Posts tagged ‘canada’

Darknet - The Darkside: Royal Canadian Mounted Police Arrest Heartbleed Hacker

This post was syndicated from: Darknet - The Darkside and was written by: Darknet. Original post: at Darknet - The Darkside

The Heartbleed Bug was the big thing last week and honestly pretty much the biggest thing this year so far. And it turns out someone has been caught using the Heartbleed bug in a malicious way and in Canada no less. The young Heartbleed hacker goes is a 19 year old Stephen Arthuro Solis-Reyes and [...]

The post Royal Canadian Mounted Police…

Read the full post at darknet.org.uk

TorrentFreak: Game of Thrones Sets New Torrent Swarm Record

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

thrones Yesterday the second episode of Game of Thrones’ fourth season made its way onto the Internet. As expected, this generated quite a bit of activity on various torrent sites.

From all over the world people virtually gathered around the various pirated copies of the show, breaking the record for the largest BitTorrent swarm ever in the process.

A few hours after the second episode came online the Demonii tracker reported that 193,418 people where sharing one single torrent. 145,594 had a complete copy of the episode and continued to upload, while 47,824 were still downloading the file.

These are unprecedented numbers – never before have 193,418 people shared a single file simultaneously. The previous record was set last year, when the season finale of Game of Thrones had 171,572 people sharing on a single tracker.

Last week’s season opening, on the other hand, had “only” 140,000 people sharing the most active torrent. There wasn’t per se less interest in this episode, but at the time the downloaders were spread out more across different torrents.

Game of Thrones’ new file-sharing record
trackers-got-record

In addition to this record-breaking torrent, there were also several other Game of Thrones torrents out there with tens of thousands of people sharing.

Counting all the different releases it’s estimated that the latest Game of Thrones episode was downloaded roughly 1.5 million times during the first day. This makes the show the likely candidate to be crowned the most-downloaded TV-show at the end of the year.

As previously revealed, Game of Thrones downloaders come from all over the world. Data gathered during the first 12 hours after the release last week revealed that most downloaders came from Australia, followed by the United States, the United Kingdom, Canada and The Netherlands.

Interestingly, Game of Thrones is available through legal channels in all countries listed above, albeit not cheaply.

The current record probably won’t last for long. The show’s ratings generally go up throughout the season, and so do the unauthorized downloads. This makes it likely that the barrier of 200,000 simultaneous file-sharers will be broken during the weeks to come.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

TorrentFreak: Why People Pirate Game of Thrones, a Global Cost Breakdown

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

game of thronesIn a few hours a new episode of Game of Thrones will appear on BitTorrent, and a few days later roughly four million people will have downloaded this unofficial release.

Those who pirate the show have several reasons for doing so. In some countries there is simply no legal option available, however, the price tag that comes with many of the legal services is almost as big of a hurdle.

So what does it cost to access Game of Thrones legally in the countries where the show is most frequently pirated? We decided to take a look based on the list of countries that had the most Game of Thrones file-sharers last week.

Below is a selection of the options people have in Australia, the United States, the United Kingdom, Canada and the Netherlands.

Australia

In Australia, Game of Thrones fans need a Foxtel subscription. When we look at the packages offered on the website the cheapest option appears to be the movie and drama combo, which costs $74 AUD (~ 70 USD) per month.

However, the minimum subscription term is six months, which with the added costs adds up to $520 AUD (~ 490 USD).

Assuming that someone’s only interested in watching Game of Thrones, an Australian fan will have to pay $52 AUD (~ 49 USD) per episode, which is rather expensive.

While it’s not advertised as any of the standard options, there’s also the Foxtel Play subscription. This allows people to watch Game of Thrones on demand on a variety of devices. The regular cost of this plan is $50 AUD (~ 50 USD) per month, and there’s currently an offer to get the first three months for $35 AUD (~ 33 USD). The Foxtel website notes that there is no long contract, which makes this option considerably cheaper.

The United States

In the United States there are several options available, which vary per cable provider. The cost of most HBO subscriptions are between $15 and $25 per month, depending on where you live and what your current plan is.

The downside, in addition to being locked in for several months sometimes, is that the HBO deals require a cable/Internet subscription. This makes the total package considerably more expensive, more than $100 per month in some cases.

But then again, pirates need an Internet subscription anyway.

The United Kingdom

In the United Kingdom Game of Thrones is available via Sky Atlantic. The costs are £21.50 (36 USD) a month, but with a minimum contract period of 12 months. This means that for those who are only interested in Game of Thrones, there’s a price tag of £25.80 per episode.

The good news is that UK viewers can watch the episodes simultaneously with the US broadcast, which 9,000 people did this past Sunday.

Update: Sky also offers an online “Now TV” entertainment pass without a contract. Now TV is currently available at an introductory rate of £4.99 per month.

Canada

In Canada, Game of Thrones comes in a package of The Movie Network. The price is roughly $20 CAD (~ 18 USD) per month on both Bell and Rogers. This also requires a digital or satellite TV subscription, which drives the price up to over $60 CAD per month for those who don’t have one.

Again, as with the previous examples, some plans require a several-months-long contract which makes it less interesting for those who only want to watch Game of Thrones.

The Netherlands

In the Netherlands HBO can be ordered as an add-on to most standard cable TV subscriptions. The standard price is roughly 15 euros (~ 21 USD) per month, and several providers allow subscribers to cancel after a month.

The cheapest cable subscriptions in the Netherlands average around 10 euros, which brings the total package to roughly 25 euros (~ 35 USD) per month.

Interestingly, HBO NL offers the first episode of season 4 for free, on YouTube. Of course, this is only available to people from the Netherlands.

Conclusion

The above shows that Game of Thrones certainly doesn’t come cheap, especially not for the true cable-cutters who have no interest in the other content it’s bundled with.

While most people will agree that paying for content is the right thing to do, it’s not always an intuitive choice when a single episode is twice as expensive as a box office ticket for the average Hollywood blockbuster.

So do all these pirates have a point or not?

According to Bruce Meagher, corporate director of “$52 AUD per episode” Foxtel, they do not.

“What we are left with is an argument at the margins about a few dollars. Yet some people still feel that they should be entitled to take this show for free without the consent of its creators rather than pay a reasonable price for an extraordinary product,” he says.

“The Lannisters may not be a pleasant lot, but they, at least, always pay their debts,” he adds.

So what do you think?

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

The Hacker Factor Blog: Locating Pictures

This post was syndicated from: The Hacker Factor Blog and was written by: The Hacker Factor Blog. Original post: at The Hacker Factor Blog

There’s a question that I often receive regarding photos: Where was this picture taken? Basically, they have a photo and want to identify the location. This comes up in legal cases, media requests, and just odd photos found online. (With news outlets, they usually follow it up with “and when was it taken?”) Tracking a photo to a location is usually a very difficult problem. Unfortunately, there are no generic or automated solutions.

However, just because it is a hard problem does not mean it is impossible. (Sometimes it is impossible, but not always.) Usually it just takes time and a dedication to tracking down clues.

The easy way

When people think about identifying where a photo was taken, they immediately think about embedded GPS coordinates. And the truth is, if GPS information exists in the picture’s metadata, then that is a great place to begin.

Unfortunately, very very very few pictures contain GPS information. At FotoForensics, we’re getting close to a half-million unique picture uploads, and only about 1% of them contain GPS metadata. There are reasons that GPS information is so hard to find:

  • Unavailable. GPS data is almost exclusively associated with smartphones. Very few point-and-shoot cameras have built-in GPS.

  • Disabled. For devices with GPS chips, there is usually an option to disable geo-stamping photos. Some devices default to “off” and are never turned on, while others may default to “on” but have users intentionally turn it off. There’s also the GPS system itself; lots of people turn off GPS on their smartphones because it will drain your battery. If your phone’s GPS is disabled then your camera will not include GPS information in the picture.

    There are other ways for a device to geolocate without using GPS. Some smartphones can get a rough estimate using nearby wireless access point identifiers (SSIDs) or by finding nearby cell towers. But to the camera’s function that looks up GPS information, this is all the same. If your device cannot geolocate then there will not be a location recorded with the picture.

  • Stripped. Processing a picture with a graphics program, or uploading it to an online service like Facebook or Twitter, can (and usually will) alter or remove metadata. This includes removing GPS information. Even if the data was there at the beginning, it is not there anymore.

Of course, even if the GPS information is present, it does not mean it is accurate. I’m sure that people with smartphones have noticed the accuracy issue. When you first turn on the mapping program, it will draw a huge circle on the map. The circle may span a couple of miles. It does not mean that you are in the center of the circle; it’s indicating that you are “somewhere” in that circle — you could be near the center or somewhere along the edge. After a few minutes, the device has time to synchronize and better narrow down the region — denoted with a smaller circle. Eventually it may become a dot that identifies your location to within a few feet.

With GPS metadata, there are fields for location and accuracy. Unfortunately, most mobile devices only fill out the location data and not the accuracy information. This means that the extremely precise GPS location stored in the metadata may be off by a mile. Even if the GPS location pinpoints a house, you cannot be certain that the photo was taken in that house — it could have been captured a half-mile away.

Another place to look is in metadata annotations. If the picture came from a media outlet, then there’s probably metadata that identifies “where” the photo was taken, even if it is just a city name. Unfortunately, most online news sites resave images prior to publishing, and that can strip out these annotations.

Looking Closer

GPS information and annotations in metadata are nice when they exist. Unfortunately, they may not exist. And even if they are present, they may still not be very accurate or reliable. That means geolocating a photo must rely on the photo’s content. There are different clues in the photo’s content that may help identify the location. Some of these may be very precise (geolocation) while others may help you narrow down a region (geo-fencing), country, or at least rule out some parts of the world.

Landmarks
The easiest photos are the ones with unique and notable landmarks: statues, distinct buildings, street signs… Even photos of mountain ranges or generic streets may be enough to find the location. If the camera was fairly close to the subject, then you can probably identify the photographer’s position to within a few feet. A long distance shot may narrow it down to an area.

