Posts tagged ‘canada’

Krebs on Security: Who Hacked Ashley Madison?

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

AshleyMadison.com, a site that helps married people cheat and whose slogan is “Life is Short, have an Affair,” recently put up a half million (Canadian) dollar bounty for information leading to the arrest and prosecution of the Impact Team — the name chosen by the hacker(s) who recently leaked data on more than 30 million Ashley Madison users. Here is the first of likely several posts examining individuals who appear to be closely connected to this attack.

zu-launchpad-july-20It was just past midnight on July 20, a few hours after I’d published an exclusive story about hackers breaking into AshleyMadison.com. I was getting ready to turn in for the evening when I spotted a re-tweet from a Twitter user named Thadeus Zu (@deuszu) who’d just posted a link to the same cache of data that had been confidentially shared with me by the Impact Team via the contact form on my site just hours earlier: It was a link to the proprietary source code for Ashley Madison’s service.

Initially, that tweet startled me because I couldn’t find any other sites online that were actually linking to that source code cache. I began looking through his past tweets and noticed some interesting messages, but soon enough other news events took precedence and I forgot about the tweet.

I revisited Zu’s tweet stream again this week after watching a press conference held by the Toronto Police (where Avid Life Media, the parent company of Ashley Madison, is based). The Toronto cops mostly recapped the timeline of known events in the hack, but they did add one new wrinkle: They said Avid Life employees first learned about the breach on July 12 (seven days before my initial story) when they came into work, turned on their computers and saw a threatening message from the Impact Team accompanied by the anthem “Thunderstruck” by Australian rock band AC/DC playing in the background.

After writing up a piece on the bounty offer, I went back and downloaded all five years’ worth of tweets from Thadeus Zu, a massively prolific Twitter user who typically tweets hundreds if not thousands of messages per month. Zu’s early years on Twitter are a catalog of simple hacks — commandeering unsecured routers, wireless cameras and printers — as well as many, many Web site defacements.

On the defacement front, Zu focused heavily on government Web sites in Asia, Europe and the United States, and in several cases even taunted his targets. On Aug. 4, 2012, he tweeted to KPN-CERT, a computer security incident response team in the Netherlands, to alert the group that he’d hacked their site. “Next time, it will be Thunderstruck. #ACDC” Zu wrote.

The day before, he’d compromised the Web site for the Australian Parliament, taunting lawmakers there with the tweet: “Parliament of Australia bit.ly/NPQdsP Oi! Oi! Oi!….T.N.T. Dynamite! Listen to ACDC here.”

I began to get very curious about whether there were any signs on or before July 19, 2015 that Zu was tweeting about ACDC in relation to the Ashley Madison hack. Sure enough: At 9:40 a.m., July 19, 2015 — nearly 12 hours before I would first be contacted by the Impact Team — we can see Zu is feverishly tweeting to several people about setting up “replication servers” to “get the show started.” Can you spot what’s interesting in the tabs on his browser in the screenshot he tweeted that morning?

Twitter user ThadeusZu tweets about setting up replication servers. Note which Youtube video is playing on his screen.

Twitter user ThadeusZu tweets about setting up replication servers. Did you spot the Youtube video he’s playing when he took this screenshot?

Ten points if you noticed the Youtube.com tab showing that he’s listening to AC/DC’s “Thunderstruck.”

A week ago, the news media pounced on the Ashley Madison story once again, roughly 24 hours after the hackers made good on their threat to release the Ashley Madison user database. I went back and examined Zu’s tweet stream around that time and found he beat Wired.com, ArsTechnica.com and every other news media outlet by more than 24 hours with the Aug. 17 tweet, “Times up,” which linked to the Impact Team’s now infamous post listing the sites where anyone could download the stolen Ashley Madison user database.

ThadeusZu tweeted about the downloadable AshleyMadison data more than 24 hours before news outlets picked up on the cache.

ThadeusZu tweeted about the downloadable Ashley Madison data more than 24 hours before news outlets picked up on the cache.

WHO IS THADEUS ZU?

As with the social networking profiles of others who’ve been tied to high-profile cybercrimes, Zu’s online utterings appear to be filled with kernels of truth surrounded by complete malarkey– thus making it challenging to separate fact from fiction. Hence, all of this could be just one big joke by Zu and his buddies. In any case, here are a few key observations about the who, what and where of Thadeus Zu based on information he’s provided (again, take that for what it’s worth).

Zu’s Facebook profile wants visitors to think he lives in Hawaii; indeed, the time zone set on several of his social media counts is the same as Hawaii. There are a few third-party Facebook accounts of people demonstrably living in Hawaii who tag him in their personal photos of events on Hawaii (see this cached photo, for example), but for the most part Zu’s Facebook account consists of pictures taken from stock image collections and do not appear to be personal photos of any kind.

A few tweets from Zu — if truthful and not simply premeditated misdirection — indicate that he lived in Canada for at least a year, although it’s unclear when this visit occurred.

thad-canada Zu’s various Twitter and Facebook pictures all feature hulking, athletic, and apparently black male models (e.g. he’s appropriated two profile photos of male model Rob Evans). But Zu’s real-life identity remains murky at best. The lone exception I found was an image that appears to be a genuine group photo taken of a Facebook user tagged as Thadeus Zu, along with an unnamed man posing in front of a tattoo store with popular Australian (and very inked) model/nightclub DJ Ruby Rose.

That photo is no longer listed in Rose’s Facebook profile, but a cached version of it is available here. Rose’s tour schedule indicates that she was in New York City when that photo was taken, or at least posted, on Feb. 6, 2014. Zu is tagged in another Ruby Rose Facebook post five days later on Valentine’s Day.

Other clues in his tweet stream and social media accounts put Zu in Australia. Zu has a Twitter account under the Twitter nick @ThadeusZu, which has a whopping 11 tweets, but seems rather to have been used as a news feed. In that account Zu is following some 35 Twitter accounts, and the majority of them are various Australian news organizations. That account also is following several Australian lawmakers that govern states in south Australia.

Then again, Twitter auto-suggests popular accounts for new users to follow, and usually does so in part based on the Internet address of the user. As such, @ThadeusZu may have only been using an Australian Web proxy or a Tor node in Australia when he set up that account (several of his self-published screen shots indicate that he regularly uses Tor to obfuscate his Internet address).

Even so, many of Zu’s tweets going back several years place him in Australia as well, although this may also be intentional misdirection. He continuously references his “Oz girl,” (“Oz” is another word for Australia) uses the greeting “cheers” quite a bit, and even talks about people visiting him in Oz.

Interestingly, for someone apparently so caught up in exposing hypocrisy and so close to the Ashley Madison hack, Zu appears to have himself courted a married woman — at least according to his own tweets. On January 5, 2014, Zu ‏tweeted:

“Everything is cool. Getting married this year. I am just waiting for my girl to divorce her husband. #seachange

MARRIEDzu

A month later, on Feb. 7, 2014, Zu offered this tidbit of info:

“My ex. We were supposed to get married 8 years ago but she was taken away from me. Cancer. Hence, my downward spiral into mayhem.”

DOWNwardspiral

To say that Zu tweets to others is a bit of a misstatement. I have never seen anyone tweet the way Zu does; He sends hundreds of tweets each day, and while most of them appear to be directed at nobody, it does seem that they are in response to (if not in “reply” to) tweets that others have sent him or made about his work. Consequently, his tweet stream appears to the casual observer to be nothing more than an endless soliloquy.

But there may something else going on here. It is possible that Zu’s approach to tweeting — that is, responding to or addressing other Twitter users without invoking the intended recipient’s Twitter handle — is something of a security precaution. After all, he had to know and even expect that security researchers would try to reconstruct his conversations after the fact. But this is far more difficult to do when the Twitter user in question never actually participates in threaded conversations. People who engage in this way of tweeting also do not readily reveal the Twitter identities of the people with whom they chat most.

Thadeus Zu — whoever and wherever he is in real life — may not have been directly involved in the Ashley Madison hack; he claims in several tweets that he was not part of the hack, but then in countless tweets he uses the royal “We” when discussing the actions and motivations of the Impact Team. I attempted to engage Zu in private conversations without success; he has yet to respond to my invitations.

It is possible that Zu is instead a white hat security researcher or confidential informant who has infiltrated the Impact Team and is merely riding on their coattails or acting as their mouthpiece. But one thing is clear: If Zu wasn’t involved in the hack, he almost certainly knows who was.

KrebsOnSecurity is grateful to several researchers, including Nick Weaver, for their assistance and time spent indexing, mining and making sense of tweets and social media accounts mentioned in this post. Others who helped have asked to remain anonymous.

TorrentFreak: Pirate Music Site Op Pleads Guilty, Faces Five Years in Prison

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

Over the past five years, Operation in Our Sites, the U.S. initiative tackling copyright-infringing websites, has produced several arrests and the seizure of thousands of domains.

In October 2014, ICE Homeland Security Investigations took action against a pair of large U.S.-based websites. RockDizMusic.com and RockDizFile.com were both involved in large-scale distribution of unauthorized music, with the former presenting itself as a music database and the latter its file-hosting partner.

At the time ICE didn’t respond to requests for comment but it eventually transpired that the sites’ alleged operator, Rocky P. Ouprasith of Charlotte, N.C., had been arrested.

According to papers filed in the United States District Court for the Eastern District of Virginia Friday, Ouprasith operated both sites from around May 2011 through to his arrest last October.

Structure

During that period Ouprasith sourced pirated content online and uploaded it to RockDizFile, while encouraging others to do the same. Ouprasith curated the unauthorized content and then presented it for download on RockDizMusic, which in turn acted as a user-friendly front for RockDizFile. ‘Affiliates’ who uploaded music were paid based on the number of times their files were downloaded.

RockDizMusic.com
rockdizmusic

“To operate these websites, OUPRASITH rented and used computer servers in the United States and abroad. OUPRASITH hosted the website RockDizMusic.com on servers originally located in France and later in Canada,” court papers read.

“One of OUPRASITH’s linking websites, at RockDizFile.com, operated from a computer server in Illinois furnished by the webhosting provider, GigeNET. A second linking website used by OUPRASITH, at SfShare.se, was hosted
from a computer server in Russia.”

Profit

According to the prosecution, Ouprasith’s aim was to profit from his websites. He sold premium subscriptions to RockDizFile at a cost of up to $90.00 per year, which offered faster downloads and VIP access. Also generating revenue were several deals he had up with to nine advertising firms.

