Posts tagged ‘Other’

Schneier on Security: Survey of Americans’ Privacy Habits Post-Snowden

This post was syndicated from: Schneier on Security and was written by: schneier. Original post: at Schneier on Security

Pew Research has a new survey on Americans’ privacy habits in a post-Snowden world.

The 87% of those who had heard at least something about the programs were asked follow-up questions about their own behaviors and privacy strategies:

34% of those who are aware of the surveillance programs (30% of all adults) have taken at least one step to hide or shield their information from the government. For instance, 17% changed their privacy settings on social media; 15% use social media less often; 15% have avoided certain apps and 13% have uninstalled apps; 14% say they speak more in person instead of communicating online or on the phone; and 13% have avoided using certain terms in online communications.

[…]

25% of those who are aware of the surveillance programs (22% of all adults) say they have changed the patterns of their own use of various technological platforms “a great deal” or “somewhat” since the Snowden revelations. For instance, 18% say they have changed the way they use email “a great deal” or “somewhat”; 17% have changed the way they use search engines; 15% say they have changed the way they use social media sites such as Twitter and Facebook; and 15% have changed the way they use their cell phones.

Also interesting are the people who have not changed their behavior because they’re afraid that it would lead to more surveillance. From pages 22-23 of the report:

Still, others said they avoid taking more advanced privacy measures because they believe that taking such measures could make them appear suspicious:

“There’s no point in inviting scrutiny if it’s not necessary.”

“I didn’t significantly change anything. It’s more like trying to avoid anything questionable, so as not to be scrutinized unnecessarily.

“[I] don’t want them misunderstanding something and investigating me.”

There’s also data about how Americans feel about government surveillance:

This survey asked the 87% of respondents who had heard about the surveillance programs: “As you have watched the developments in news stories about government monitoring programs over recent months, would you say that you have become more confident or less confident that the programs are serving the public interest?” Some 61% of them say they have become less confident the surveillance efforts are serving the public interest after they have watched news and other developments in recent months and 37% say they have become more confident the programs serve the public interest. Republicans and those leaning Republican are more likely than Democrats and those leaning Democratic to say they are losing confidence (70% vs. 55%).

Moreover, there is a striking divide among citizens over whether the courts are doing a good job balancing the needs of law enforcement and intelligence agencies with citizens’ right to privacy: 48% say courts and judges are balancing those interests, while 49% say they are not.

At the same time, the public generally believes it is acceptable for the government to monitor many others, including foreign citizens, foreign leaders, and American leaders:

  • 82% say it is acceptable to monitor communications of suspected terrorists
  • 60% believe it is acceptable to monitor the communications of American leaders.
  • 60% think it is okay to monitor the communications of foreign leaders
  • 54% say it is acceptable to monitor communications from foreign citizens

Yet, 57% say it is unacceptable for the government to monitor the communications of U.S. citizens. At the same time, majorities support monitoring of those particular individuals who use words like “explosives” and “automatic weapons” in their search engine queries (65% say that) and those who visit anti-American websites (67% say that).

[…]

Overall, 52% describe themselves as “very concerned” or “somewhat concerned” about government surveillance of Americans’ data and electronic communications, compared with 46% who describe themselves as “not very concerned” or “not at all concerned” about the surveillance.

It’s worth reading these results in detail. Overall, these numbers are consistent with a worldwide survey from December. The press is spinning this as “Most Americans’ behavior unchanged after Snowden revelations, study finds,” but I see something very different. I see a sizable percentage of Americans not only concerned about government surveillance, but actively doing something about it. “Third of Americans shield data from government.” Edward Snowden’s goal was to start a national dialog about government surveillance, and these surveys show that he has succeeded in doing exactly that.

More news.

Backblaze Blog | The Life of a Cloud Backup Company: Scary Monsters for World Backup Day 2015

This post was syndicated from: Backblaze Blog | The Life of a Cloud Backup Company and was written by: Andy Klein. Original post: at Backblaze Blog | The Life of a Cloud Backup Company

World Backup Day, the day everyone with a computer should make sure it is being backed up. Sounds great doesn’t it? The truth is we all know someone who isn’t backed up – a friend, relative, or spouse. They just refuse to back up their computer. Oh, you’ve tried. You’ve explained how easy it can be and even sent them instructions on how to back up their computer, but nothing works. They just won’t back up their computer and it drives you nuts.