For very notable objects, such as scenic views, distinct statues, or elements seen at tourist stops, you may be able to find the location by uploading the picture to TinEye or Google Image Search. If other people have photographed the same object from about the same position, then these image search engines may be able to identify other photos from the same spot.

In my opinion, TinEye is better at finding similar photos, but Google may annotate the search results with a text name or description. In either case, you will probably need to visit the resulting web pages in order to see if any page mentions where the photographer was located. (Knowing that the photo’s content shows “New York City” is not the same as geolocating a photographer who was standing at the foot of the Statue of Liberty.)

Architecture
Different cities and countries have different building styles. If you can identify the style, then you may be able to identify where the photo was taken. There’s been a few advances in this research area (for example, PDF). Unfortunately, as far as I know, there are no public image search engines that do this type of matching.

Usually, you just happen to find someone who recognizes the style and can help narrow down a location. (That’s one of the benefits of turning a photo over to a large social group like Reddit — there is likely someone who will recognize something.) However, even this can be somewhat inaccurate. For example, neighboring countries (e.g., Poland and Germany) can have similar architectural styles. In California, there’s a city called Solvang that looks like Denmark. Most American cities have a “Chinatown” that uses Chinese architecture, and China has rebuilt cities from countries like France and Italy.

Exclusion
If you cannot identify a city or a country, then you can probably still identify regions to exclude. For example, do you see any text in the photo? If the street signs are only in English, then you are probably not looking at any Asian, African, or middle-Eastern countries. (Non-English speaking countries either do not use English letters or include multiple languages on the signs.)

Currency can be another great clue. If I see Mexican pesos, then I’m thinking Mexico. Sure, it could be a Spanish-language classroom in the United States, but then other clues would tip you off that it’s a classroom. (Like maybe, desks?) It could also be someone from Mexico who lives in Canada and has decorated his home with trinkets from his homeland. But unless you have a reason to suspect another country, a best-guess is to use what you see. If everything looks like Mexico, then it’s probably Mexico.

Exclusion cannot tell you where a photo was taken. However, it can help identify where the photo was not taken. (Photo showing a tropical beach? It’s probably not the South Pole or Northern Europe.)

Picture Time!

To give you an example of geolocation, consider this photo that was recently trending at FotoForensics:

My question is: where was this photo taken? Or more specifically, where was the photographer standing and what direction was the photographer facing?

Sure, you could go to the forum where the picture was being discussed and the city is identified, but let’s assume that you do not have that information. (And anyway, the forum does not tell you the exact location where the photographer was standing or the direction the camera is facing.) In real life, you may have nothing more than a photo; assume that you just have this photo and nothing else. Also, let’s assume that you are like me and you do not know the area and do not recognize the street.

Here’s how I walked through it to identify the location (your approach may be different):

  1. Metadata. First, let’s go for the easy clues and start with the metadata. Maybe we will get lucky and find GPS coordinates or a textual description. Unfortunately, this picture has no informative metadata. (It’s been stripped, but it was still worth the time to look.)

  2. Search. Using TinEye and Google Image Search turned up no useful results.
  3. License Plates. Someday I hope to have a database of license plate formats (colors, layouts, etc.), but I do not have that today. However, I know that long, rectangular, and yellow (with or without the blue strip on the left) is European. So I can immediately rule out Africa, Asian, Australia, North America, and South America. (While the cars could have been shipped to another country, we go with what it most likely.)
  4. English. All of the text is in English. European and English-only? That’s an island like England, Ireland, or Scotland. It’s not the European mainland. (This is geo-fencing — narrowing down a location to a region or area.)
  5. Bank. Now I can start looking up text. I see an HSBC ATM machine. I know that HSBC is a bank and it’s found in the British Isles. (While HSBC is found in lots of other countries, it does not exclude my current geo-fenced area.)
  6. Store. I do not know what “Waitrose” is, but I can type the word into Google. It turns out, Waitrose is a grocery store in England. That narrows down my search to one of about 300 locations. (I know, 300 seems like a lot, but it’s smaller than “anywhere in the world.”)
  7. Web. The Waitrose corporate website allows you to select a branch. (There’s 339 of them right now.) Each branch contains a small picture of the location. Non-programmers will need to go one-by-one and look at each picture. Fortunately, I’m a programmer. It took me a few minutes to write a small script to harvest all of their store pictures. I thought I would use these thumbnail images to rule out locations. (No red brick. No black awning. Not on a corner…) Instead, I got lucky:

    The green advertisement on the wall in the photo is blue in the thumbnail, and the HSBC ATM is missing, but it’s the same location. According to their corporate headquarters, this is Waitrose Wilmslow.

  8. Address. Unfortunately, the corporate web site does not provide a numerical street address or GPS location. All they say is: “Church Street, Wilmslow, Cheshire, SK9 1AY”. (Not being from England, this looks to me like a description and not a mailing address.) Fortunately, I can type this into Google Maps and find the street. Using Google Street View, I can find the address: 4 Church Street, Wilmslow, England, UK.

    The street view shows me the exact location. The photographer had to be standing in the street, facing North. (Not where the mouse has highlighted the road — the photographer was standing a little to the right.) Even if he was using a telephoto lens, he would still need to be somewhere down the street, facing North.

Now we have answered the questions. We know where the photographer was standing and the direction the camera was facing.

Digging Deeper

Armed with this information, there’s a few other things I can now tell about this photo. For example, the Google Street View shows that there are cameras everywhere. You can even see one in the photo above the “Waitrose” sign. If this photo was showing a crime, then there are cameras that recorded the photographer.

Looking at the shadows, we can see that they fall to the North (toward the store) and not to the left or right. So this was likely taken in the middle of the day. And is that the photographer reflected in the car’s mirror?

The corporate web site’s thumbnail was timestamped November 2010 and it lacked the ATM. The Google Street View is timestamped (lower-left) September 2012 and it shows the ATM. So sometime between November 2010 and September 2012, the ATM was installed. This means that the photo was taken sometime after November 2010. If I contacted Waitrose, then I suspect we could narrow down the date based on the advertisements that are visible. While we probably would not find the exact date, I believe that we could narrow it down to a month or less. Together with the camera information (assuming at least one camera on the street still has the pictures available), we can even identify the exact moment — and possibly even watch the photographer come and go.

With Google Street View, we can even tell a little more about the building. For example, watching the building while moving down the street permits us to see the framed advertisement change. It it a scrolling billboard. The green advertisement in the photo, the blue advertisement in the corporate thumbnail, and the picture seen in the Google Street View could all be part of the same scrolling ad series.

Using Bing’s street view of the same address (requires Internet Explorer), there is one image that shows part of the green banner scrolling into place. So it is part of the rotation cycle. Unfortunately, Bing doesn’t display any date information related to the street view. However… In the photo’s upper-left corner is a yellow and black sign. This same sign is seen in the Google Street View, but it is not present in the Bing street view. If we knew when that black-and-yellow sign appeared, then we could further narrow down the date range.

(If we cheat, then we can look at the forum. The posting was made on 21-November-2013, so the date range is November 2010 to 21-November-2013. The person claims to have taken the photo “a few weeks ago”, so that would be October or early November 2013.)

Needles and Haystacks

The good news is that many pictures can be geolocated to a specific location. However, there is no generic or automated solution. Right now, every photo is a unique challenge, and some may be very time-consuming.

(And for the people who really want to know: I think the license plates are real. It’s hard to tell from the photo due to multiple resaves, but the UK permits people to look up the vehicles based on the plate and manufacturer. Both license plates exist and they match the vehicles.)

TorrentFreak: ‘Fining’ File-Sharers Makes Anti-Piracy Company Lose Money

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

rightscorpFor the past six years or so the idea that piracy can be turned into profit has been gaining traction. After Internet users sharing copyrighted material without permission are identified, they can be contacted and pressured into settling what might otherwise be an expensive lawsuit.

Discovering the real-life identities of pirates is not cheap, and that’s where US-based Rightscorp spotted a gap in the market. By attaching settlement demands to DMCA notices that ISPs are compelled to forward to alleged pirates, Rightscorp can reach alleged infringers without even knowing who they are.

Once a warning letter enters the email inbox of an account holder, he or she is invited to visit the Rightscorp website to settle for around $20.00. Some people simply ignore the warnings and nothing else happens. Others choose to pay $20 for say, a single music track, but sometimes discover that Rightscorp has more demands for the rest of the tracks in the album lined up at $20 a pop.

But while collecting $20 for sending an email might sound like a winner, financial results for 2013 just published by Rightscorp paint a pretty miserable picture.

For the year ending December 31, 2013, Rightscorp reports total revenue of just $324,016. So, presuming all of that revenue came from $20.00 settlements, around 16,200 infringement notices were paid during the 12 month period, or around 311 per week.

While this might seem like a decent return for just sending emails, they don’t just appear out of thin air. Rightscorp has costs, lots of them in fact.

When an Internet user settles with Rightscorp some of this money goes back to companies such as Warner Bros., who give permission for the anti-piracy company to exploit their content to generate revenue. According to Rightscorp, during 2013 it paid a total of $161,868 to these companies. When we compare that amount with total revenue of $324,016, we can see that Rightscorp gives away $10 from every $20 settlement.

On paper it’s money for nothing for the copyright holders, but Rightscorp’s $10 cut just isn’t balancing the books due to the large costs of running the business. Under ‘General and administrative expenses’ the company says it burnt through $1,663,921 in 2013, with ‘sales and marketing’ and ‘depreciation and amortization’ coming in at $275,616 and $33,438 respectively.

Add those all together and Rightscorp cost $2,134,843 to run in 2013, yet it brought in just $324,016, a shortfall of more than $1.8 million. After other adjustments the bottom line shows a loss of $2,042,779 for the anti-piracy company, an amount that would take their share of another 204,278 settlements to balance, providing no other costs increased.

While the company has expansion plans for Canada and has filed for patents to extend its monitoring services to Europe, China, Israel, Japan, Brazil, and India, the elusive aim of turning piracy into profit is still some way off.

Source: TorrentFreak, for the latest info on copyright, file-sharing and anonymous VPN services.