This resulted in decent traffic, reportedly 1.65m visits from 937,000 unique visitors in January 2014. However, that doesn’t appear to have made Ouprasith a particularly rich man. Skype messages found on a laptop seized by ICE had the 23-year-old stating that in 2013 he made around $80k but spent $60K running the business.

RIAA and DMCA

Nevertheless, according to the RIAA, in 2013 RockDizFile emerged “as the second largest online file-sharing site in the reproduction and distribution of infringing copies of copyrighted music in the United States.”

RockDizFile.com
rockdizfile

This growth caused both the RIAA and IFPI to target the site with hundreds of DMCA takedown notices but apparently Ouprasith failed to process them in a legally acceptable manner. A Homeland Security investigation found that although files were taken down, the same reappeared elsewhere on the site.

“In other words, OUPRASITH never took down the infringing files pursuant to the DMCA takedown notices. Instead, he simply created a new hyperlink to the same illegal content,” a statement of facts reads.

Arrest and guilty plea

On October 15, 2014, HSI executed a warrant to search Ouprasith’s residence in North Carolina. In Chicago, the RockDizFile server was seized, as were ancillary servers in both the Netherlands and France. Ouprasith appears to have cooperated immediately.

“After being advised of his rights orally and in writing, OUPRASITH waived them and agreed to speak with investigators,” papers read.

What followed was a near complete confession, including that he made between $3,000 and $4000 profit per month and that in response to DMCA notices Ouprasith would “delete the reported links to the content listed in the notices and then re-upload exactly the same content under new hyperlinks.”

In his guilty plea, Ouprasith admits for-profit infringement exceeding $2.5m but less than $7m, plus various other copyright charges including pre-release music piracy. He also agrees to forfeit almost $51,000 and any property used to commit and facilitate the infringement.

When sentenced later this year, Ouprasith faces up to five years in federal prison.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Krebs on Security: Was the Ashley Madison Database Leaked?

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

Many news sites and blogs are reporting that the data stolen last month from 37 million users of AshleyMadison.com — a site that facilitates cheating and extramarital affairs — has finally been posted online for the world to see. In the past 48 hours, several huge dumps of data claiming to be the actual AshleyMadison database have turned up online. But there are precious few details in them that would allow one to verify these claims, and the company itself says it so far sees no indication that the files are legitimate.

A huge trove of data nearly 10 gigabytes in size was dumped onto the Deep Web and onto various Torrent file-sharing services over the past 48 hours.  According to a story at Wired.com, included in the files are names, addresses and phone numbers apparently attached to AshleyMadison member profiles, along with credit card data and transaction information. Links to the files were preceded by a text file message titled “Time’s Up” (see screenshot below).

The message left by the hackers claiming to leak the AshleyMadison.com database.

The message left by the latest group of attention-seekers claiming to have leaked the hacked AshleyMadison.com database.

From taking in much of the media coverage of this leak so far — for example, from the aforementioned Wired piece or from the story at security blogger Graham Cluley’s site — readers would most likely conclude that this latest collection of leaked data is legitimate. But after an interview this evening with Raja Bhatia — AshleyMadison’s original founding chief technology officer — I came away with a much different perspective.

Bhatia said he has teamed up with an international team of roughly a dozen investigators working seven days a week, 24-hours a day just to keep up with all of the fake data dumps claiming to be the stolen AshleyMadison database that was referenced by the original hackers on July 19. Bhatia said his team sees no signs that this latest dump is legitimate.

“On a daily basis, we’re seeing 30 to 80 different claimed dumps come online, and most of these dumps are entirely fake and being used by other organizations to capture the attention that’s been built up through this release,” Bhatia said. “In total we’ve looked at over 100GB of data that’s been put out there. For example, I just now got a text message from our analysis team in Israel saying that the last dump they saw was 15 gigabytes. We’re still going through that, but for the most part it looks illegitimate and many of the files aren’t even readable.”

The former AshleyMadison CTO, who’s been consulting for the company ever since news of the hack broke last month, said many of the fake data dumps the company has examined to date include some or all of the files from the original July 19 release. But the rest of the information, he said, is always a mix of data taken from other hacked sources — not AshleyMadison.com.

“The overwhelming amount of data released in the last three weeks is fake data,” he said. “But we’re taking every release seriously and looking at each piece of data and trying to analyze the source and the veracity of the data.”

Bhatia said the format of the fake leaks has been changing constantly over the last few weeks.

“Originally, it was being posted through Imgur.com and Pastebin.com, and now we’re seeing files going out over torrents, the Dark Web, and TOR-based URLs,” he said.

To help locate new troves of data claiming to be the files stolen from AshleyMadison, the company’s forensics team has been using a tool that Netflix released last year called Scumblr, which scours high-profile sites for specific terms and data.

“For the most part, we can quickly verify that it’s not our data or it’s fake data, but we are taking each release seriously,” Bhatia said. “Scumbler helps accelerate the time it takes for us to detect new pieces of data that are being released.  For the most part, we’re finding the majority of it is fake. There are some things that have data from the original release, but other than that, what we’re seeing is other generic files that have been introduced, fake SQL files.”

Bhatia said this most recent leak is especially amusing because it included actual credit card data, even though AshleyMadison.com has never stored credit card information.

“There’s definitely not credit card information, because we don’t store that,” Bhatia said. “We use transaction IDs, just like every other PCI compliant merchant processor. If there is full credit card data in a dump, it’s not from us, because we don’t even have that. When someone completes a payment, what happens is from our payment processor, we get a transaction ID back. That’s the only piece of information linking to a customer or consumer of ours. If someone is releasing credit card data, that’s not from us. We don’t have that in our databases or our own systems.”

A screen shot of the archive released recently that many believe is the leaked AshleyMadison database.

A screen shot of the archive released recently that many believe is the leaked AshleyMadison database.

Nearly every day since I first reported the exclusive story of the Ashley Madison hack on July 19,  I’ve received desperate and sad emails from readers who were or are AshleyMadison users and who wanted to know if the data would ever be leaked, or if I could somehow locate their information in any documents leaked so far. Unfortunately, aside from what I’ve reported here and in my original story last month, I don’t have any special knowledge or insight into this attack.

My first report on this breach quoted AshleyMadison CEO Noel Biderman saying the company suspected the culprit was likely someone who at one time had legitimate access to the company’s internal networks. I’d already come to the same conclusion by that time, and I still believe that’s the case. So I asked Bhatia if the company and/or law enforcement in Canada or the United States had apprehended anyone in relation to this hack.

Bhatia declined to answer, instead referring me to the written statement posted on its site today, which noted that investigation is still ongoing and that the company is simultaneously cooperating fully with law enforcement investigations, including by the Royal Canadian Mounted Police, the Ontario Provincial Police, the Toronto Police Services and the U.S. Federal Bureau of Investigation.

“This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities,” the statement reads. “We know that there are people out there who know one or more of these individuals, and we invite them to come forward. While we are confident that the authorities will identify and prosecute each of them to the fullest extent of the law, we also know there are individuals out there who can help to make this happen faster.”

Raspberry Pi: The TRS-80 model 100 goes online

This post was syndicated from: Raspberry Pi and was written by: Liz Upton. Original post: at Raspberry Pi

Sometimes added functionality isn’t exactly functional. Sometimes, it’s more a sort of demonstration that something can be done, whether or not it’s actually a very good idea.

UK readers may not recognise the machine below, but those of you in the USA (as long as you’re of a certain vintage) will be familiar with it. It’s a TRS-80 model 100: an incredibly early (1983-ish) laptop-type computer, whose market was mostly in the US and Canada, made in partnership by Kyocera and Microsoft. The 8k version would set you back $1099, and the 24k version $1399 – an absolute ton of money in 1983, when we many of us at Pi Towers were either not born yet, or still at the corduroy dungarees and deelyboppers phase.

trs80-100-17-980x740

The TRS-80, rather amazingly, was a connected machine, with a built-in modem. It was a popular tool for journalists; you could save about eleven pages of text if you were out in the field, and send it over that modem to your editor using a program called TELCOM – an incredibly liberating technology at the time. It was pretty power-efficient as well; it took four AA batteries, which lasted for about 20 hours.

So what better for retro-hardware lovers than an internet-connected TRS-80 model 100? That’s exactly what Sean Gallagher from Ars Technica made.

login

I successfully logged in to Ars’ editorial IRC channel from the Model 100. And seeing as this machine first saw the market in 1983, it took a substantial amount of help: a Raspberry Pi, a little bit of BASIC code, and a hidden file from the website of a certain Eric S. Raymond.

Sean says that the TRS-80 is the last machine Bill Gates ever wrote a significant amount of code for, and that Gates has said it’s his favourite ever machine.

This is a really tricky problem to work your way around when you consider that modern websites don’t really work within a 40 columns by eight lines display; that the TRS-80 keyboard doesn’t have a | or pipe symbol; that you can’t load a TCP/IP stack onto the device; that Sean had to build his own null-modem cable – it’s a labour of love and an absolutely fascinating read. Head over to Ars Technica to read more about dragging 1980s hardware some of the way into the 21st century.

 

The post The TRS-80 model 100 goes online appeared first on Raspberry Pi.

TorrentFreak: CNN & CBC Sued For Pirating 31 Second YouTube Video

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

youtubefaceWhile millions of users upload videos to YouTube every day without expecting any reward, it’s possible for popular content to generate plenty of revenue through YouTube’s account monetization program.

New York resident Alfonzo Cutaia used the program last year when he sensed he had a hit video on his hands, but allegedly some news organizations didn’t play by the rules and now things have become messy.

Things began in 2014 when winter storm ‘Knife‘ buried parts of New York and surrounding areas under several feet of snow. On November 18, Cutaia was watching the storm coming over Lake Erie from his Buffalo office window when he decided to record events on his mobile phone.

Recognizing the potential for interest in his video, Cutaia uploaded his 32 second clip to YouTube. He gave it the title “Buffalo Lake Effect” and opted to generate revenue via YouTube’s monetization program. Cutaia selected “Standard YouTube License” and watched the hits roll in.

The recording did very well indeed. By the end of day one Cutaia’s video had been viewed more than 513,000 times. On day two things blew up with an additional 2.3 million hits and soon after the New York resident was receiving requests from news outlets – CBS, ABC, CNN, NBC, Reuters and AP – to use his footage.

