’s key anti-piracy priorities for the years to come.

Various entertainment industry groups frequently report “piracy-enabling” apps to Apple, Google, Microsoft and Amazon, alongside requests for the stores to take them offline.

The stores themselves also screen for potentially problematic software. Apple, for example, has notoriously banned all BitTorrent related apps.

Increasingly, Amazon is also policing its app marketplace for possibly infringing content. A few days ago, this led to the removal of the popular media center Kodi, previously known as XBMC.

“In reviewing your app, we determined that it can be used to facilitate the piracy or illegal download of content. Any facilitation of piracy or illegal downloads is not allowed in our program,” Amazon wrote to Kodi.

“Please do not resubmit this app or similar apps in the future,” Amazon’s support team added.

TF spoke with XBMC Foundation board member Nathan Betzen, who was surprised to hear Amazon’s decision. In recent months the project has worked hard to distance their brand from piracy, so Amazon’s accusation is a huge disappointment.

The Kodi software itself is an entirely legal media center that doesn’t come with any infringing features or content. However, there are many third-party addons that allow users to stream pirated movies and TV-shows.

The Kodi team is actively pursuing infringing addons and sellers who abuse the brand, and is also trying to obtain a trademark so they can go after these piracy promoters more effectively.

“Most importantly, we’re working to finalize our trademark filing. Once our trademark is registered, it becomes dramatically easier to issue takedown requests with the various organizations that provide voice for these groups advertising and selling pirate boxes,” Betzen tells TF.

“We always say we don’t care what our users do with the software, and we stand by that position. But we sure do hate it when companies destroy the name of our software in order to make a profit.”

For Amazon to ban the app is “absurd” according to the Kodi team, because the company is still allowing vendors to sell boxes that are giving the software this bad reputation.

“I assume I don’t have to tell you how absurd it is that Amazon won’t let us into their appstore, but they have no problem selling the boxes that are pushing the reason they won’t let us into their app store,” Betzen says.

Removing Kodi may also hurt Amazon in the long run, according to Betzen. The application allowed many other third-party services that are currently not on Amazon, available to Amazon Fire TV and Amazon Fire TV Stick users.

“This is a bad decision on Amazon’s part simply because Kodi is one giant reason people buy Amazon Fire TVs and Amazon Fire TV Sticks. Compatibility with our software makes for a really simple backdoor for entering the Amazon ecosystem.”

“I personally have sideloaded Kodi onto Amazon sticks for a number of my family members, who then found themselves also using Amazon Prime and many other Amazon services,” he adds.

kodiandroid

Coincidentally, around the same time Amazon booted Kodi from their market, Google decided to include it in the Play Store. According to the Kodi team this is yet another reason for people to leave Amazon hardware behind.

“It’s going to be extraordinarily difficult for Kodi users to justify going down the Amazon hardware path and recommending the Amazon path to others,” Betzen concludes.

People who are interested in trying out Kodi’s media player, which is available on most operating systems, can head over to the official site.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.