TorrentFreak: Canadian Movie & Music Pirates to Be ‘Fined’ Without Court Orders

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

Despite clear indications that the best way to discourage people away from pirate sources is by offering legitimate content at a fair price, this carrot is still being rejected in favor of the stick.

Companies such as Voltage Pictures favor very big sticks indeed, suing tens of thousands of file-sharers for thousands of dollars each, both in the United States and Canada.

US-based Rightscorp, on the other hand, favor a smaller stick, sending settlement demands to alleged file-sharers for relatively smaller amounts per infringement. Until recently they were confined to the United States, but all that is about to change.

In a move to expand its business model north of the border, Rightscorp has retained Susan Abramovitch, a partner at Gowling Lafleur Henderson LLP, one of Canada’s largest lawfirms. Based in the company’s Toronto office, Abramovitch is described as a leading entertainment lawyer covering disputes in the music, film, television and videogaming industries, among others.

Rightscorp says that Canada represents a new market for its business model and an important step in the company’s international expansion plans. Implying that settlements are now accepted practice in Canada, the company references the recent Voltage Pictures case involving Teksavvy, which saw the ISP ordered to hand over the details of 2,000 alleged file-sharers.

However, while the Voltage case resulted in protracted legal argument and was ultimately subjected to court-ordered constraints, Rightscorp’s settlement demands are designed to circumvent controversial disclosure issues. Alleged infringers are reached via settlement notices attached to regular DMCA-style notices forwarded to them by their ISPs.

In the US, Charter Communications passes on Rightscorp cash demands, but Comcast does not. Will Canadian ISPs comply?

To get a broader idea of how this kind of business model might play out in Canada, TorrentFreak spoke with Canadian law professor Michael Geist.

geist“Canada has established a notice-and-notice system that allows rights holders to have their notices forwarded to subscribers. However, that system has yet to take effect,” Geist told TF.

“At the moment, there would be no legal obligation on the ISP to forward the notice to the subscriber, though that is likely to change in the coming months.”

When that notice-and-notice system does take effect, Geist says that Canadian law may specify the form notice letters must take.

“The law already identifies specific information to be included in the notice. There is no reference to settlement information or legal demands. If the Canadian government objects to [Rightscorp's] approach, it could use regulations to stop the inclusion of settlement demands in notice letters,” Geist explains.

“Even if it doesn’t, there will be a question of whether the notices are in the proper form if they include information beyond that found in the statute.”

Since local ISP Teksavvy is at the core of the Canadian Voltage Pictures case, TorrentFreak spoke with the company to gauge its reaction to the news that Rightscorp might soon come knocking. Stopping short of an official comment on the business model, the ISP essentially echoed Michael Geist’s sentiments.

“TekSavvy would be within its rights to insist, and would insist, that any notice conform with Canadian law and not over reach the stated guidelines,” the ISP told TF.

rightscorp-realClearly, the main idea of the Rightscorp notices is to generate revenue for both the company and rightsholders, but in passing the notices on ISPs are also incurring costs, which raises other issues.

“The notice-and-notice law permits the government to set a fee for sending a notice that an ISP can charge. At the moment, it does not look like the government will establish a fee, preferring to wait to see how the system develops. Were this [business model] to come to Canada, the government might face increased pressure from ISPs to allow them to charge for their participation in the process,” Geist concludes.

TF approached Rightscorp lawyer Susan Abramovitch who did not immediately respond to our request for comment. The signs are, however, that she could be busy with this work during the months to come.

Photo: Michael Theis

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

TorrentFreak: News Editor Copyright Trolls Pirating Political Party – and Gets Paid

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

cc-logoOver the past few years the copyright troll industry has grown from a few scattered companies trying to earn a few extra bucks into a huge machine with some very big players.

The business is now widespread in the United States, is spreading into Canada and has been present in Europe for many years, Germany feeling the most pain. It seems fitting, then, that the government there should feel what it’s like to become a victim of an aggressive copyright holder.

Sebastian Heiser is an editor at popular news resource Taz.de. Back in 2005 he attended a panel where he took a photograph of Manfred Stolpe, a politician with the Social Democratic Party of Germany (SPD), part of the current coalition government.

So that anyone could enjoy his work, Heiser uploaded his photo to Wikipedia with just two Creative Commons CC-BY-SA conditions – the creator must be mentioned along with the fact the image is available under a free license.

The SPD, however, didn’t feel bound by these minor restrictions, republishing Heiser’s work on netzwerkberlin.de and manfred-stolpe.de without the correct attribution.

“Usually it does not bother me when other people distribute my text or images. If it still bothers me sometimes, I write a friendly e-mail or pick up the phone,” Heiser explains.

But this case was different. Heiser saw an opportunity to turn the tables on the SPD, a party he believes is at least partly responsible for the “broken” copyright situation in Germany today. Why shouldn’t they suffer like everyone else?

Mirroring the behavior of the trolls that have flourished under German copyright law, Heiser hired himself a lawyer who formulated a suitable threatening letter with the aim of getting compensation from SPD. Heiser asked them to declare for how long they had been infringing his rights, requested payment equivalent to that of an appropriate license to use the content, and doubled them up for failing to attribute him correctly. Of course, there would be legal fees on top.

Perhaps surprisingly, without any fight Heiser received a letter back stating that copyright is important to SPD and as such they were willing to obey the law – and pay the ‘fine’.

“After some back and forth, because there were two images on the two websites, 1,800 euros was remitted to me,” Heiser says. However, according to Heiser, things have not reached a happy conclusion.

Underlining the state of today’s “great copyright”, of the 1,800 euros paid ($2,497) Heiser only pocketed 696 euros ($965) since the remaining 1,104 euros ($1,531) went into his lawyer’s bank acccount. Of course, SPD would’ve had to pay legal fees too, estimated at another 1,100 euros.

Total outlay 2,900 euros ($4,023). Amount paid to copyright holder – less than a quarter of that.

Heiser signs off with a call for SPD to fix the copyright situation, with a minimum requirement that the party understands it in future, and with artists getting paid more than lawyers.

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

TorrentFreak: Canadian Court Slaps Restrictions on Copyright Trolling

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

Do individuals using BitTorrent to download copyright material from the Internet via their ISP have a right to remain anonymous so that they remain out of reach to rightsholders? If so, what remedy will rightsholders have to prevent such infringement?

These questions and more have been under consideration in the Federal Court in Toronto as part of a case involving US-based movie studio and known copyright troll Voltage Pictures (“The Hurt Locker”) versus 2,000 currently anonymous Internet subscribers of local ISP TekSavvy.

Voltage say that via local anti-piracy company Canipre they tracked the Teksavvy customers downloading and sharing their movies online without permission and as a result want Teksavvy to hand over the alleged pirates names and addresses.

CIPPIC – protecting subscribers

The case has been dragging on for some time with third parties such as the Canadian Internet Policy and Public Interest Clinic (CIPPIC) getting involved in order to protect the subscribers’ rights. CIPPIC believes Voltage are nothing more than “copyright trolls” sending settlement letters to alleged pirates in order to extract hard cash from them.

trollVoltage’s previous actions in this area are well-known, with court documents showing that the movie company has filed 22 similar lawsuits in the United States, each with the same pattern. Various flaws exist in the company’s modus operandi, CIPPIC say, not least that an IP address in isolation does not identify an individual.

CIPPIC adds that Teksavvy shouldn’t hand anything over to Voltage, as this will “infringe the privacy rights of the subscribers and may affect the scope of protection offered to anonymous online activity.” CIPPIC fears that any ruling in this case could have a detrimental effect on whistle-blowers and others who leak documents in the public interest.

Voltage’s stance

For their part, Voltage believe that since they have a case under the Copyright Act, Teksavvy should be ordered to hand over the subscribers’ personal details.

Relying on a ruling in BMG Canada Inc. v Doe, 2005, Voltage says it has met all conditions therein (such as having a bona fide case, being reliant on the court/Teksavvy for information to proceed, and promising to reimburse Teksavvy for costs incurred), while adding that it “fully intends to pursue claims against the subscribers.”

The balancing act

So, should the court issue an order which compels Teksavvy to hand over the information to Voltage and, if so, what kind of protections could be baked into the order to minimize invasion of privacy for the Internet users involved?

“Privacy considerations should not be a shield for wrongdoing and must yield to an injured party’s request for information from non-parties. This should be the case irrespective of the type of right the claimant holds,” the Court writes in its ruling.

“Copyright is a valuable asset which should not be easily defeated by infringers. The difficulty in this case is that it is not clear that the protection of copyright is the sole motivating factor supporting Voltage’s claim in this Court. [Evidence] suggests but does not prove that Voltage may have ulterior motives in commencing this action and may be a copyright troll.”

Despite its concerns, the Court notes that Voltage has established a bona fide claim and as a copyright holder its rights outweigh the privacy rights of alleged infringers. However, it also notes that it would be taking steps to “ensure that privacy rights are invaded in the most minimal way possible.”

Privacy concerns and the trolling threat

For its part, Voltage previously argued that the alleged infringers had already made their IP addresses public when they joined BitTorrent swarms and therefore should not be able to remain anonymous in legal action.

The court accepted that stance to a degree but noted that the “specter raised of the copyright troll” and the “very real specter of flooding the Court with an enormous number of cases involving the subscribers, many of whom may have perfectly good defenses to the alleged infringement” had to be considered.

dollar-moneyInterestingly, the Court pointed out that damage provisions are limited by the Copyright Act and may prove to be “minuscule” when compared to the cost, time and effort expended when pursuing any claim against an alleged infringer. Here, the Court seems to have an eye on whether this exercise can be a profitable one for Voltage, and whether it should or not.

Also of interest is the Court’s examination of other ‘trolling’ cases in the United States and UK, particularly those involving ACS:Law and adult movie company GoldenEye. Alongside privacy issues, the Court looked at how the involvement of a consumer group in the latter case had influenced the letters of claim eventually sent out by GoldenEye.

Conclusion: Voltage get the green light, but must proceed with caution

The Federal Court notes that evidence exists to show that Voltage is a troll-like operation but the evidence was not compelling enough to put the brakes on the exercise. Voltage has a right to the subscriber information held by Teksavvy following the issue of a relevant order, the Court said.