But according to a lawsuit filed this week by Cutaia in a New York court, around November 18 Canada’s CBC aired the video online without permission, with a CBC logo as an overlay.

After complaining to CBC about continued unauthorized use, last month Cutaia was told by CBC that the company had obtained the video from CNN on a 10-day license. However, Cutaia claims that the video was used by CBC and its partners for many months, having been supplied to them by CNN who also did not have a license.

In his complaint, Cutaia seeks injunctions against both CBC and CNN to stop further unlawful use of his video. He also accuses the news outlets of “intentional and willful” copyright infringement and seeks appropriate damages.

Interestingly, the lawsuit also claims that both CBC and CNN violated the DMCA when the companies ‘liberated’ it from the YouTube system and offered it for viewing elsewhere.

“In order to infringe the Storm Video, CBC [and CNN] circumvented Cutaia’s technological measures limiting access to the Storm Video, without authorization, in violation of 17 U.S.C. § 1201(a)(1)(a),” the lawsuit reads.

“By its reproduction and alteration to the Storm Video, CBC [and CNN] intentionally removed and/or altered the copyright management information of the Storm Video, without authorization, in violation of U.S.C. § 1202(b)(1)”

CBC and CNN are also accused of distributing the video despite knowing that the copyright management information had been removed.

In closing, Cutaia seeks permanent injunctions against CBC and CNN, accuses them of varying degrees of copyright infringement, while demanding a jury trial to determine damages.

In the meantime “Buffalo Lake Effect” continues to perform well on YouTube. By July 2015 the video had been viewed more than 3.68m times.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and the best VPN services.

Krebs on Security: Chinese VPN Service as Attack Platform?

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

Hardly a week goes by without a news story about state-sponsored Chinese cyberspies breaking into Fortune 500 companies to steal intellectual property, personal data and other invaluable assets. Now, researchers say they’ve unearthed evidence that some of the same Chinese hackers also have been selling access to compromised computers within those companies to help perpetuate future breaches.

The so-called “Great Firewall of China” is an effort by the Chinese government to block citizens from accessing specific content and Web sites that the government has deemed objectionable. Consequently, many Chinese seek to evade such censorship by turning to virtual private network or “VPN” services that allow users to tunnel their Internet connections to locations beyond the control of the Great Firewall.

terracottavpn

Security experts at RSA Research say they’ve identified an archipelago of Chinese-language virtual private network (VPN) services marketed to Chinese online gamers and those wishing to evade censorship, but which also appear to be used as an active platform for launching attacks on non-Chinese corporations while obscuring the origins of the attackers.

Dubbed by RSA as “Terracotta VPN” (a reference to the Chinese Terracotta Army), this satellite array of VPN services “may represent the first exposure of a PRC-based VPN operation that maliciously, efficiently and rapidly enlists vulnerable servers around the world,” the company said in a report released today.

The hacker group thought to be using Terracotta to launch and hide attacks is known by a number of code names, including the “Shell_Crew” and “Deep Panda.” Security experts have tied this Chinese espionage gang to some of the largest data breaches in U.S. history, including the recent attack on the U.S. Office of Personnel Management, as well as the breaches at U.S. healthcare insurers Anthem and Premera.

According to RSA, Terracotta VPN has more than 1,500 nodes around the world where users can pop up on the Internet. Many of those locations appear to be little more than servers at Internet service providers in the United States, Korea, Japan and elsewhere that offer cheap virtual private servers.

But RSA researchers said they discovered that many of Terracotta’s exit nodes were compromised Windows servers that were “harvested” without the victims’ knowledge or permission, including systems at a Fortune 500 hotel chain; a hi-tech manufacturer; a law firm; a doctor’s office; and a county government of a U.S. state.

The report steps through a forensics analysis that RSA conducted on one of the compromised VPN systems, tracking each step the intruders took to break into the server and ultimately enlist the system as part of the Terracotta VPN network.

“All of the compromised systems, confirmed through victim-communication by RSA Research, are Windows servers,” the company wrote. “RSA Research suspects that Terracotta is targeting vulnerable Windows servers because this platform includes VPN services that can be configured quickly (in a matter of seconds).”

RSA says suspected nation-state actors have leveraged at least 52 Terracotta VPN nodes to exploit sensitive targets among Western government and commercial organizations. The company said it received a specific report from a large defense contractor concerning 27 different Terracotta VPN node Internet addresses that were used to send phishing emails targeting users in their organization.

“Out of the thirteen different IP addresses used during this campaign against this one (APT) target, eleven (85%) were associated with Terracotta VPN nodes,” RSA wrote of one cyber espionage campaign it investigated. “Perhaps one of the benefits of using Terracotta for Advanced Threat Actors is that their espionage related network traffic can blend-in with ‘otherwise-legitimate’ VPN traffic.”

DIGGING DEEPER

RSA’s report includes a single screen shot of software used by one of the commercial VPN services marketed on Chinese sites and tied to the Terracotta network, but for me this was just a tease: I wanted a closer look at this network, yet RSA (or more likely, the company’s lawyers) carefully omitted any information in its report that would make it easy to locate the sites selling or offering the Terracotta VPN.

RSA said the Web sites advertising the VPN services are marketed on Chinese-language Web sites that are for the most part linked by common domain name registrant email addresses and are often hosted on the same infrastructure with the same basic Web content. Along those lines, the company did include one very useful tidbit in its report: A section designed to help companies detect servers that may be compromised warned that any Web servers seen phoning home to 8800free[dot]info should be considered hacked.

A lookup at Domaintools.com for the historic registration records on 8800free[dot]info show it was originally registered in 2010 to someone using the email address “xnt50@163.com.” Among the nine other domains registered to xnt50@163.com is 517jiasu[dot]cn, an archived version of which is available here.

Domaintools shows that in 2013 the registration record for 8800free[dot]info was changed to include the email address “jzbb@foxmail.com.” Helpfully, that email was used to register at least 39 other sites, including quite a few that are or were at one time advertising similar-looking VPN services.

Pivoting off the historic registration records for many of those sites turns up a long list of VPN sites registered to other interesting email addresses, including “adsyb@163.com,” “asdfyb@hotmail.com” and “itjsq@qq.com” (click the email addresses for a list of domains registered to each).

Armed with lists of dozens of VPN sites, it wasn’t hard to find several sites offering different VPN clients for download. I installed each on a carefully isolated virtual machine (don’t try this at home, kids!). Here’s one of those sites:

One of the sites offering the VPN software and service that RSA has dubbed "Terracotta."

A Google-translated version of one of the sites offering the VPN software and service that RSA has dubbed “Terracotta.”

All told, I managed to download, install and use at least three VPN clients from VPN service domains tied to the above-mentioned email addresses. The Chinese-language clients were remarkably similar in overall appearance and function, and listed exit nodes via tabs for several countries, including the Canada, Japan, South Korea and the United States, among others. Here is one of the VPN clients I played with in researching this story:

517vpnconnected

This one was far more difficult to use, and crashed repeatedly when I first tried to take it for a test drive:

us-vpn2

None of the VPN clients I tried would list the Internet addresses of the individual nodes. However, each node in the network can be discovered simply by running some type of network traffic monitoring tool in the background (I used Wireshark), and logging the address that is pinged when one clicks on a new connection.

RSA said it found more than 500 Terracotta servers that were U.S. based, but I must have gotten in on the fun after the company started notifying victim organizations because I found only a few dozen U.S.-based hosts in any of the VPN clients I checked. And most of the ones I did find that were based in the United States appeared to be virtual private servers at a handful of hosting companies.

The one exception I found was a VPN node tied to a dedicated Windows server for the Web site of a company in Michigan that manufactures custom-made chairs for offices, lounges and meeting rooms. That company did not return calls seeking comment.

In addition to the U.S.-based hosts, I managed to step through a huge number of systems based in South Korea. I didn’t have time to look through each record to see whether any of the Korean exit nodes were interesting, but here’s the list I came up with in case anyone is interested. I simply haven’t had time to look at and look up the rest of the clients in what RSA is calling the Terracotta network. Here’s a more simplified list of just the organizational names attached to each record.

Assuming RSA’s research is accurate (and I have no reason to doubt that it is) the idea of hackers selling access to hacked PCs for anonymity and stealth online is hardly a new one. In Sept. 2011, I wrote about how the Russian cybercriminals responsible for building the infamous TDSS botnet were selling access to computers sickened with the malware via a proxy service called AWMProxy, even allowing customers to pay for the access with PayPal, Visa and MasterCard.

It is, after all, incredibly common for malicious hackers to use systems they’ve hacked to help perpetrate future cybercrimes – particularly espionage attacks. A classified map of the United States obtained by NBC last week showing the victims of Chinese cyber espionage over the past five years lights up like so many exit nodes in a VPN network.

Source: NBC

Source: NBC

Krebs on Security: Online Cheating Site AshleyMadison Hacked

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

Large caches of data stolen from online cheating site AshleyMadison.com have been posted online by an individual or group that claims to have completely compromised the company’s user databases, financial records and other proprietary information. The still-unfolding leak could be quite damaging to some 37 million users of the hookup service, whose slogan is “Life is short. Have an affair.”

ashleymadison

The data released by the hacker or hackers — which go by the name The Impact Team — includes sensitive internal data stolen from Avid Life Media (ALM), the Toronto-based firm that owns AshleyMadison as well as related hookup sites Cougar Life and Established Men.

Reached by KrebsOnSecurity late Sunday evening, ALM Chief Executive Noel Biderman confirmed the hack, and said the company was “working diligently and feverishly” to take down ALM’s intellectual property. Indeed, in the short span of 30 minutes between that brief interview and the publication of this story, several of the Impact Team’s Web links were no longer responding.

“We’re not denying this happened,” Biderman said. “Like us or not, this is still a criminal act.”

Besides snippets of account data apparently sampled at random from among some 40 million users across ALM’s trio of properties, the hackers leaked maps of internal company servers, employee network account information, company bank account data and salary information.

The compromise comes less than two months after intruders stole and leaked online user data on millions of online hookup site AdultFriendFinder.

In a long manifesto posted alongside the stolen ALM data, The Impact Team said it decided to publish the information in response to alleged lies ALM told its customers about a service that allows members to completely erase their profile information for a $19 fee.