Maybe you’re being too nice, maybe it’s time for “scary monsters.” We can help. Here’s a collection of scary monster facts and stories you can send to the backup laggards on your list. If you’re a Backblaze customer remember to use Refer-a-Friend to give them a free month of Backblaze to get them started.

Go ahead, scare some sense into your friends and loved ones who don’t back up. In the end they’ll thank you for it. Just click on the image next to the story of your choice, copy the URL and send it to them – they deserve it.

Cryptolocker
Cryptolocker
This malware takes your computer’s data hostage then extorts money from you to get it back. Without a backup of your data, your choices are lose your data or pay the ransom.


Cats
blog-wbd-cats
Yes, cats. It is a little known fact that cats hate your data. Well maybe they hate you working on the computer because then you’re not paying attention to them. Either way, if you have a cat, backup your computer.


Theft
blog-wbd-thief
Computers are nice targets for thieves and they really don’t care if the only copy of all your photos is on the computer they are taking or the backup USB hard drive sitting next to the computer.


67% Losers
blog-wbd-67
If a computer crashed today, an amazing 67% of users would lose at least one year of data. In other words, they haven’t backed up in at least a year. Have you done anything worth saving on your computer this past year?


Disasters
blog-wbd-disaster
Fires, floods, and other disasters can be fatal to your computer and all the disaster insurance in the world can’t recover your data if it’s not backed up. You’re on your own to recover your data from other places. Good luck.


100% Failure
blog-wbd-hard-drive
The inevitable failure rate for every hard drive ever created since hard drives were invented in 1958 is 100%. In other words all hard drives will eventually fail, you just don’t know when. So, are you feeling lucky?


The NSA
blog-wbd-nsa
Some people believe the NSA is tracking their every move. Maybe, but if your computer crashes don’t expect the NSA to have your data. We tried and if they did have something they weren’t in a sharing mood.


This World Backup Day, when it comes to getting your friends and family to back up their data don’t be afraid to bring out the scary monsters.

 

Author information

Andy Klein

Andy Klein

Andy has 20+ years experience in technology marketing. He has shared his expertise in computer security and data backup at the Federal Trade Commission, Rootstech, RSA and over 100 other events. His current passion is to get everyone to back up their data before it’s too late.

The post Scary Monsters for World Backup Day 2015 appeared first on Backblaze Blog | The Life of a Cloud Backup Company.

TorrentFreak: UK IP Chief Wants ISPs to Police Piracy Proactively

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

uk-flagMike Weatherley, a Conservative MP and Intellectual Property Adviser to UK Prime Minister David Cameron, has pushed various copyright related topics onto the political agenda since early last year.

Previously Weatherley suggested that search engines should blacklist pirate sites, kids should be educated on copyright ethics, and that persistent file-sharers should be thrown in jail.

In his latest proposal the UK MP targets information society service providers (ISSPs) including ISPs, who he believes could do more to fight piracy. The just-released 18-page report stresses that these companies have a moral obligation to tackle copyright infringement and can’t stand idly by.

The report (pdf) draws on input from various pro-copyright groups including the MPAA, BPI, and the Music Publishers Association. It offers various recommendations for the UK Government and the EU Commission to strengthen their anti-piracy policies.

One of the key points is to motivate Internet services and providers to filter content proactively. According to the report it’s feasible to “filter out infringing content” and to detect online piracy before it spreads.

The UK Government should review these systems and see what it can do to facilitate cooperation between copyright holders and Internet service providers.

“There should be an urgent review, by the UK Government, of the various applications and processes that could deliver a robust automated checking process regarding illegal activity being transmitted,” Weatherley advises.

In a related effort, Weatherley notes that Internet services should not just remove the content they’re asked to, but also police their systems to ensure that similar files are removed, permanently.

“ISSPs to be more proactive in taking down multiple copies of infringing works, not just the specific case they are notified of,” he recommends.

“This would mean ISSPs actively taking down multiple copies of the same work which are hosted on its services, not just the individual copy which is subject to the complaint. The MPA believe this principle could be extended further still to ensure that all copies of the infringing work are not just taken down…,” Weatherley explains.