However, in line with recent cases in the UK, the Federal Court says it intends to maintain control over the process by appointing a Case Management Judge to monitor “the conduct of Voltage in its dealings with the alleged infringers.”

Furthermore, the settlement letters sent out by Voltage will have to be approved by the Court and CIPPIC, and must include a copy of the court order and a clear statement that no court has yet found any recipient liable for infringement or liable to pay damages. This addresses concerns from past cases in the UK where letters implied that a court had already found guilt.

Other restrictions involve Teksavvy, who must be fully reimbursed for their costs incurred when handing over information, which will be restricted to names and addresses only. This data may not be handed to any other entity, including to the public or media.

Significant restrictions to protect subscribers

Describing the above safeguards as “significant”, Canadian lawyer Michael Geist says that the restrictions could affect the financial viability of troll-type activity.

“Given the cap on liability and the increased legal costs the court involvement will create (not to mention paying legal fees for the ISP), it calls into question whether copyright trolling litigation is economically viable in Canada. The federal court was clearly anxious to discourage such tactics and its safeguards certainly make such actions less likely,” Geist concludes.

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

TorrentFreak: BSA Offers Facebook Users Cash If They Rat On Software Pirates

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

nopiracyAll the major software companies see piracy as a massive problem. Unlike the music and movie industries, however, they tend to focus their legal action more on the business side than on individual consumers.

Over the past two decades the Business Software Alliance (BSA) has represented major software companies, including Adobe, Apple, Microsoft, Oracle and Symantec, in their fight against under-licensed businesses.

This has resulted in raids on various companies, whose computers are often confiscated on the spot if the business owner fails to pay his or her dues. Some have described these practices as mafia-like, but the BSA believes they’re needed to stamp out piracy.

Recently, the BSA has upped the ante as they are now soliciting tips from the public about potentially infringing companies. While input from the public was always welcome, it’s the supporting PR-campaign that raises eyebrows.

The BSA is currently running an ad campaign on Facebook encouraging people to report piracy in return for a healthy reward. The example below shows how the group is trying to lure snitches with a ski-vacation.

BSA’s report piracy ad on FacebookBSA-pirate

Those who click through to the campaign website and read the fine print will find out that BSA is not really offering a vacation. They do however, promise to send tipsters a cut of an eventual settlement they receive when they choose to pursue a lead in court.

This reward could reach $5000 for a settlement of $15,000 or a massive $200,000 for a single tip if BSA gets a settlement of over $3 million. The rewards in question are targeted at users from various countries, including the US, Australia, Canada and China.

To show people how easy it is to become an anti-piracy reporter the BSA also lists an audio interview with an informant on their site.

“I feel great [about reporting piracy] because it’s wrong for businesses to do stuff like that. I would do it again no matter what. It was very easy to report, you have nothing to worry about,” the informant says.

Sounds great doesn’t it?

Here at TorrentFreak we appreciate a nice vacation as well, so hereby we rat out the U.S. military for running unlicensed copies of Windows 7. We’re looking forward to our reward…

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

TorrentFreak: IIPA: Canada is a Magnet for “Rogue” Sites and Persistent Pirates

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

canada-pirateThe International Intellectual Property Alliance (IIPA) has just published its latest submission to the U.S. Government, providing an overview of countries it believes should better protect the interests of the copyright industry.

The IIPA, which includes a wide range of copyright groups including the MPAA, RIAA, BSA and ESA, has listed its complaints against a whole host of countries. As in previous years, Canada was discussed in detail with the recommendation to put it on the 2014 Special 301 ‘watch list’.

One of the main grievances against Canada is that the country offers a home to many sites which the copyright industries label as “rogue” businesses. This includes the recently shut down isoHunt.com as well as other popular torrent sites such as torrentz.eu and kickass.to.

“Even after the shuttering of Isohunt, Canada is still the home to some of the world’s most popular Internet sites dedicated to piracy, including torrentz.eu and kickass.to, which garnered rankings of third and second place, respectively, on one of the most widely accessed listings of the world’s most popular illicit BitTorrent sites,” IIPA writes.

The copyright holders further mention the linking sites cuevana.tv, free-tv-video-online.me, and solarmovie.so as having Canadian connections, as well as the smaller torrent sites fenopy.se and monova.org. Without proper enforcement action against them, Canada remains very attractive to these allegedly infringing sites, they claim.

“It is hard to avoid the conclusion that Canada remains a magnet for sites whose well-understood raison d’être is to facilitate and enable massive unauthorized downloading of pirated versions of feature films, TV shows, recorded music, entertainment software, and other copyright materials,” IIPA writes.

“The largest of these Canadian-hosted sites attract scores of millions of unique visitors every month, and their corrosive effects on legitimate markets are felt worldwide,” they add.

The United States should encourage Canada to take action against these sites, the industry groups recommend. Without proper action the country will not just remain a safe haven for infringing websites, but also a breeding ground for new generations of Internet pirates.

According to the IIPA, current policies have resulted in widespread piracy among Canadian Internet users, with instances twice as frequent as in the United States.

“In this environment, it is not surprising that Canadians continue to demonstrate a formidable propensity to patronize illegal online sources of copyright material, thus stunting the availability and growth of legal alternatives,” IIPA writes.

“A report released in September 2012 found that, on a per-capita basis, Canadians download more unauthorized music than residents of any other country, and two-and-one-half times as much as Americans,” the groups add.

“Canadians continue to demonstrate a formidable propensity to patronize illegal online sources of copyright material, thus stunting the availability and growth of legal alternatives.”

The industry groups further recommend that Internet providers should partner with copyright holders to tackle the ongoing piracy problems. While some ISPs already forward infringement notices to their customers, they note that repeated infringers go unpunished.

Due to this “glaring weakness” the current copyright infringement warnings sent out by some ISPs are not believed to be very effective.

“Although more and more notices of infringement are sent by right holders and forwarded by service providers to their customers each year, the providers do not even correlate the notices with individual subscribers to know which are repeat infringers,” IIPA writes.

“To treat the first-time violator identically with the serial offender jeopardizes any deterrent effect the notices might otherwise achieve,” they add.

The groups recommend that the U.S. Government urges Canada to implement “strong legal incentives” for local ISPs to take action against these persistent pirates by teaming up with copyright holders.

The above is just the tip of the iceberg for Canada. Among other things, the groups also call for stronger border protections and hefty jail sentences for copyright infringers.

This is not the first time that Canada has been called out on copyright. Based on similar recommendations the U.S. Government has placed its northern neighbor on the intellectual property watch-list for several years in a row.

The IIPA’s full 2014 Special 301 recommendation report is available here. This also includes assessments from more than two dozen other countries, including Argentina, Brazil, China, Italy, Russia, Spain and Switzerland.

Photo: Sébastien Launay

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

TorrentFreak: Is Your ISP Messing With BitTorrent Traffic? Find Out

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

throttlingHundreds of ISPs all over the world limit and restrict BitTorrent traffic on their networks. Unfortunately, this is something that most of these companies are quite secretive about.

Thanks to data collected by Measurement Lab (M-Lab) the public is now able to take a look at the frequency of these BitTorrent throttling practices. Among other tools, M-Lab runs the Glasnost application developed by the Max Planck Institute.

At TorrentFreak we have been keeping an eye on the changes in BitTorrent meddling among ISPs around the world, and today’s data is the latest installment. The throttling percentages for various countries and ISPs are based on M-Lab tests that were performed between December 2012 and December 2013.

Looking at the list of countries where at least 100 tests were performed, South Korea (74%), Malaysia (61%) and Singapore (53%) come out on top. Poland is the first European country with 35%, quickly followed by the UK with 28%.

Greece and Romania stand out in a positive sense, as only 7% and 9% of the tested BitTorrent connections were limited. The United States, Canada and Australia perform relatively well too, with throttling rates of 14%, 17% and 18% respectively.

BitTorrent throttling % country ranking (Dec. 12 to Dec 13)

throttled-countries

The next step is to look in more detail at several of the individual countries to see which ISPs throttle the most.

United States

BitTorrent throttling in the US is not as prevalent as it used to be. After Comcast was exposed for interfering with customers’ file-sharing traffic, the throttling percentage took a dive from nearly 50% to only 3% in the period between 2010 and 2012.

Over the past year, however, Comcast’s throttling levels started to rise again to 12%. Cox is currently the worst of the larger ISPs when it comes to BitTorrent throttling with 13%, more than double what it was in early 2012.

Verizon runs the least interference on the BitTorrent traffic of its customers, 6% for Verizon business and 9% for regular accounts.

Worst: Cox (13%)

Best: Verizon (6%)

UK

In the UK, BitTorrent throttling rates are relatively high. Orange is currently the worst offender as it limits 38% of the tested connections. BT comes in second place with 35%, which is down from 65% during the first months of 2012.

At TalkTalk and BSkyB BitTorrent users are better off with throttling percentages of 10% and 17% respectively. For BSkyB this is a hefty increase, as the throttling rate is up from only 4% two years ago.

Worst: BT and Orange (35 and 38%)

Best: TalkTalk (10%)

Canada

Traditionally, nearly all of the major Internet providers in Canada have been heavy throttlers. Rogers in particular has a bad reputation, as it limited more than three-quarters of all BitTorrent traffic for years on end. This year, however, there are signs of improvement.

During 2013 Rogers interfered with only 20% of all BitTorrent transfers, down from 80% two years ago. Bell has shown the most progress though, moving 77% to 8% this year. Eastlink is currently the worst performing ISP in Canada, limiting 31% of all tested connections.

BitTorrent users in Canada are best off at Cogeco and Telus with 3% and 0% respectively.

Worst: Eastlink (31%)

Best: Bell (8%)

Australia

BitTorrent is extremely popular in Australia, but over the past year BitTorrent throttling has been relatively moderate.

iiNet is the worst offender interfering with 21% of BitTorrent downloads, up from 11%. Dodo performs the best of the larger ISPs, with a throttling rate of 12%.