According to the hackers, although the “full delete” feature that Ashley Madison advertises promises “removal of site usage history and personally identifiable information from the site,” users’ purchase details — including real name and address — aren’t actually scrubbed.

“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”

Their demands continue:

“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”

A snippet of the message left behind by the Impact Team.

A snippet of the message left behind by the Impact Team.

It’s unclear how much of the AshleyMadison user account data has been posted online. For now, it appears the hackers have published a relatively small percentage of AshleyMadison user account data and are planning to publish more for each day the company stays online.

“Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers continued. “Too bad for ALM, you promised secrecy but didn’t deliver. We’ve got the complete set of profiles in our DB dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”

ALM CEO Biderman declined to discuss specifics of the company’s investigation, which he characterized as ongoing and fast-moving. But he did suggest that the incident may have been the work of someone who at least at one time had legitimate, inside access to the company’s networks — perhaps a former employee or contractor.

“We’re on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication,” Biderman said. “I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services.”

As if to support this theory, the message left behind by the attackers gives something of a shout out to ALM’s director of security.

“Our one apology is to Mark Steele (Director of Security),” the manifesto reads. “You did everything you could, but nothing you could have done could have stopped this.”

Several of the leaked internal documents indicate ALM was hyper aware of the risks of a data breach. In a Microsoft Excel document that apparently served as a questionnaire for employees about challenges and risks facing the company, employees were asked “In what area would you hate to see something go wrong?”

Trevor Stokes, ALM’s chief technology officer, put his worst fears on the table: “Security,” he wrote. “I would hate to see our systems hacked and/or the leak of personal information.”

In the wake of the AdultFriendFinder breach, many wondered whether AshleyMadison would be next. As the Wall Street Journal noted in a May 2015 brief titled “Risky Business for AshleyMadison.com,” the company had voiced plans for an initial public offering in London later this year with the hope of raising as much as $200 million.

“Given the breach at AdultFriendFinder, investors will have to think of hack attacks as a risk factor,” the WSJ wrote. “And given its business’s reliance on confidentiality, prospective AshleyMadison investors should hope it has sufficiently, er, girded its loins.”

Krebs on Security: CVS Probes Card Breach at Online Photo Unit

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

Nationwide pharmacy chain CVS has taken down its online photo center CVSphoto.com, replacing it with a message warning that customer credit card data may have been compromised. The incident comes just days after Walmart Canada said it was investigating a potential breach of customer card data at its online photo processing store.

cvsphoto

“We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised,” CVS said in a statement that replaced the photo Web site’s normal homepage content. “As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience. Customer registrations related to online photo processing and CVSPhoto.com are completely separate from CVS.com and our pharmacies. Financial transactions on CVS.com and in-store are not affected.”

Last week, Walmart Canada warned it was investigating a similar breach of its online photo Web site, which the company said was operated by a third party. The Globe and Mail reported that the third-party in the Walmart Canada breach is a company called PNI Digital Media. 

According to PNI’s investor relations page, PNI provides a “provides a proprietary transactional software platform” that is used by retailers such as Costco, Walmart Canada, and CVS/pharmacy to sell millions of personalized products every year.”

“Our digital logistics connect your website, in-store kiosks, and mobile presences with neighbourhood storefronts, maximizing style, price, and convenience. Last year the PNI Digital Media platform worked with over 19,000 retail locations and 8,000 kiosks to generate more than 18M transactions for personalized products.”

Neither CVS nor PNI could be immediately reached for comment. Costco’s online photo store — costcophotocenter.com, does not appear to include any messaging about a possible breach.

Interestingly, PNI Digital Media was acquired a year ago by office supply chain Staples. As first reported by this site in October 2014, Staples suffered its own card breach, a six-month intrusion that allowed thieves to steal more than a million customer card accounts.

TorrentFreak: TPP: U.S. May Accept Partners’ Own ISP Liability Frameworks

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

The Trans-Pacific Partnership (TPP) is a multinational trade agreement aimed at strengthening economic ties between the United States, Canada, New Zealand, Japan and eight other countries. The aim is to ease trade in goods and services, encourage investment, and forge understandings across a wide range of policy issues.

The TPP contains a chapter on intellectual property issues such as copyright, trademarks and patents. However, the developing agreement is highly secretive with drafts never being released to the public – officially at least. That all changed in 2013 when Wikileaks breached the agreement’s security cordon with the publishing of a draft relating to IP issues.

Since then there have been several leaks, including a notable one in October 2014, again courtesy of Wikileaks. Last month Politico obtained a more recent draft dated May 2015 but did not publish the full document. However, the Electronic Frontier Foundation now says it has been briefed on its contents.

The EFF reports that while the text on DRM circumvention and copyright term remain largely unchanged, progress appears to have been made in the area of intermediary liability. This relates to the immunity afforded to service providers in respect of copyright infringement claims, provided they adhere to a set of requirements establishing their ‘safe harbor’.

In this area the most famous framework is that outlined by the United States’ Digital Millennium Copyright Act (DMCA), whereby Internet companies such as ISPs and platform providers such as Google and YouTube respond to takedown requests from third parties to avoid being held liable for the infringements of others.

As outlined in last year’s leak, the TPP’s ISP liability section mimics the DMCA, which prompted concern that partners could be forced to impose tougher regimes than those already in place. However, according to the EFF there appears to be a softening of position which could allow countries to stick to existing frameworks.

“The latest leak suggests that the U.S. is now likely to accommodate at least some of these existing intermediary liability regimes, rather than forcing a carbon-copy of the failed DMCA on its TPP partners,” EFF Senior Global Policy Analyst Jeremy Malcolm writes.

“The text does enforce a more generalized model of limitation of liability for intermediaries for third party content, and imposes a range of conditions before they qualify for that protection.

“But those conditions are now broad enough to accommodate a Japanese-style system in which a self-regulatory authority, formed by intermediaries and rightsholders with government involvement, is required to verify notices of claimed infringement before they are acted on.”

Also of interest is the approach taken towards Canada, a country placed as one of the leading opponents of many of the U.S. proposals. As concern mounts that the TPP agreement could challenge the country’s recently revamped copyright law and its notice-and-notice (as opposed to notice-and-takedown) system, the EFF reports leeway in negotiations.

“Interestingly, Canada’s system is not accommodated within the main text, but in a separate annex. The annex would exempt a country (such as Canada, implicitly) from the requirement to have a notice-and-takedown system provided that it already has a system in place requiring intermediaries to pass on notices of alleged infringement to their users,” the EFF explains.

However, the wiggle room does come at a cost. Countries in this position would be expected to impose secondary liability on intermediaries of services that are “primarily” used to enable copyright infringement. Search engines would also be required to remove cached copies of infringing items after their removal.

While the EFF raises concerns over the above, other proposals in the draft are given a cautious welcome.

TPP partners are now required to provide penalties against parties who knowingly file false takedown notices, equally those who file false counter-notices. Content taken down by a takedown notice must also be restored if a valid counter-notice is received.

Intermediaries will also be relieved that a failure to satisfy safe harbor conditions won’t automatically make them liable for infringement. Neither will safe harbor be reliant on intermediaries proactively monitoring uploads.

In conclusion, however, the EFF sees few reasons for optimism, noting that other threats in the IP chapter mean that the case for the group to fight the TPP “has never been more compelling.”

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and the best VPN services.

TorrentFreak: Cloudflare Reveals Pirate Site Locations in an Instant

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

cloudflareFive years ago, discovering the physical location of almost any ‘pirate’ site was achievable in a matter of seconds using widely available online tools. All one needed was an IP address and a simple lookup.

As sites became more aware of the need for security, cloaking efforts became more commonplace. Smaller sites, private trackers in particular, began using tunnels and proxies to hide their true locations, hampering anti-piracy efforts in the process. Later these kinds of techniques were used on even the largest sites, The Pirate Bay for example.

In the meantime the services of a rising company called Cloudflare had begun to pique the interest of security-minded site owners. Designed to optimize the performance of sites while blocking various kinds of abuse, Cloudflare-enabled sites get to exchange their regular IP address for one operated by Cloudflare, a neat side-effect for a site wishing to remain in the shadows.

cloud-pir

Today, Cloudflare ‘protects’ dozens – perhaps hundreds – of ‘pirate’ sites. Some use Cloudflare for its anti-DDoS capabilities but all get to hide their real IP addresses from copyright holders. This has the potential to reduce the amount of DMCA notices and other complaints filtering through to their real hosts.

Surprisingly, however, belief persists in some quarters that Cloudflare is an impenetrable shield that allows ‘pirate’ sites to operate completely unhindered. In fact, nothing could be further from the truth.

In recent days a perfect example appeared in the shape of Sparvar (Sparrows), a Swedish torrent site that has been regularly hounded by anti-piracy outfit Rights Alliance. Sometime after moving to Canada in 2014, Sparvar began using the services of Cloudflare, which effectively cloaked the site’s true location from the world. Well, that was the theory.

According to an announcement from the site, Rights Alliance lawyer Henrik Pontén recently approached Cloudflare in an effort to uncover Sparvar’s email address and the true location of its servers. The discussions between Rights Alliance and Cloudflare were seen by Sparvar, which set alarm bells ringing.

“After seeing the conversations between Rights Alliance and server providers / CloudFlare we urge staff of other Swedish trackers to consider whether the risk they’re taking is really worth it,” site staff said.

“All that is required is an email to CloudFlare and then [anti-piracy companies] will have your IP address.”

As a result of this reveal, Sparvar is now offline. No site or user data has been compromised but it appears that the site felt it best to close down, at least for now.

spar-down

This obviously upset users of the site, some of whom emailed TorrentFreak to express disappointment at the way the situation was handled by Cloudflare. However, Cloudflare’s terms and conditions should leave no doubt as to how the company handles these kinds of complaints.

One clause in which Cloudflare reserves the right to investigate not only sites but also their operators, it’s made crystal clear what information may be given up to third parties.

“You acknowledge that CloudFlare may, at its own discretion, reveal the information about your web server to alleged copyright holders or other complainants who have filed complaints with us,” the company writes.

The situation is further underlined when Cloudflare receives DMCA notices from copyright holders and forwards an alert to a site using its services.

“We have provided the name of your hosting provider to the reporter. Additionally, we have forwarded this complaint to your hosting provider as well,” the site’s abuse team regular advises.

While Cloudflare itself tends not to take direct action against sites it receives complaints about, problems can mount if a copyright holder is persistent enough. Just recently Cloudflare was ordered by a U.S. court to discontinue services to a Grooveshark replacement. That site is yet to reappear.

Finally, Sparvar staff have some parting advice for other site operators hoping to use Cloudflare services without being uncovered.

“We hope that you do not have your servers directly behind CloudFlare which means a big security risk. We hope and believe that you are also running some kind of reverse proxy,” the site concludes.

At the time of publication, Henrik Pontén of Rights Alliance had not responded to our requests for comment.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and the best VPN services.

LWN.net: [$] A report from PGCon 2015

This post was syndicated from: LWN.net and was written by: jake. Original post: at LWN.net

PGCon 2015, the PostgreSQL
international developer conference, took place in Ottawa, Canada from June
16 to 20. This PGCon involved a change in format from prior editions, with
a “developer unconference” in the two days before the main conference
program. Both the conference and the unconference covered a wide range of
topics, many of them related to horizontal or vertical scaling, or to new
PostgreSQL features.

Subscribers can click below for a report from the conference from guest author Josh Berkus.

LWN.net: A report from PGCon 2015

This post was syndicated from: LWN.net and was written by: jake. Original post: at LWN.net

PGCon 2015, the PostgreSQL
international developer conference, took place in Ottawa, Canada from June
16 to 20. This PGCon involved a change in format from prior editions, with
a “developer unconference” in the two days before the main conference
program. Both the conference and the unconference covered a wide range of
topics, many of them related to horizontal or vertical scaling, or to new
PostgreSQL features.

Subscribers can click below for a report from the conference from guest author Josh Berkus.

lcamtuf's blog: A bit more on firearms in the US

This post was syndicated from: lcamtuf's blog and was written by: Michal Zalewski. Original post: at lcamtuf's blog

This is the fifth article in a short series about Poland, Europe, and the United States. To explore the entire series, start here.

Perhaps not surprisingly, my previous blog post sparked several interesting discussions with my Polish friends who took a more decisive view of the social costs of firearm ownership, or who saw the Second Amendment as a barbaric construct with no place in today’s world. Their opinions reminded me of my own attitude some ten years ago; in this brief follow-up, I wanted to share several data points that convinced me to take a more measured stance.

Let’s start with the basics: most estimates place the number of guns in the United States at 300 million – that’s roughly one firearm per every single resident. In Gallup polls, roughly 40-50% of all households report having a gun, frequently more than one. The demographics of firearm ownership are more uniform than stereotypes may imply; there is some variance across regions, political affiliations, and genders – but it tends to fall within fairly narrow bands.

An overwhelming majority of gun owners cite personal safety as the leading motive for purchasing a firearm; hunting and recreation activities come strong second. The defensive aspect of firearm ownership is of special note, because it can potentially provide a very compelling argument for protecting the right to bear arms even if it’s a socially unwelcome practice, or if it comes at an elevated cost to the nation as a whole.

The self-defense argument is sometimes dismissed as pure fantasy, with many eminent pundits citing one exceptionally shoddy statistic to support this claim: the fairly low number of justifiable homicides in the country. Despite its strong appeal to ideologues, the metric does not stand up to honest scrutiny: all available data implies that most encounters where a gun is pulled by a would-be victim would not end up in the assailant getting killed; it’s overwhelmingly more likely that they would hastily retreat, be detained at gunpoint, or suffer non-fatal injuries.

In reality, we have no single, elegant, and reliable source of data about the frequency with which firearms are used to deter threats; the results of scientific polls probably offer the most comprehensive view, but are open to interpretation and their results vary significantly depending on sampling methods and questions asked. That said, a recent meta-analysis from Centers for Disease Control and Prevention provided some general bounds:


“Defensive use of guns by crime victims is a common occurrence, although the exact number remains disputed (Cook and Ludwig, 1996; Kleck, 2001a). Almost all national survey estimates indicate that defensive gun uses by victims are at least as common as offensive uses by criminals, with estimates of annual uses ranging from about 500,000 to more than 3 million.”

An earlier but probably similarly unbiased estimate from US Dept of Justice puts the number at approximately 1.5 million uses a year.

The CDC study also goes on to say:


“A different issue is whether defensive uses of guns, however numerous or rare they may be, are effective in preventing injury to the gun-wielding crime victim. Studies that directly assessed the effect of actual defensive uses of guns (i.e., incidents in which a gun was “used” by the crime victim in the sense of attacking or threatening an offender) have found consistently lower injury rates among gun-using crime victims compared with victims who used other self-protective strategies.”

An argument can be made that the availability of firearms translates to higher rates of violent crime, thus elevating the likelihood of encounters where a defensive firearm would be useful – feeding into an endless cycle of escalating violence. That said, such an effect does not seem to be particularly evident. For example, the United States comes out favorably in statistics related to assault, rape, and robbery; on these fronts, there is no reason to believe that America is more violent than other OECD countries with far lower firearm ownership rates.

But there is an exception: one area where the United States clearly falls behind other developed countries are homicides. The per-capita figures are almost three times as high as in much of the European Union. And indeed, the bulk of intentional homicides – some 11 thousand deaths a year – trace back to firearms.

It is reasonable to instinctively make the obvious connection, but the origins of this tragic situation may be more elusive than they at first appear. For one, non-gun-related homicides happen in the US at a higher rate than in many other countries, too; Americans just seem to be generally more keen on killing each other than people in places such as Europe, Australia, or Canada. In addition, no clear pattern emerges when comparing homicide rates across states with permissive and restrictive gun ownership laws. Some of the lowest per-capita homicide figures can be found in extremely gun-friendly states such as Idaho, Utah, or Vermont; whereas highly-regulated Washington D.C., Maryland, Illinois, and California all rank pretty high. It is likely that factors such as population density, urban poverty, and drug-related gang activities play a far more significant role in violent crime, compared to the ease with which law-abiding people may purchase or bear arms. It’s tragic but worth noting that a strikingly disproportionate percentage of homicides involves both victims and perpetrators that belong to socially disadvantaged and impoverished minorities.

International comparisons show general correlation between gun ownership and some types of crime, but it’s difficult to draw solid conclusions from that: guns aside, there are many other excellent reasons why crime rates may be low in the wealthy European states, and high in Venezuela, Mexico, or South Africa. When comparing European countries alone, the picture is even less clear: gun ownership in Poland is almost twenty times lower than in neighboring Germany and ten times lower than in Czech Republic – but you certainly wouldn’t able to tell that from the crime stats.

When it comes to gun control, one CDC study on the topic concluded with:


“The Task Force found insufficient evidence to determine the effectiveness of any of the firearms laws or combinations of laws reviewed on violent outcomes.”

This does not imply that such approaches are necessarily ineffective; for example, it seems pretty reasonable to assume that well-designed background checks or waiting periods do save lives. Similarly, safe storage requirements would likely prevent dozens of child deaths, although they would probably make firearms less useful for self-defense. But for the hundreds of sometimes far-fetched gun control proposals introduced every year on federal and state level, emotions often take place of real data, poisoning the debate around gun laws and ultimately bringing little or no public benefit. The heated assault weapon debate is one such red herring: although semi-automatic rifles look sinister, they are far more common in the movies than on the streets – and in reality account only for somewhere under 4% of all firearm homicides. The efforts to close the “gun show loophole” seem fairly sensible, but are probably overhyped, too; criminals overwhelmingly depend on more than 200,000 guns that are stolen from their rightful owners every year. Dealing with theft would be a wiser move, but is a lot harder to pull off.

Another oddball example of perhaps overly simplistic legislative zeal are the attempts to mandate costly gun owner liability insurance, based on drawing an impassioned but flawed parallel between firearms and cars; what undermines this argument is that car accidents are commonplace, while gun handling mishaps – especially ones that injure others – are rare. There are also proposals to institute $100 ammunition purchase permits or to prohibit ammo sales over the Internet. Many critics feel that such laws seem to be geared not toward addressing any specific dangers, but toward making firearms more expensive and burdensome to own – slowly eroding the constitutional rights of the less wealthy folks. They also see hypocrisy in the common practice of making retired police officers and many high-ranking government officials exempt from said laws.

Regardless of individual merit of the regulations, it’s certainly true that with countless pieces of sometimes obtuse and poorly-written federal, state, and municipal statutes introduced every year, it’s increasingly easy for people to unintentionally run afoul of the rules. In California, the law as written today implies that any legal permanent resident in good standing can own a gun, but that only US citizens can transport it by car. Given that Californians are also generally barred from carrying firearms on foot in many populated areas, non-citizen residents are seemingly expected to teleport between the gun store, their home, and the shooting range. With many laws hastily drafted in the days after mass shootings and other tragedies, such gems are commonplace. The federal Gun-Free School Zones Act imposes special restrictions on gun ownership within 1,000 feet of a school and slaps harsh penalties for as little carrying it in an unlocked container from one’s home to a car parked in the driveway. In many urban areas, a lot of people either live within such a school zone or can’t conceivably avoid it when going about their business; GFSZA violations are almost certainly common and are policed only selectively.

Meanwhile, with sharp declines in crime continuing for the past 20 years, the public opinion is increasingly in favor of broad, reasonably policed gun ownership; for example, more than 70% respondents to one Gallup poll are against the restrictive handgun bans of the sort attempted in Chicago, San Francisco, or Washington D.C.; and in a recent Rasmussen poll, only 22% say that they would feel safer in a neighborhood where people are not allowed to keep guns. In fact, worried about the historically very anti-gun views of the sitting president, Americans are buying a lot more firearms than ever before. Even the National Rifle Association – a staunchly conservative organization vilified by gun control advocates and mainstream pundits – enjoys a pretty reasonable approval rating across many demographics: 54% overall and 71% in households with a gun.

And here’s the kicker: despite its reputation for being a political arm of firearm manufacturers, the NRA is funded largely through individual memberships, small-scale donations, and purchase round-ups; organizational donations add up to about 5% of their budget – and if you throw in advertising income, the total still stays under 15%. That makes it quite unlike most of the other large-scale lobbying groups that Democrats aren’t as keen on naming-and-shaming on the campaign trail. The NRA’s financial muscle is also frequently overstated; gun control advocacy groups, backed by activist billionaires such as Michael Bloomberg, now frequently outspend the pro-gun crowd. The association’s socially conservative and unnecessarily polarizing rhetoric needs to be offset by the voice of other, more progressive civil liberties groups; but ironically, organizations such as American Civil Liberties Union – well-known for fearlessly defending controversial speech – prefer to avoid the Second Amendment because it doesn’t sit well with their own, progressive support base.