Worst: iiNet (21%)

Best: Dodo (12%)

All in all we can say that BitTorrent traffic is still heavily limited, mostly in Asia. In all countries there are quite large differences between various ISPs. For BitTorrent users it is wise to ask ISPs about their traffic management policies and take a look at the M-Lab data before signing up.

If we haven’t mentioned your Internet Provider above, an overview of all the data is available here. Those who want to know whether BitTorrent traffic is being limited by their ISP can test their connection with the Glasnost tool.

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

SANS Internet Storm Center, InfoCON: green: Incident response and the false sense of security, (Mon, Jan 6th)

This post was syndicated from: SANS Internet Storm Center, InfoCON: green and was written by: SANS Internet Storm Center, InfoCON: green. Original post: at SANS Internet Storm Center, InfoCON: green

This is a guest diary submitted by Tomasz Miklas. Interested in providing a guest diary yourself? Please send a proposal (title/outline) using our contact form. Interested in becoming a hanlder and regular contributor? See you Handler Roadmap.
 
Some time ago I was asked to help with incident response for a small company. While the incident itself was not very exciting, the lessons learned were a bit more than a surprise. The victim was shocked how spectacularly they failed even though they considered themselves to follow good security practices or at least to be above the “low hanging fruit” category. This is classic example of false sense of security. 
 
Key lessons learned:
  1. Running a hardened web server as reverse proxy to protect the actual application is a great idea, however if the actual web application also listens on publicly available TCP port, there is nothing to stop the attacker from going after the application directly, bypassing the proxy.
    (If possible always bind the applications to localhost only or at least use the firewall to limit access to the application. This is how the attacker got a foothold on the system – known vulnerable web application and bypassing simple but efficient virtual patching done by the reverse proxy.)
  2. Hard-coded passwords and password reuse – as it turned out, all of the IT systems and components used the same administrator password. The original password could be found in a publicly readable backup script on a compromised server located in the DMZ.
    (Backup process is one of the most sensitive elements of the system – should everything else fail, backup is all you have. If privilege separation was implemented and properly used the attacker wouldn’t get the administrator’s password. Finally there is no excuse for password reuse – password management applications are widely available and really easy to use. )
  3. Centralised logging can be very useful, especially if it’s used with some kind of log monitoring solution. Unfortunately it can also create extra work if you try to review logs from the incident and notice large portion of the systems having their clocks off by minutes or hours.
    (Keeping all your system clocks in sync is really important. NTP clients do the job very well and are already built into most if not all of the network equipment and general purpose operating systems. Another thing to keep in mind are time zones – make sure all systems use the same time zone and if possible pick one that doesn’t observe Daylight Saving Time (DST) as this has great potential to create additional issues or delays if the incident spans systems located in more than one country, especially if it happened around DST time change. Remember – simplicity is your friend.)

    Some interesting DST facts:

  • Different countries observe DST on different dates – for example in US, Mexico and most of Canada DST begins about two weeks earlier than European countries.
  • China which spans five time zones uses only one time zone (GMT+8) and doesn’t observe DST.
  • In Southern Hemisphere where seasons of the year are in opposite to the Northern Hemisphere, so is the DST – starting in late October and ending in late March.
  • Many countries don’t observe DST at all.
 
– 
Tomasz Miklas
Twitter: @tomaszmiklas

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

TorrentFreak: Simpsons Pirate Ordered to Pay Fox $10.5 Million in Damages

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

In the wake of the isoHunt settlement in October, TorrentFreak reported on another big copyright infringement case that had flown entirely under the radar.

It involved a pair of now-shuttered websites – Watch The Simpsons Online (WTOS) and Watch Family Guy Online, launched 2008 and 2009 respectively. Both websites gave visitors the chance to watch episodes of the named TV shows via embedded web players utilizing external video sources. Neither site hosted infringing content.

Together the sites had around 87 million visitors during their lifetimes and as a result attracted the unwanted attention of Fox. During 2008, WTSO was targeted several times and had to keep shifting hosts and at one stage had its domain seized following a WIPO dispute. In 2010 the MPAA began filing its own cease and desists.

Although the sites continued to operate without further major incident, it was the calm before the storm. Early October 2013, Fox filed a copyright infringement lawsuit at the Federal Court of Canada, alongside requests to keep its contents secret pending a raid on the site operator’s home. That was carried out October 9.

Simpsons

With the site admin unwilling to fight Fox in an expensive case he knew he could not win, matters proceeded without him. Just before Christmas the defendant found out the case had been concluded in his absence.

Details sent to TorrentFreak by Timothy Lowman, a lawyer at the Sim & McBurney lawfirm which handled the case for Fox, spells out the extent of the judgment.

“The Judgment awards $10 million [CAD] for statutory damages, $500,000 for punitive damages and fixed/assessed solicitor client costs of $78.573.25 (in addition to an earlier cost award of $107,665.55),” Lowman explains.

“The significant judgement in this case points up the risk courted by those who engage in internet piracy, in particular for commercial purposes. The Federal Court considers that such activities warrant significant assessments of statutory damages, in this case $13,888.88 per work infringed, and that such misconduct is also deserving of substantial awards of punitive damages to achieve the goal of punishment and deterrence of the offense of copyright infringement,” he concludes.

According to Lowman the statutory damages and punitive damages awards in this judgment are the largest given to date by the Federal Court of Canada and according to the person expected to pay them, the admin formerly known as ‘Joecool6101′, the amount is simply unmanageable. He cannot pay but Fox are pressing ahead anyway.

“Fox are pursing for the money and they are doing so as hard as they possibly can. They’ve ruined my life and continue to do so as long as they don’t leave me and my family alone. As it’s been referenced by a lawyer: ‘they are killing a fly with a nuke’,” he told TorrentFreak.

“This experience was the worst thing I could possibly imagine, Fox takes no mercy when destroying your life as you once knew it and then begins to drag your new life down as much as possible as well. I don’t wish this upon anyone and simply wish the dinosaurs would just give their consumers what they want — which is to be able to stream their videos online easy, fast, worldwide.”

The judgment also forbids JoeCool from infringing Fox’s copyrights in future, but rest assured there will be others to fill the gap – unless Fox takes his advice of course.

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

Krebs on Security: Non-US Cards Used At Target Fetch Premium

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

An underground service that is selling credit and debit card accounts stolen in a recent data breach at retail giant Target has stocked its virtual shelves with a new product: Hundreds of thousands of cards issued by non-U.S. banks that were used at Target across the United States during the retailer’s 19-day data breach. It’s not clear how quickly the non-U.S. cards are selling, but they seem to be fetching a much higher price than those issued by U.S. banks.

On Dec. 20, this blog published a story about the “card shop” rescator[dot]la. That piece explained how two different banks — a small, community bank and a large, top-10 bank — had bought back their customers’ stolen cards from the fraud service and discovered that all of the purchased cards had been used at Target during the breach timeframe. The shop was selling data stolen from the magnetic stripe of each card, which thieves can re-encode onto new, counterfeit cards and use to go shopping in bricks-and-mortar stores for items than can easily be fenced or resold.

As I wrote in that story, a key feature of this particular shop is that each card is assigned to a particular “base.” This term is underground slang that refers to an arbitrary code word chosen to describe all of the cards stolen from a specific merchant. In this case, my source at the big bank had said all of the cards his team purchased from this card shop that matched Target’s N0v. 27 – Dec. 15 breach window bore the base name Tortuga, which is Spanish for “tortoise” or “turtle” (also an island in the Caribbean long associated with pirates). The small bank similarly found that all of the cards it purchased from the card shop also bore the Tortuga base name, and all had been used at Target.

Cards stolen from non-US customers who shopped at Target are sold under the "Barbarossa" base.

Cards stolen from non-US customers who shopped at Target are sold under the “Barbarossa” base.

On Friday, the proprietor of this card shop announced the availability of a new base — “Barbarossa” — which consists of more than 330,000 debit and credit cards issued by banks in Europe, Asia, Latin America and Canada [side note: one Russian expert I spoke with said Barbarossa was probably a reference to Operation Barbarossa, the code name for Germany's invasion of the Soviet Union during World War II].

According to one large bank in the U.S. that purchased a sampling of cards across several countries — all of the cards in the Barbarossa base also were used at Target during the breach timeframe.

As with cards sold under the Tortuga base, debit and credit cards for sale as part of the Barbarossa base list the country of origin for the issuing bank, and then directly underneath include the state, city and ZIP code of the Target store from which the card numbers were stolen.

When I first became aware that this card shop was selling only cards stolen from Target stores, I noticed a discussion on a related crime forum wherein customers of this shop seemed very enthusiastic about this ZIP code feature. I couldn’t figure out what the big deal was: I’d assumed the state, city and ZIP described the bank that issued the card.

Later, I learned from a fraud expert that this feature is included because it allows customers of the shop to buy cards issued to cardholders that live nearby. This lets crooks who want to use the cards for in-store fraud avoid any knee-jerk fraud defenses in which a financial institution might block transactions that occur outside the legitimate cardholder’s immediate geographic region.

Non-U.S. cards used at Target generally fetch higher prices than U.S. cards, between $67 and $100 apiece.

Non-U.S. cards used at Target generally fetch higher prices than U.S. cards, between $67 and $100 apiece.

The cards for sale in the Barbarossa base vary widely in price from $23.62 per card to as high as $135 per card. The prices seem to be influenced by a number of factors, including the issuing bank, the type of card (debit or credit), how soon the card expires, and whether the card bears a special notation that often indicates a higher credit limit, such as a Platinum card.

The prices also appear to be influenced partly by how rare it is to find cards for a specific bank available on the black market. The highest-priced cards I found for sale were issued by banks in Singapore, South Korea and the United Arab Emirates.

Barbarossa base cards  issued by Canadian banks. Note that city, state and ZIP code listed indicate the location of the Target store from which the card was stolen.

Barbarossa base cards issued by Canadian banks. Note that city, state and ZIP code listed indicate the location of the Target store from which the card was stolen.

PHONEBLOKS.COM: What Is Planned Obsolescence? Here at Phonebloks, our tagline…

This post was syndicated from: PHONEBLOKS.COM and was written by: PHONEBLOKS.COM. Original post: at PHONEBLOKS.COM

What Is Planned Obsolescence?