America’s attitude toward guns is a choice, not a necessity. It is also true that gun violence is a devastating problem; its emotional horror and lasting social impact can’t be possibly captured in any cold, dry statistic alone. But there is also nuance and reason to the gun control debate that can be hard to see for newcomers from more firearm-averse parts of the world.

For the next article in the series, click here.

Source Code in TV and Films: It seems that the code is from the C++ polymorphism example from…

This post was syndicated from: Source Code in TV and Films and was written by: Source Code in TV and Films. Original post: at Source Code in TV and Films

It seems that the code is from the C++ polymorphism example from the University of Regina, Canada. It can be found under:

ftp://www.cs.uregina.ca/pub/class/cplusplus/Poly.html

The code is shown at 01:18:30 in the film “The Outsider” (2014).

http://www.imdb.com/title/tt2198241/?ref_=fn_al_tt_4

Hope you can use it.

Mario.

TorrentFreak: Game of Thrones Season Finale Breaks Piracy Record

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

thronesThe fifth season of Game of Thrones has been the most-viewed so far, both through official channels and among pirates.

With this in mind the season finale was expected to be a record breaker, and it didn’t disappoint.

With the Internet abuzz over the latest plot twist and turns, many people turned to torrent sites to grab a pirated copy of the show, which appeared online shortly after the broadcast ended.

Data gathered by TorrentFreak shows that during the first eight hours, the season finale has been downloaded an estimated 1.5 million times already.

Never before have we seen this many downloads in such a short period of time, and last year it took half a day to reach the same number. Based on this figure, the download count is expected to increase to more than 10 million during the days to come.

A brief inspection of the download locations shows that Game of Thrones pirates come from all over the world, as we’ve seen previously. The show is particularly popular in the United States, the United Kingdom, Canada and India.

While HBO began warning individual downloaders earlier this year, the piracy demand appears to keep growing. In addition to the 1.5 million downloads the latest episode is also on track to beat the piracy swarm record.

At the time of writing the Demonii tracker reports that 224,449 people are sharing a single torrent at the same time. 144,201 are sharing a complete copy of that particular torrent while 80,248 are still downloading.

The current record stands at a quarter million active sharers, but this is usually reached later in the day. We will update this article in a few hours with an updated count.

Over the past three years Game of Thrones has been the most pirated TV-show. Based on the number of downloads this season, the same result will be achieved in 2015.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Google Fails to Overturn Worldwide Site-Blocking Order

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

The prominence of Google in endless Internet-related matters often sees the company get tangled up in the disputes of others. A case from 2014 provides a particularly interesting example.

Equustek Solutions Inc. v. Jack saw two Canadian entities embroiled in legal action over stolen intellectual property used to manufacture competing products.

Google has no direct links to the case whatsoever, yet it became sucked in when Equustek Solutions claimed that Google’s search results were helping to send visitors to websites operated by the defendants (former Equustek employees) that were selling unlawful products.

Google previously removed links to the sites from its Google.ca results on a voluntary basis, but Equustek wanted a broader response. In a subsequent court ruling handed in British Columbia, Google was ordered to remove the infringing websites’ listings from its central database in the United States, meaning that the ruling had worldwide implications.

Google was given a little under two weeks to comply with the decision but quickly appealed in the hope of achieving a better outcome. Now, a year later, the British Columbia Court of Appeal has handed down its decision and it’s more bad news for Google.

According to an analysis by Canadian law professor Michael Geist, the decision addresses two key questions, both involving jurisdiction.

i) Whether the court has jurisdiction over Google

ii) Whether the injunction handed down in Canada has power outside its borders

On the first issue, Google argued that it does not operate servers in British Columbia, nor does it have any local offices. However, the Court decided that the company does carry out business in the region.

“Google does not have resident employees, business offices, or servers in the Province, but its activities in gathering data through web crawling software, in distributing targeted advertising to users in British Columbia, and in selling advertising to British Columbia businesses are sufficient to uphold the chambers judge’s finding that it does business in the Province,” the ruling (pdf) reads.

On the second issue – whether a court order handed down in British Columbia could have jurisdiction beyond its borders – the Court of Appeal again ruled against Google.

“British Columbia courts are called upon to adjudicate disputes involving foreign residents on a daily basis, and the fact that their decisions may affect the activities of those people outside the borders of British Columbia is not determinative of whether an order may be granted,” the ruling reads.

Noting Google’s concerns that it could potentially be “subjected to restrictive orders from courts in all parts of the world, each concerned with its own domestic law,” the court underlined the importance of exercising caution when handing down orders that have the potential to limit expression in another country. However, it found no problem with the ruling of the lower Court.

“In the case before us, there is no realistic assertion that the judge’s order will offend the sensibilities of any other nation. It has not been suggested that the order prohibiting the defendants from advertising wares that violate the intellectual property rights of the plaintiffs offends the core values of any nation,” the ruling reads.

However, should any nation have an issue with the decision, they are free to appeal, the ruling adds.

“In the unlikely event that any jurisdiction finds the order offensive to its core values, an application could be made to the court to modify the order so as to avoid the problem.”

Dismissing Google’s appeal, Justice Groberman signs off on the blocking injunction in Equustek Solutions’ favor.

“The plaintiffs have established, in my view, that an order limited to the
google.ca search site would not be effective. I am satisfied that there was a basis, here, for giving the injunction worldwide effect,” the Judge concludes.

Google is reportedly considering its options, with an escalation to the Supreme Court a potential (but as yet unconfirmed) outcome.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Criminals When You Pirate, Criminals When You Pay

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

facepalm-featuredFor many in the Internet community the occasional download is not only a petty matter, but in some cases entirely justifiable.

File-sharers are often people who turned to unofficial sources thanks to a content vacuum created by Big Media and following abusive pricing practices that took advantage of the supply monopoly. While not excusable, their actions should hardly come as a surprise.

But despite the fact that most downloading is a civil issue that the majority of courts have little to no time for, efforts to characterize the act as ‘criminal’ and to label participants as ‘thieves’ persist. However, since Joe Public accepts that file-sharing of copyright content must be “wrong” on some level, he understands why people might be upset and grudgingly accepts the label.

Recently, however, (and perhaps in response to piracy) prices have been falling. Content is more readily available online too, brilliantly so in the case of music, less so in the case of movies. But things are getting there, there’s little doubt about that. The reasons to become a “criminal” are happily becoming fewer.

Of course, people still pirate. Some exclusively so, others to augment their legitimate supply of Spotify music and Netflix video. The first group might never pay, but the latter is getting the idea. They’re enjoying having access to tens of millions of streaming tracks and the ability to conveniently binge-watch TV. They’re signed up paying customers, a fitting “Hollywood-ending” to a pirate career.

And then they get shit on again.

Users of Netflix outside the U.S. are beginning to realize (if they haven’t known forever) that by using a VPN they can get access to more content than they can normally. They’re paying for the service, what’s wrong with that? Well, apparently something called ‘licensing’ forbids them from doing so – as if any Netflix customer anywhere gives a damn about that?

In most other environments, when one legitimately buys something from overseas – Internet services in particular – there are no issues. You pay hard cash, the supplier gets paid and everyone is happy. But with Netflix (through no fault of theirs) the proverbial hits the fan.

Paying customers who use a VPN to access the service are now regularly accused of a myriad of offenses, from breaching Netflix’s license to being morally corrupt. Worst still, and like their Pirate Bay-using counterparts, they too are being labeled as criminals by elements of the entertainment industry.

Just this week Bell Media chief Mary Ann Turcke described her own 15-year-old daughter as a “thief” after learning she’d accessed U.S. Netflix from Canada.

Her own daughter. A thief. A criminal. A menace to society. No better than someone who downloads movies for free and doesn’t pay the industry even a single dime. Come on! Is this really the route we want to go down?

What can possibly be achieved by using the same aggressive terms to describe a shoplifter, a Pirate Bay user and someone who actually pays to use a legitimate service?

Earlier this week, Andy Archibald, deputy director of the UK’s National Crime Agency’s Cyber Crime Unit, described the downloading of films, music and games as a gateway to more serious crime.

“That’s criminality. It’s almost become acceptable,” Archibald told the Infosecurity Europe conference in London.

“That’s the first stages, I believe, of a gateway into the dark side.”

Ok, stop right there. If file-sharers are thieves on their way to the dark side, then are Netflix VPN “thieves” on their way to the dark side too?

Of course not, they’re paying customers who, if people like Mary Ann Turcke is lucky, will turn a blind eye to being insulted by the very people whose pockets they are lining with money.

It has to stop now. Shoplifting = theft. Piracy = copyright infringement.

Netflix+VPN = cross-border shopping in a free market – get used to it or adapt.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Netflix Chief: Piracy Prepared Internet Users For Us

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

netflix-logoFor years the global entertainment industries have bemoaned the state of Spanish market. Rampant online piracy meant that the country was regularly described as a piracy haven and its Internet generation a bunch of common thieves.

Struggling economy aside, part of the problem in Spain (particularly on the video front) has been the lack of decent legal alternatives. Back in August 2011, rumors spread that Netflix was about to launch in the country after successes in the U.S. and Canada, but that never came to pass.

Instead, just months later Spain was told by the United States that it would end up on a trade blacklist if it didn’t reel in piracy. In the years that followed the country did what it could to comply and earlier this year ordered the blocking of The Pirate Bay.

Now, four years after its first attempt at breaking into the country, Netflix has confirmed it will launch in Spain later this year. Speaking in an interview with Spanish publication El Mundo, Netflix CEO Reed Hastings says he’s excited for the launch which he believes will be one of the company’s best so far.

“I think Spain will be one of our most successful countries. There is a high rate of Internet connectivity and a population that is accustomed to the use of electronic commerce and that has shown signs of being interested in our product. We are very optimistic,” Hastings says.

But of course, piracy is a big part of the puzzle. Tech-savvy Spaniards have a long history of using every conceivable file-sharing system to grab content, in some cases a full decade before official vendors turned up in their country. However, the Netflix CEO isn’t fazed by the piracy problem. In fact, the company probably has a lot to be grateful for.