Here at Phonebloks, our tagline is ’A Phone Worth Keeping’. This raises many questions: when is a phone not worth keeping? why would a phone not be worth keeping? setting value aside, why are we not keeping our phones? The reasons for not doing this are, unsurprisingly, not entirely straightforward.

First, there are basic economic reasons. As consumers, we may have the ability to buy a new phone whenever we want. And, producing companies economic turnover is dependent on all the time selling more (and new) products. Second, there are psychological reasons. Our tastes are connected to trends. We want to be the first to own whatever phone is new because minor changes in design and other small changes show the cutting edge of technological style. (This is made clear by many marketing campaigns.) Finally, practical reasons come into play: phones break, for whatever reason, and sometimes, for reasons not included under economical and psychological reasons, the design of the product gets outdated.

These reasons are far more complex then they appear and they are connected in even more complex ways. In future blogposts we will explore these reasons, one by one, and try to find out how they are connected. However, today we would like to talk a bit about the last one, the practical one, starting with the question: Why do phones brake or otherwise become outdated; what is planned obsolescence?

Planned obsolescence is not an everyday term, but it affects your everyday life. It is an industrial policy of developing and producing products that are, essentially, designed to fail or become obsolete. This can be aesthetically; the look and/or feel of the product becomes outdated, or functionally; the hardware and/or software of the product becomes outdated or just breaks. And this, within a limited timeframe.

Dave Hakkens, the founder of Phonebloks, came across planned obsolescence firsthand. Dave once had an old compact camera that stopped working. Trying to fix it, he took it apart and found only one piece, the lens motor, truly broken. The other pieces – display, flash, battery a.s.o. – were completely functional. Dave tried to find a spare part but could not get a hold of one locally, or elsewhere. The manufacturer advised he get an entirely new camera.

Planned obsolescence comes in different shapes. A manufacturer could use materials, or a way of putting the product together, that insures that the product has a limited life span. In the case of Dave´s camera, the manufacturer took advantage of another form of planned obsolescence. Making the product difficult or impossible to repair with spare parts, thereby forcing the customer to buy a whole new camera and in that giving the broken camera a limited life cycle.

Planned obsolescence is nothing new. It derives from the bike and car industries of 1920’s Canada and the United States when the idea to develop and produce a new model every year came about in order to increase sales. In America, in the 1930’s, ideas was put forward to use planned obsolescence on most, if not all, development and production of consumer products. This to help the nation out of its economical depression. However, it took until the 1950’s, before this method, or policy, was fully recognised. Then Brooks Stevens defined it as ”Instilling in the buyer the desire to own something a little newer, a little better, and a little sooner.” After that, planned obsolescence really became one of the engines in the economy surrounding consumer goods to this day.

Why do we not hold onto our phones? Planned obsolescence might be one explanation. The phone slows down, becomes unfashionable or a component breaks and no one seems to want to provide a spare part.

Let’s end planned obsolescence within the mobile phone industry.
Let’s try to make phone worth keeping.

Team Phonebloks

Click here to discuss this topic

TorrentFreak: First Leaked TPP Chapter Evokes Memories of SOPA

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

tppThe Trans-Pacific Partnership (TPP) is currently working towards the creation of a regional free-trade agreement between several Asia-Pacific countries which together account for around 40% of the world’s GDP.

The agreement aims to create deep economic ties between a dozen countries – Australia, Brunei, Chile, Japan, Malaysia, Peru, Singapore, United States, Vietnam, Mexico, Canada and New Zealand – by easing trade in goods and services, encouraging investment, and forging understandings across a wide range of policy issues.

Negotiations between the nations have been running for around two and a half years and the TPP agreement itself is now reportedly more than 1,000 pages deep. Overall the negotiations have drawn criticism for their secrecy but today Wikileaks announced that they had obtained a copy of the “most controversial chapter” from the TPP agreement which reveals the negotiation positions for all 12 countries on IP and copyright issues.

Many topics are covered in the chapter including DRM and other ‘technical measures’, extended copyright terms, increased penalties for infringement and ISP liability, the latter with a proposal for “adopting and reasonably implementing a policy that provides for termination in appropriate circumstances of the accounts of repeat infringers.”

Reception to the leaked agreement has so far been highly critical. Knowledge Ecology International notes that the TPP IPR chapter not only proposes the granting of more patents, expansion of rightsholder privileges and increased penalties for infringement, but also plans the creation of intellectual property rights on data.

“The TPP text shrinks the space for exceptions in all types of intellectual property rights. Negotiated in secret, the proposed text is bad for access to knowledge, bad for access to medicine, and profoundly bad for innovation,” KEI concludes.

Burcu Kilic, an intellectual property lawyer with Public Citizen, says that some of the proposals in the text evoke memories of the controversial SOPA legislation in the United States.

“The WikiLeaks text also features Hollywood and recording industry inspired proposals – think about the SOPA debacle – to limit Internet freedom and access to educational materials, to force Internet providers to act as copyright enforcers and to cut off people’s Internet access,” Kilic says.

Collectively the items in this version of the leaked draft reveal argument and opposition on dozens if not hundreds of points from one or several countries. In fact while there are many, many proposals, it is striking that there is a clear lack of final agreement across the board on almost all of the issues.

Kilic describes the proposals as having reached a “negotiation stalemate.” His colleague, Peter Maybarduk, director of Public Citizen’s global access to medicines program, lays the blame for that at the feet of the United States.

“Given how much text remains disputed, the negotiation will be very difficult to conclude,” Maybarduk says. “Much more forward-looking proposals have been advanced by the other parties, but unless the U.S drops its out-there-alone demands, there may be no deal at all.”

The full agreement can be downloaded here (PDF).

Source: TorrentFreak, for the latest info on copyright, file-sharing and VPN services.

TorrentFreak: Fox Lawyers Doorstep Alleged Simpsons Pirate With $10.5m Lawsuit

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

fox-tvWhile anti-piracy actions take place all around the world on a daily basis, it is relatively rare to hear of targeted lawsuits against individual sites. But as the MPAA case against isoHunt closes, another large one is developing in its wake.

The story centers around two recently closed sites. The first is Watch The Simpsons Online, a site that had been around since 2008. The second, Watch Family Guy Online, had been online since 2009.

As their names suggest, the sites gave Internet users the opportunity to watch Fox TV shows The Simpsons and Family Guy online. This was achieved via embedded web players utilizing external video sources.

The sites did fairly well, with the later achieving around seven million visitors and the former around 80 million during their lifetimes. Due to unwanted attention from Fox, both had to employ domain switches to stay online, something which no doubt affected their traffic.

The first sign that Fox were sizing up Watch The Simpsons Online (WTSO) came in 2008. Sources inform TorrentFreak that Fox were “shutting the site down almost weekly” by threatening its hosts.

The domain being used at the time – WatchTheSimpsonsOnline.com – was eventually seized by Fox after the company won an uncontested WIPO dispute. As can be seen in the image below, it is now listed as belonging to Fox’s IP department.

WTSO

WTSO returned under a new domain but in 2010 the MPAA sent a cease and desist, including a complaint for WFGO (Watch Family Guy Online) for good measure. The site admin complied and later transferred the domain to a new owner, who some time later appears to have transferred it back.

Fox, however, had certainly not forgotten about the sites.

Records show that on October 2, 2013, Fox paid $50 to file a copyright infringement complaint at the Federal Court in Toronto, Canada. On the same day requests were filed to keep court documents “confidential” pending the issuing of a court order.

On October 8, a so-called “Anton Piller” order was granted by a judge in the Federal Court. This order grants entities the right to carry out searches and seize evidence without prior warning with the aim of preventing evidence destruction. They are often used in copyright and trademark disputes.

Order in hand, Fox wasted no time. On October 9, two lawyers from Fox, two court appointed lawyers, two IT professionals and a forensics specialist turned up at an address in Canada looking for the alleged admin of WTSO. After gaining access to the property with the full permission of the court, they seized all of the defendant’s electronic devices and other related items.

The punchline was the handing over of a $10.5 million lawsuit alongside orders not to meddle with the sites.

Simpsons

The seized devices were returned within 72 hours, presumably having been cloned, but it soon became clear the matter would press on.

The alleged admin of the site was given an opportunity to settle the case for a cool $1 million, an “impossible amount” according to our sources. Despite the lack of a formal agreement, both Watch The Simpsons Online and Watch Family Guy Online were taken down and now display links to Hulu and Fox.com.

WTSO

Nevertheless, the legal proceedings continued. On October 16 a review took place in the Federal Court which established that the Anton Piller order had been properly granted and executed. A date of October 22 was set for a court appearance by the defendant, but the hearing took place with no defendant present after he failed to appear.

Sources close to the case inform TorrentFreak that the likely outcome will be a $10m+ default judgment in favor of Fox, to be boosted by more than $600,000 to cover legal costs. We shouldn’t have to wait long to discover the full details.

Source: Fox Lawyers Doorstep Alleged Simpsons Pirate With $10.5m Lawsuit

TorrentFreak: Pirates Jump on “The Walking Dead” Despite Legal Options

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

walkingdeadFor years international TV-fans have complained about long release delays.

In some cases people had to wait up to a year to view their favorite show after the U.S. release, which is unacceptable for most die-hard fans.

Responding to this criticism the TV industry has systematically improved traditional release windows. The recent premiere of The Walking Dead’s fourth season is a prime example of how the industry is adapting to the signals pirates have been sending for years.

To remove one of the incentives for people to grab an unauthorized copy of the show, Fox International Channels premiered the show in 125 countries a day after it first aired on US television.

“We want to prevent the spoilers for sure, we also want to make sure [international viewers] get the best version of the show — not some pirated version,” Liz Dolan, Fox International Channel’s chief marketing officer told The Wrap.

Unfortunately for Fox, however, pirated versions are available in better quality than most legal streaming options. Also, the download numbers have not declined, quite the opposite.

Data gathered by TorrentFreak shows that 16 hours after the first episode appeared online more than half a million people had grabbed a copy through one of many torrent sites. This is more than last year’s season premiere, despite the legal viewing options.