“Well, you can call it a problem, but the truth is that [piracy] has also created a public that is now used to viewing content on the Internet,” Hastings says.

He has a point. Pirates certainly have a clearer idea of what to expect from an online service so for many the switch could be fairly seamless. However, Hastings believes that on the convenience front, Netflix could even beat the pirates at their own game.

“We offer a simpler and more immediate alternative to finding a torrent,” Hastings says.

“In Holland we had a similar situation. That too was a country with a high rate of piracy. And the same thing happened in Canada. In both countries we are a successful service.”

Somewhat refreshingly (and in contrast to the claims of most entertainment companies) Netflix isn’t scared of competing against ‘free’ either.

“We can think of this as the bottled water business. Tap water can be drunk and is free, but there is still a public that demands bottled water,” Hastings says.

Perhaps unsurprisingly, the service set to launch in Spain later this year won’t be the ‘full fat’ version consumers elsewhere (in varying degrees) are accustomed to. There will be a lot of content, but Hastings says that subscribers should expect a line up similar to that offered previously during the launch of the service in France and Germany.

“In each country we have to start with a smaller catalog and begin to expand gradually as the number of registered users grows. In the UK, for example, we now have a fairly extensive catalog of TV series and movies after three years of activity there,” Hastings explains.

“Our offering is expansive in Latin America too, but it is much easier to negotiate and acquire rights when you buy for a large subscriber base as we now have in the United States.”

Only time will tell if the arrival of Netflix will begin to turn the piracy tide in Spain. For a cash-strapped nation with high unemployment every penny counts, but at an expected eight euros per month, Netflix should be within reach of a significant number of households.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: My Daughter is a Netflix VPN Thief, Media Boss Confesses

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

sadpirateWhile the video entertainment business needs to do better, Netflix is definitely going some way to filling the online movie and TV show streaming void. Nevertheless, even when consumers put their hands in their pockets for the service, elements of the industry still find cause to complain.

The issue is one of geo-location. Essentially, users of Netflix in the United States get a more content-rich service than those accessing it from elsewhere. These restrictions are easily overcome by using a VPN service to tunnel in to the U.S. from outside but that annoys content companies no end. Licensing deals are to be respected, they argue.

Just lately critics of the phenomenon have switched from using terms such as “geo-blocking”, favoring the emotive “Netflix piracy” and “Netflix theft” instead. Yesterday another heavyweight poured more fuel on the fire and pointed the finger at her own family while doing so.

Mary Ann Turcke is the new boss of BCE Inc.’s Bell Media division in Canada. In a keynote speech to the Canadian Telecom Summit yesterday, Turcke raised the issue of Netflix but surprisingly relayed a story from within her own household, triggered by a ‘Life Pro Tip’ from her own daughter.

“Mom, did you know that you can hack into U.S. Netflix and get sooo many more shows?” Turcke’s 15-year-old-daughter revealed.

But far from mom being impressed at the ingenuity of her child, mom found her actions tantamount to theft.

“She is 15 and she was stealing,” Turcke told the Toronto audience. “Suffice to say, there is no more VPNing.”

For the teenager and probably most adults, this must be a frustrating concept to grasp. After shunning the lure of The Pirate Bay and its first-run movies on tap – for free, someone in the household has done the ‘right’ thing and bought Netflix. Yet someone, somewhere, has deemed Canadians to be unworthy of the full service and when that injustice gets addressed, mom plays the ‘thief’ card.

“It takes behavioral change and it is the people — friend to friend, parent to child, coworker to coworker — that set the cultural framework for acceptable and unacceptable behaviour,” Turcke said.

“It has to become socially unacceptable to admit to another human being that you are VPNing into U.S. Netflix. Like throwing garbage out of your car window, you just don’t do it. We have to get engaged and tell people they’re stealing.”

Despite Ms. Turcke’s enthusiasm for establishing geo-busting as a crime, Canadian law professor Michael Geist previously rejected the assertion, an opinion also shared by Ottawa intellectual property lawyer Howard Knopf.

“This is another manifestation of that good old Canadian phenomenon known as cross-border shopping in a free market,” Knopf said.

“‎Some Canadian rights owners and licensees seem to think it’s smart to limit Canadian choice and raise Canadian prices. Maybe they are being shortsighted or greedy but that’s what they try to do.”

While Turcke sees her own child as the thief, she also lays blame at the door of Netflix for not doing more to stop so-called ‘VPN pirates’.

“Digital-rights management is one of the most sophisticated and heavily negotiated relationship aspects of our deals with Hollywood,” Turcke said.

“As an industry, the players up and down the value chain can’t allow Netflix to continue doing what they’re doing, and Netflix has a choice to stop it. This is a business model decision on Netflix’s part. It’s not a technical problem.”

But while Turcke criticizes Netflix for allowing people to access what they like, the notion of providing content on customer-friendly terms is certainly not alien to the entertainment industry veteran.

“We, Bell Media, we, the industry, need to make our content more accessible. Viewers are demanding simplicity. And they will seek it out,” she said.

Noting that consumers are simply not willing to tolerate restrictions surrounding online streaming rights, ‘windowing’ and national borders, Turcke warned the audience:

“It is enough to drive anyone to the dreaded Netflix. Legally or illegally.”

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Police Shut Down Yet More ‘Pirate’ Sites in Ongoing Sweep

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

moviesWith web-blockades, domain seizures and payment processor interventions making headlines, campaigns to shut down individual sites have been less prominent than usual in the first half of 2015. But that doesn’t mean they’ve stopped.

Just last week the popular BT-Chat was shut down in Canada following pressure from the MPAA and news from Europe suggests that at least two more sites have fallen in recent days following industry action.

After a long investigation, police in Poland report that authorities swooped last week on individuals said to be part of a “criminal group” involved with the unauthorized distribution of video online, movies in particular. In an operation carried out by municipal police and officers from a regional cybercrime unit, several locations were searched including homes, offices and cars.

Three men aged between 24 and 33 years-old were arrested in Wroclaw, the largest city in western Poland. According to police, 14 computers, 13 external drives, 40 prepaid cards, several mobile phones and sundry other items were seized during the raids.

In addition to the images below, police have put together a video (mp4) of one of the targeted locations complete with a horror movie-style audio track for added impact.

pol-raid

While police have not published the names of the domains allegedly operated by the men, two leading sites have disappeared in recent days without explanation. TNTTorrent.info and Seansik.tv were the country’s 160th and 130th most popular sites overall but neither is currently operational.

The men are being blamed for industry losses of at least $1.3m and together stand accused of breaching copyright law which can carry a jail sentence of up to five years in criminal cases. For reasons that are not entirely clear, however, police are currently advising a potential three year sentence.

The latest shutdowns, which also encompass torrent site Torrent.pl, follow police action in May which closed down eKino.tv and the lesser known Litv.info, Scs.pl and Zalukaj.to. With around 324,000 likes on its Facebook page eKino.tv was by far the most popular site but it seems unlikely that it will return anytime soon. Currently displaying “THE END” on its front page, its owner was arrested last month.

arrest49Credit:Olsztyn.wm.pl

Local media is connecting the closure to the arrest of a 49-year-old businessman who had been running a company offering “Internet services” and also Poland’s largest pirate site. According to authorities he made millions of dollars from the operation and laundered money by investing in the stock exchange. Those funds have reportedly been frozen.

Also arrested were three accomplices, including a 36-year-old allegedly responsible for creating the database of movies and setting up a US company to assist with the site’s finances. They all stand accused of copyright infringement and money laundering offenses and face ten years in prison.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: MPAA Threats Shut Down Popular Torrent Site BT-Chat

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

btchat Over several years the Canada-based torrent index BT-Chat has grown to become one of the most popular among TV and movie fans.

The site was founded over a decade ago and has been running without any significant problems since. Starting a few days ago, however, the site’s fortunes turned.

Without prior warning or an official explanation the site went offline. Instead of listing the latest torrents, an ominous message appeared with a broken TV signal in the background.

“Error 791-the internet is shutdown due to copyright restrictions,” the mysterious message read.

chatdown

Initially is was unclear whether the message hinted at hosting problems or if something more serious was going on. Many of the site’s users hoped for the former but a BT-Chat insider informs TF that the site isn’t coming back anytime soon.

The site’s operators have decided to pull the plug after receiving a hand delivered letter from the Canadian MPA, which acts on behalf of its American parent organization the MPAA.

In the letter, shown below, Hollywood’s major movie studios demand that the site removes all infringing torrents.

“We are writing to demand that you take immediate steps to address the extensive copyright infringement of television programs and motion pictures that is occurring by virtue of the operation of the Internet website www.BT-Chat.com.”

MPAA-CAN

The MPAA makes its case by citing U.S. copyright law, and states that linking to unauthorized movies and TV-shows constitutes contributory copyright infringement.

Referencing the isoHunt case the movie studios explicitly note that it’s irrelevant whether or not a website actually hosts infringing material.

“It makes no difference that your website might not have infringing content on it, or only links to infringing content,” the letter says.

The threats from Hollywood have not been taken lightheartedly by the BT-Chat team. While giving up a site that they worked on for more than a decade is not easy, the alternative is even less appealing.

In the end thry decided that it would be for the best to shut the site down, instead of facing potential legal action.

And so another popular site bites the dust…

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

LWN.net: The Moose is loose: Linux-based worm turns routers into social network bots (Ars Technica)

This post was syndicated from: LWN.net and was written by: ris. Original post: at LWN.net

Ars Technica takes
a look
at the latest malware threat. “A worm that targets cable and DSL modems, home routers, and other embedded computers is turning those devices into a proxy network for launching armies of fraudulent Instagram, Twitter, and Vine accounts as well as fake accounts on other social networks. The new worm can also hijack routers’ DNS service to route requests to a malicious server, steal unencrypted social media cookies such as those used by Instagram, and then use those cookies to add “follows” to fraudulent accounts. This allows the worm to spread itself to embedded systems on the local network that use Linux-based operating systems.

The malware, dubbed “Linux/Moose” by Olivier Bilodeau and Thomas Dupuy of the security firm ESET Canada Research, exploits routers open to connections from the Internet via Telnet by performing brute-force login attempts using default or common administrative credentials. Once connected, the worm installs itself on the targeted device.”

TorrentFreak: Rightscorp Offered Internet Provider a Cut of Piracy Settlements

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

cox-logoPiracy monetization firm Rightscorp has made headlines over the past year, often because of its aggressive attempts to obtain settlements from allegedly pirating Internet users.

Working on behalf of various copyright owners including Warner Bros. and BMG the company sends copyright infringement notices to Internet providers in the U.S. and Canada. These notices include a settlement proposal, offering alleged downloaders an option to pay off their “debt.”

Rightscorp’s practices haven’t been without controversy. The company and its clients have been sued for abuse and harassment and various large ISPs refuse to forward the settlements to their subscribers.

Cox Communications, one of the larger Internet providers in the U.S. also chose not to work with Rightscorp. The ISP didn’t comment on this refusal initially, but now that Cox has been sued by several Rightscorp clients, it reveals why.

In a statement that leaves little to the imagination, Cox notes that Rightscorp is “threatening” subscribers with “extortionate” letters.

“Rightscorp is in the business of threatening Internet users on behalf of copyright owners. Rightscorp specifically threatens subscribers of ISPs with loss of their Internet service — a punishment that is not within Rightscorp’s control — unless the subscribers pay a settlement demand,” Cox writes (pdf).

As a result, the ISP decided not to participate in the controversial scheme unless Rightscorp revised the notifications and removed the extortion-like language.

“Because Rightscorp’s purported DMCA notices were, in fact, improper threats against consumers to scare them into paying settlements to Rightscorp, Cox refused to accept or forward those notices, or otherwise to participate in Rightscorp’s extortionate scheme.”

“Cox expressly and repeatedly informed Rightscorp that it would not accept Rightscorp’s improper extortion threat communications, unless and until Rightscorp revised them to be proper notices.”

The two parties went back and forth over the details and somewhere in this process Rightscorp came up with a controversial proposal. The company offered Cox a cut of the settlement money its subscribers would pay, so the ISP could also profit.

“Rightscorp had a history of interactions with Cox in which Rightscorp offered Cox a share of the settlement revenue stream in return for Cox’s cooperation in transmitting extortionate letters to Cox’s customers. Cox rebuffed Rightscorp’s approach,” Cox informs the court.

This allegation is something that was never revealed, and it shows to what great lengths Rightscorp is willing to go to get ISPs to comply. It’s not clear whether the same proposal was made to other ISPs are well, but that wouldn’t be a surprise.

Cox, however, didn’t take the bait and still refused to join the scheme. Rightscorp wasn’t happy with this decision and according to the ISP, the company and its clients are now getting back at them through the “repeat infringer” lawsuit.

“This lawsuit is, in effect, a bid both to punish Cox for not participating in Rightscorp’s scheme, and to gain leverage over Cox’s customers for the settlement shakedown business model that Plaintiffs and Rightscorp jointly employ,” Cox notes.

Despite the strong language and extortion accusations used by Cox, the revelations didn’t prevent the Court from granting copyright holders access to the personal details of 250 accused copyright infringers.

The case is just getting started though, and judging from the aggressive stance being taken by both sides we can expect a lot more dirt to come out in the months ahead.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Voltage Pictures Sued For Copyright Infringement

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

godz-smallThere are dozens of companies engaged in so-called “copyright trolling” worldwide, the majority connected with adult movie companies.

While most are generally dismissed as second-rate companies out to make a quick buck, U.S. producer Voltage Pictures has developed a reputation for making fairly decent movies and being one of the most aggressive ‘trolls’ around.

The company has targeted thousands of individuals in the United States, Canada, Europe, Asia and most recently Australia. The company has largely prevailed in these actions but a new case filed this week in the U.S. sees the company on the receiving end of procedures.

The spat concerns Voltage’s plans for a new movie. Starring Anne Hathaway and titled ‘Collosal‘, the flick sees a giant lizard-like creature stomping its way over Tokyo. It sounds an awful lot like Godzilla, recognized by Guinness World Records as the longest-running movie franchise ever. Toho, the Japanese movie studio behind the Godzilla brand, noticed the similarities too.

In a lawsuit filed yesterday in the United States District Court for the Central District of California, Toho highlights the hypocrisy of Voltage’s actions.

Describing the company as a “staunch advocate for the protection and enforcement of intellectual property rights” after filing hundreds of copyright suits involving its movies The Hurt Locker and Dallas Buyers Club, Toya says that Voltage began promoting its new movie via email at the Cannes Film Festival earlier this month.

As can be seen from the screenshot below, the email features three large photos of Godzilla, actress Anne Hathaway, and a giant robot.

voltage-godz

“Gloria is an ordinary woman who finds herself in an extraordinary circumstance. Tokyo is under attack by Godzilla and a giant robot and, for some strange reason, Gloria is the only person who can stop it,” the email reads.

Predictably Toho is upset at Voltage’s use of the Godzilla character and associated breaches of the company’s copyrights and trademarks. Only making matters worse is the fact that the image of Godzilla used by Voltage is actually taken from promotional material published by Toho to accompany the release of its 2014 movie, Godzilla.

“Godzilla is one of the most iconic fictional characters in the history of motion pictures. Toho Co., Ltd., the copyright owner of the Godzilla character and
franchise of films, brings this lawsuit because defendants are brazenly producing,
advertising, and selling an unauthorized Godzilla film of their own,” Toho begin.

“There is nothing subtle about defendants’ conduct. They are expressly informing the entertainment community that they are making a Godzilla film and are using the
Godzilla trademark and images of Toho’s protected character to generate interest in
and to obtain financing for their project,” the company continues.

“That anyone would engage in such blatant infringement of another’s intellectual property is wrong enough. That defendants, who are known for zealously protecting their own copyrights, would do so is outrageous in the extreme.”

Noting that at no stage has Voltage ever sought permission to exploit the Godzilla character, Toho says it asked Voltage to cease and desist but the company refused.

“Upon learning of Defendants’ infringing activities, Toho demanded that Defendants cease their exploitation of the Godzilla Character, but Defendants refused to do so,” Toho writes.

In response Toho filed suit and is now demanding that all profits generated by Voltage as a result of its “infringing activities” should be handed over to the Japanese company. That, or payment of $150,000 in statutory damages for each infringement of Toho’s copyrights. Trademark issues are at stake too, with Toho demanding preliminary and permanent injunctive relief against Voltage’s use of the Godzilla marks.

Being on the wrong end of a copyright infringement lawsuit will be a novel experience for Voltage Pictures.

After recently winning a case to reveal the identities of thousands of alleged pirates in Australia, the company is currently engaged in negotiations with a Federal court over how its first letters to the accused should be worded.

With a hearing scheduled for tomorrow, the studio is still experiencing resistance against what is perceived as a so-called “speculative invoicing” business model. Local ISP iiNet is providing comprehensive advice to its customers affected by Voltage’s action and is even working with a law firm prepared to provide pro-bono services.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: “Six Strikes” Anti-Piracy Scheme Is a Sham, Filmmakers Say

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

pirate-runningTo counter the ever increasing piracy threat a group of smaller movie studios launched a new coalition last month, the Internet Security Task Force (ISTF).

ISTF, which includes Voltage Pictures, Millennium, Bloom, Sierra/Affinity and FilmNation Entertainment among its members, is poised to be more aggressive than the MPAA.

Today the group unveils its first point of action. According to the group it’s time to end the voluntary “six strikes” Copyright Alert System, the voluntary anti-piracy agreement between the RIAA, MPAA and several large U.S. Internet providers.

ISTF presents data which reveals that the six strikes warnings are not getting the desired result, describing the system as a “sham”.

According to Millennium Films President Mark Gill his studio sent numerous piracy notices directed at ‘Expendables 3′ pirates under the scheme, but only a tiny fraction were forwarded by the participating ISPs.

“We’ve always known the Copyright Alert System was ineffective, as it allows people to steal six movies from us before they get an educational leaflet. But now we have the data to prove that it’s a sham,” Gill comments.

“On our film ‘Expendables 3,’ which has been illegally viewed more than 60 million times, the CAS only allowed 0.3% of our infringement notices through to their customers. The other 99.7% of the time, the notices went in the trash,” he adds.

As part of the Copyright Alert System ISPs and copyright holders have agreed to send a limited number of notices per month, so anything above this threshold is not forwarded.

ISTF’s data on the number of ‘Expendables 3′ infringements suggests that the Copyright Alerts are in fact less effective than the traditional forwarding schemes of other providers.

Cox and Charter, two ISPs who do not participate in the Copyright Alert System, saw a 25.47% decrease in reported infringements between November 2014 and January 2015. However, the ISPs who sent six strikes notices saw a 4.54% increase over the same period.

“These alarming numbers show that the CAS is little more than talking point utilized to suggest these five ISPs are doing something to combat piracy when in actuality, their customers are free to continue pirating content with absolutely no consequences,” Voltage Pictures CEO Nicolas Chartier notes.

“As for its laughable six strikes policy, would any American retailer wait for someone to rob them six times before handing them an educational leaflet? Of course not, they call the cops the first time around,” he adds.

While it’s clear that ISTF is not happy with the Copyright Alert System, they seem mistaken about how it works. Customers don’t have to be caught six times before they are warned, they get an educational notice the first time they’re caught.

The “six strikes” terminology refers to the graduated response scheme, in which customers face stronger punishments after being caught more times.

Interestingly, the filmmakers promote the Canadian notice-and-notice system as a better alternative. Since earlier this year, Canadian ISPs are obligated to forward infringement notices to their subscribers, and ISTF notes that it has been instrumental in decreasing piracy.

Since the beginning of 2015, Bell Canada has seen a 69.6% decrease in infringements and Telus (54.0%), Shaw (52.1%), TekSavvy (38.3%) and Rogers (14.9%) all noted significant reductions.

The data presented is collected by the monitoring outfit CEG TEK. This American company sends infringement notices paired with settlement requests on behalf of copyright holders, sometimes demanding hundreds of dollars from alleged pirates.

Needless to say, these threats may in part be the reason for the reported effectiveness.

In the United States, ISPs are currently not obliged to forward copyright infringement notices. Some ISPs such as Comcast do so voluntarily, but they also strip out the settlement demands.

ISTF hopes this will change in the near future and the group has sent a letter to the MPAA, RIAA and the major ISPs urging them to expire the Copyright Alert System, and switch to the Canadian model instead.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.