Interestingly, most downloaders come from the U.S. where there is no release lag at all.

Based on a sample of more than 30,000 people who shared the show via a BitTorrent client, we see that the United States is in the lead with 15.5 percent of the total. This means that even though people can stream the episode for free, many still preferred to download it through a torrent site.

In the U.K and Australia there was a slight delay but even legal availability couldn’t prevent people from pirating the season opening. With 11.7 and 10.1 percent these countries are second and third respectively. The Philippines and Canada complete the top five with 8.8 and 6.8 percent of the total.

sample N=33,918
# Country % City %
torrentfreak.com
1 United States 15.5% London 3.8%
2 United Kingdom 11.7% Melbourne 2.8%
3 Australia 10.1% Manila 2.3%
4 Philippines 8.8% Sydney 1.8%
5 Canada 6.8% Stockholm 1.7%
6 Brazil 3.3% Lisbon 1.4%
7 The Netherlands 2.7% Athens 1.3%
8 Sweden 2.5% Brisbane 1.2%
9 France 2.3% Helsinki 1.1%
10 Poland 2.2% Amsterdam 1.1%

Fox has to be applauded for making the show available quickly in so many territories, something that was unthinkable half a decade ago. It’s safe to say that the download numbers would have been much higher without these efforts, although at the moment piracy is far from defeated.

In part this might be because some prefer the unauthorized download option simply out of habit. This is especially true for U.S. file-sharers. As we reported earlier this year, many people who pay for a Netflix subscription downloaded Netflix’s exclusive Arrested Development release, preferring the download experience over online streaming.

There is also another group, one that simply doesn’t want to pay for a subscription, which is required in Australia for example. It’s also possible that they are just unhappy with the viewing options currently on offer. In many countries viewers still have to tune in at a fixed time slot while many prefer to program their own viewing schedule.

The challenge for the entertainment industry is to take away these leftover incentives, and make sure that the legal options become the default. For some people it may be too late to be converted, but for most there’s still hope.

Source: Pirates Jump on “The Walking Dead” Despite Legal Options

TorrentFreak: Canada Wants VPNs to Log and Warn Pirating Customers

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

cameraspyLate last year the first provisions of Canada’s long awaited Copyright Modernization Act were implemented.

While the new law introduces great improvements in terms of fair use and non-commercial file-sharing, the “notice-and-notice” provisions are more problematic, especially for VPN providers and their customers.

Under the new law Internet providers and VPN services are required to forward copyright notices they receive from rightsholders to their customers. To be able to do so, the companies have to retain access logs for a minimum of six months so the pirating customers can be identified. Providers who do not comply face damages up to $10,000.

Specifically, the law requires providers to “[...] retain records that will allow the identity of the person to whom the electronic location belongs to be determined, and do so for six months [...].” Failing to forward a notice may result in “[...] statutory damages in an amount that the court considers just, but not less than $5,000 and not more than $10,000 [...].”

The new logging requirements in combination with a notice policy and fines are a disaster for VPN providers, and that’s not an overstatement.

The mandatory data retention is expected to lead to a customer exodus as it makes it impossible for providers to guarantee people’s anonymity, a key feature of any VPN service.

In addition, it will require VPN providers to implement an extensive logging and notice policy to deal with takedown notices. This will prove to be quite costly or simply impossible, especially for smaller companies that are sometimes run by individuals.

For example, many VPN providers assign shared IP-addresses to their customers, so even if they wanted to there is no option to accurately identify a copyright infringer. For these companies the only option will be to shut down, or move the company outside of Canada.

TorrentFreak contacted University of Ottawa professor Michael Geist, who signals two main issues for VPN providers. On the one hand there are the resources that come with the implementation of the new provisions, and on the other there is the privacy issue for VPN users.

“First, are the resources needed to comply with a notice-and-notice system. These can be significant and it is disappointing that the government has decided not to consult on potential fees for notices. The law gives them the right to establish a fee, but it seems as if they will not do so, at the last for the time being,” Geist tells TorrentFreak.

“Second, on the privacy issue, notice-and-notice does not require disclosure of the identity of the subscriber. The additional logging of user information does create a new privacy issue, however. This is particularly sensitive given the recent Snowden disclosures and the growing interest among Internet users to safeguard their privacy.”

In a blog post Geist further highlights that the Government’s tone on the notice-and-takedown provisions recently shifted. Initially it was meant to be balanced and functional for both copyright owners and internet intermediaries, but the scale has slowly tipped towards the interest of copyright holders.

“It is our goal that a system be in place that is both balanced and functional; but, most importantly, it must endeavour to deter infringement,” the latest version reads.

The Canadian Government currently invites stakeholders to voice their opinions through the public consultation, and it might be wise for VPN providers and users to voice their concerns. There is currently no date set for the implementation of the notice-and-notice provisions.

Source: Canada Wants VPNs to Log and Warn Pirating Customers

SANS Internet Storm Center, InfoCON: green: google.com.my DNS hijack, (Thu, Oct 10th)

This post was syndicated from: SANS Internet Storm Center, InfoCON: green and was written by: SANS Internet Storm Center, InfoCON: green. Original post: at SANS Internet Storm Center, InfoCON: green

DNS for the Malaysian copy of Google (Google.com.my) got appearanty hijacked. Right now, the hostnames google.com.my and www.google.com.my point to a host in Canada (142.4.211.228). 

(thx Alex for capturing the screen shot. My system would not allow me to connect to the IP address anymore). The NS records point to servers that do not appear to be "genuine" as well. Before, the NS records pointed to ns1.google.com and ns2.google.com, which are also authoritative for google.com. Now they point to  sdns1.ovh.ca and ks4003824.ip-142-4-211.net .

The whois information does not reflect that this is a google domain, but it didn't change recently and the site used to host a copy of Google's homepage according to archive.org. It is very much possible that Google uses a third party to operate part of its Malaysia site.

Update (via Twitter from @TheBackpackr): " We're the official co managing the domain for google.com.my @GoogleMsia. We are liaising with MYNIC on the DNS change."

The same group behind this attack also claims to have been successful against other Google country level sites (Burundi and Kenia) recently.

 

If you haven't yet: start monitoring your DNS data! A quick minimum script to do so in 5 minutes (just cron it… )

 

#!/bin/sh

TLD='edu';
DOMAIN='sans.edu';
ADMIN='your email';

ns=`dig +short NS $TLD  | tail -1`
dig  NS $DOMAIN @$ns  | grep 'IN\tNS' | grep -v '^;' | sort > .$DOMAIN.new
if [ -f .$DOMAIN.old ]; then
   if ! cmp -s .$DOMAIN.old .$DOMAIN.new; then
       cat .$DOMAIN.new | mail -s "Possible $DOMAIN hijack" $ADMIN
       echo possible $DOMAIN hijack
   fi
fi

mv .$DOMAIN.new .$DOMAIN.old

 

(and please change the variable at the top ;-) )

—— Johannes B. Ullrich, Ph.D. SANS Technology Institute Twitter

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Errata Security: Silk Road: caught by the NSA?

This post was syndicated from: Errata Security and was written by: Robert Graham. Original post: at Errata Security

According to the complaint against Silk Road, the investigation into Ulbricht appears to have started when border agents intercepted fake IDs [update: though see Popehat's discussion of evidence it started earlier]:

On or about July 10, 2013, CBP [Customs and Border Patrol] intercepted a package from the mail inbound from Canada as part of a routine border search. The package was found to contain nine counterfeit identity documents.

“Routine border search” is one of the techniques taught by the “Special Operations Devision” to hide the source of unconstitutionally obtained information. As documented in the Reuters article, when the NSA or FBI obtains unconstitutional evidence against American citizens, they tell border agents what to look for when things cross the borders.

As I’ve written about recently, the Tor network overwhelmingly uses 1024 bit keys, which everyone believes can be routinely cracked by the NSA. Moreover, the Silk Road has been probably the #1 target the NSA would want to crack. It’s possible the service had been compromised for some time, and agents were simply waiting for some trigger (such as forged IDs crossing the border) to start the official investigation.

My point isn’t whether this is true in this case, only that’s it’s true in other cases. It’s impossible for a citizen to challenge that “routine border search” in order to discover whether it was truly routine. It’s impossible for the defendant to challenge the constitutionality of the evidence against him.

Certainly, Silk Road is guilty of crime, but here’s the thing: we now live in a police state, with secret police, that we are powerless to challenge.


Update: On twitter and elsewhere some people have challenged whether the investigation actually started with the border control agents. It’s a fair criticism, so I added the word “appear to have” started with that incident. I say it started at this point because it’s the first piece of evidence that could not have been obtained by collecting old log files. In other words, the Stack Exchange post was from a year earlier, but the FBI got it from Stack Exchange log files after they started investigating Ulbricht. We won’t know the actual timeline until the trial starts in about 2 years from now.

Also, by “investigation” I mean “investigation into Ulbricht” in particular. The investigation into Silk Road doubtlessly started years ago.


Update: Popehat has an excellent discussion of how the investigation naming Ulbricht started earlier, though it raises even more questions pointing “parallel construction” — of using NSA-style evidence and hiding it.

TorrentFreak: Breaking Bad Finale Clocks 500,000 Pirated Downloads

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

bbOne of the main motivations for people to download and stream TV-shows from unauthorized sources is availability.

If fans can’t get a show through legal channels they often turn to pirated alternatives.

However, the series finale of Breaking Bad shows that there are more factors at play. Despite the availability of legal options, in many countries there are those who still prefer to download a copy from unauthorized sources.

Data gathered by TorrentFreak shows that 12 hours after the first copy of the episode appeared online, more than half a million people has grabbed a copy through one of many torrent sites. Never before have so many people downloaded a Breaking Bad episode, making it a strong contender for a top spot in our most-pirated TV-shows of the year chart.

So where are all these pirates coming from, and why aren’t they going for the legal options?

Based on a sample of more than 10,000 people who shared the site via a BitTorrent client, we see that Australia is once again in the lead with 18 percent of the total. This means that a large group of Aussies prefer to torrent the episode instead of watching it on the pay TV network Foxtel.

In the U.S. and the U.K the legal availability on Netflix couldn’t prevent people from pirating the final Breaking Bad episode either. With 14.5 and 9.3 percent these countries are second and third respectively. India and Canada complete the top five with 5.7 and 5.1 percent of the total.

Looking at the list of countries below it’s clear that piracy is still rampant, even in countries where people do have the option to watch the show legally.

One of the explanations for this defiant behavior is that these downloaders simply prefer to torrent the show out of habit. As reported earlier, even among those who have a Netflix subscription, many prefer to grab a copy via torrent sites as they find it more convenient.

In other cases people may find a pay TV subscription too expensive, or they simply prefer to watch the show at their own leisure instead of following rigid TV-schedules.

sample N=13,945
# Country % City %
torrentfreak.com
1 Australia 18.0% Melbourne 5.4%
2 United States 14.5% London 3.3%
3 United Kingdom 9.3% Sydney 3.0%
4 Canada 5.7% Brisbane 2.0%
5 India 5.1% Athens 1.5%
6 Netherlands 2.4% Perth 1.4%
7 Poland 2.4% Madrid 1.2%
8 Philippines 2.3% Warsaw 1.2%
9 France 2.2% Dublin 1.2%
10 South Africa 2.1% Adelaide 1.1%

Going back to the download figures, we can report that at the peak more than 85,000 people from all over the world were sharing a single copy of the Breaking bad finale via a public BitTorrent tracker. If we count the four most-shared copies out there this number totaled more than 190,000.

While these are record numbers for Breaking Bad, Game of Thrones still takes the crown for the largest BitTorrent swarm ever recorded with more than 170,000 people sharing a single copy.

Interestingly, TV-insiders are not really that outraged by the massive copying of their work. Instead, recent comments from people connected to the industry suggest that piracy may actually help them.

Game of Thrones director David Petrarca previously said he believes that the buzz created by pirates eventually leads to more paying subscribers, and last week Time Warner CEO Jess Bewkes said that it’s better than winning an Emmy.

Breaking Bad already won an Emmy earlier this month, but can they raise the bar a little higher? We’ll know at the end of the year.

Source: Breaking Bad Finale Clocks 500,000 Pirated Downloads

TorrentFreak: Netflix Uses Pirate Sites to Determine What Shows to Buy

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

netflix-logoVideo streaming giant Netflix sees itself as one of the most prominent competitors to the many pirate sites that offer video content without owners’ permission.

However, these pirate sites also offer Netflix valuable information as to what video content they should acquire for their service.

This week Netflix rolled out its service in the Netherlands and the company’s Vice President of Content Acquisition, Kelly Merryman, says that their offering is partly based on what shows do well on BitTorrent networks and other pirate sites.

“With the purchase of series, we look at what does well on piracy sites,” Merryman told Tweakers.

One of the shows that Netflix acquired the rights to in the Netherlands is Prison Break, since it is heavily pirated locally. “Prison Break is exceptionally popular on piracy sites,” Merryman says.

In a separate interview Netflix CEO Reed Hastings adds that his company is aware of the many people who download content without permission via torrent sites. However, this is not exclusively a bad thing, as it also creates demand for the content Netflix is offering.

“Certainly there’s some torrenting that goes on, and that’s true around the world, but some of that just creates the demand,” Hastings says.

Eventually these BitTorrent users may want to switch to Netflix as it’s a much better user experience than torrenting, according to the CEO.

“Netflix is so much easier than torrenting. You don’t have to deal with files, you don’t have to download them and move them around. You just click and watch,” Hastings says.

One goal of Netflix is to convert people who currently use pirate sites to get their fix, and there is some evidence that this is indeed happening. According to Hastings, there is evidence that BitTorrent traffic in Canada dropped 50% after Netflix started there three years ago.

The real challenge for the streaming service is to license as much content as they can, which is easier said than done. It might not be a coincidence that “Game of Thrones” is the most pirated TV-show. After all, Netflix wasn’t able to buy the rights from HBO no matter what they offered.

Source: Netflix Uses Pirate Sites to Determine What Shows to Buy

SANS Internet Storm Center, InfoCON: green: WinLink Check-In, (Wed, Jun 19th)

This post was syndicated from: SANS Internet Storm Center, InfoCON: green and was written by: SANS Internet Storm Center, InfoCON: green. Original post: at SANS Internet Storm Center, InfoCON: green

This weekend (June 22-23) the Amateur Radio Relay League  and Radio Amateurs of Canada and holding their annual Field Day (http://www.arrl.org/field-day) exercise in North America.  Amateur radio operators participate in an emergency preparedness exercise where they deploy their equipment outside the comfort of their home radio shacks and many operate on alternative/emergency power sources.  Each year around this time, I realize that I've forgotten that this is coming up, and I hurriedly assemble my kit at the last minute and I try to fit in more than I can accomplish on my own.  In other words, it's a realistic drill for me.

In the early days of the Internet Storm Center when large-scale scanning worms were threatening the basic infrastructure of the Internet we discussed falling back to packet radio as a communications option.  Fortunately, those discussions remained theoretical and we didn't have to put it into practice.  However, each year at Field Day, I'm reminded of the possibility that the right combination of disasters could fracture the Internet noticeably.

This makes me think of WinkLink 2000 (http://www.winlink.org/)

WinLink 2000 describes itself as "a worldwide system of volunteer sysops, radio stations and network assets supporting e-mail by radio, with non-commercial links to internet e-mail."  Basically it provides e-mail service where the last mile is via amateur radio.  It's used by ships at sea, and in emergency radio service when the local infrastructure is severely damaged.

I think this service would be very useful in an Internet-threatening scenario.  Which is why I'm putting out the call to any readers who are also winlink-enabled.  Send an email in to us (handlers@sans.edu) from your winlink account.  Let us know if you'd be interested in participating in any Internet disaster response activities that we may have in the future.

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

TorrentFreak: Arrested Development Pirates Skip Netflix Out of Habit

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

adTo reduce unauthorized downloading, content producers should make their products widely available and take away the incentive for people to pirate.

The above is an argument often heard in defense of piracy. In theory it makes sense, but when Netflix released the entire season of the revived cult series Arrested Development this Sunday, something strange happened.

Tens of thousands of pirates lined up to grab a copy from various torrent sites. Many came from the U.S. and other countries where people only have to sign up for a free Netflix account to watch the show.

TorrentFreak tracked the download numbers for the various episodes and season bundles and found some interesting results.

During the first two days, episode one of Arrested Development topped 175,000 downloads on public BitTorrent trackers. A decent number, but one that pales in comparison to records set by Game of Thrones and other hit series.

Unfortunately the download figures by themselves are meaningless without context, so it’s hard to draw conclusions on how the Netflix release affected them. From past experience, however, it is safe to say that the numbers would be significantly higher if a show had been released on a premium cable network.

After all, in countries where Netflix is available people have little reason to pirate the show. Or do they?

Looking at a sample of the geographical locations of the pirates we see that the United States comes out on top with 18%. Other countries where Netflix is available, such as Canada (11.8%), United Kingdom (5.6%) and Sweden (3.5%) are also high on the list. In fact, Australia is the only non-Netflix country in the top five.

sample N=2,712
# Country % City %
torrentfreak.com
1 United States 18.0% Melbourne 4.2%
2 Australia 15.0% London 2.6%
3 Canada 11.8% Perth 2.2%
4 United Kingdom 5.9% Stockholm 2.0%
5 Sweden 3.5% Sydney 1.9%
6 India 2.7% Brisbane 1.5%
8 Norway 2.6% Toronto 1.4%
9 South Africa 2.5% Cape Town 1.3%
10 France 2.0% Auckland 1.2%

While it’s easy to conclude that this proves that these “pirates” are just cheap thieves, the reality is a bit more complicated. For one, it could be that the download numbers would have been exponentially higher if Arrested Development hadn’t been made so widely available.

On the other hand, it also appears that not all of those who choose to pirate Arrested Development do so because they are unwilling to pay for a Netflix subscription.

Looking at the comment section of a popular TV-tracker there are plenty of comments on the issue. One downloader comes in with the stereotypical response, saying that he just “wasted” $8 on a Netflix subscription. However, there are many who disagree with this view.

One commenter notes:

“I certainly don’t see it as wasted. I’m fully supportive of Netflix for what they are trying to achieve. They’ll have my $8 regardless of whether I use it or not.”

Another one adds:

“You didn’t waste $8, you proved that Arrested Development was worth funding for a fourth season. And you got to see it slightly sooner, which is totally worth it.”

The above comments are among many suggesting that even those who have a Netflix subscription may still download the episodes through BitTorrent sites.

In part this is out of habit as that is how many people have enjoyed TV-shows for many years. The comment below from a Swedish downloader shows that pirate habits are sometimes fueled by unusual situations.

“I have a Swedish Netflix account, but for some stupid reason the PS3 app won’t let me turn the subtitles off. I can choose between Swedish, Finnish etc subtitles but there’s no option to turn them off completely. So here I am downloading the episodes, even though I have Netflix, just to watch without subtitles.”

Of course there are also many downloaders who turn to unauthorized sources because Netflix is not available in their country, as is the case in Australia, which has the highest piracy rate per capita.

In an open letter, the Australian consumer advocacy organization Choice recently asked Netflix to open up shop down under, so Aussie fans can watch their shows legally. Netflix is receptive to these comments and told PaidContent that it’s “busily expanding” into new markets.

According to one commenter on a torrent site, the potential for new customers is certainly there.

“I would have paid for a month if they were available in my country just to show appreciation for Arrested Development and their great business model but hey…”

The above lays out some of the challenges faced today by TV-producers old and new. There is a huge demand for TV content but at the same time people’s viewing habits are rapidly changing.

All in all Netflix has to be applauded for their efforts to innovate. The lack of windowing and on-demand availability will certainly have an impact on piracy rates, although it may take a while for some to convert, even those who already pay for Netflix.

If the conditions are right, however, old patterns will eventually change.

Source: Arrested Development Pirates Skip Netflix Out of Habit