This type of filtering is already used by YouTube, which takes down content based on fingerprint matches. However, the report suggests that regular broadband providers could also filter infringing content.

Concluding, Weatherley admits that it’s all too easy to simply demand that ISPs take the role of policemen, but at the same time he stresses that they have a “moral responsibility” to do more.

The UK MP presents an analogy of a landlord whose property is used for illegal activities. The landlord cannot be held liable for these activities, but he may have to take action if a third-party reports it.

“If the landlord is told that the garage is being used for illegal activity, and that this information is from a totally reliable source, then does the landlord have a moral obligation to report it?”

“I would argue that it is the duty of every citizen or company to do what they can to stop illegal activity and therefore the answer is, yes, the landlord should report the activity,” Weatherley notes.

Weatherley also believes that protecting the rights of copyright holders has priority over a “no monitoring” principle that would ensure users’ privacy. That is, if the monitoring is done right.

“There is also the question as to whether society will want to have their private activities monitored (even if automatically and entirely confidentially) and whether the trade off to a safer, fairer internet is a price worth paying to clamp down on internet illegal activity. My ‘vote’ would be “yes” if via an independent body …”

Overall, the recommendations will be welcomed by the industry groups who provided input. The report is not expected to translate directly into legislation, but they will be carefully weighed by the UK Government and the EU Commission when taking future decisions.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Nintendo Nukes Fan-Made Super Mario 64 HD Browser Game

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

mario64While 3D games had been around for a couple of decades prior to its release, the launch of Super Mario 64 alongside Nintendo’s then flagship console N64 in 1996 was a gaming moment to behold.

Coupled with its revolutionary controller, the N64’s hardware placed flesh on Mario’s traditional 2D bones, bringing the iconic character into the 3D world in a way no other game had previously managed.

Little wonder then that the gaming media was filled with delight late last week when news broke that the game’s most iconic level had been recreated by developer Roystan Ross.

Not only had Bob-Omb Battlefield been brought back to life in full HD, but also via the Unity Engine meaning that players were given the first ever chance to play the game via a web browser – a black magic achievement by 1996 standards.

But just as dozens of stories were heralding the return of the king, Nintendo has gatecrashed the party and shut down the fun.

In a complaint sent by Nintendo of America via attorneys at the Miller Nash Graham & Dunn LLP lawfirm, the game company has ordered CDN outfit Cloudflare to disable access to the site hosting the popular browser version of the game.

“The copyrighted work at issue is Nintendo’s Super Mario 64 video game (U.S. Copyright Reg. No. PA0000788138), including but not limited to the audiovisual work, computer program, music, and fictional character depictions,” the company told Cloudflare.

“The web site at http://mario64-erik.u85.net/Web.html displays, and allows users to play, an electronic game that makes unauthorized use of copyright-protected features of Nintendo’s Super Mario 64 video game. Nintendo requests that CloudFlare, Inc. immediately disable public access to http://mario64-erik.u85.net/Web.html.”

In an email to the person operating the server (not Ross himself), Cloudflare said that it had revealed the name of the actual host to Nintendo’s lawyers and forwarded the complaint to the host itself.

“We have provided the name of your hosting provider to the reporter. Additionally, we have forwarded this complaint to your hosting provider as well,” Cloudflare advised.

The complaint from Nintendo was enough to take the browser version immediately offline.

“Thank you for forwarding the request to me. I was hosting this work for a good friend who is an avid fan, and built the project from scratch as a tech demo. As mentioned on the original blog post, and noted in various big name media press, there is no intention to monetize this, ever,” the hoster told Cloudflare.

“All back-end properties hosting the original files have been updated and files removed. I trust that the issue is fully rectified.”

But while the browser edition is now well and truly offline following Cloudflare’s intervention, the desktop versions remain available hosted by Mediafire and with mirrors provided by Microsoft.

Whether they’re next on the takedown list remains to be seen but Nintendo’s actions thus far will be viewed as a real loss by gaming fans around the world. The release of a browser version of a single level of this iconic game was a real achievement and consigning it to history a crying shame.

That being said, it seems more than likely that replacements won’t be far away.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Filmmakers Demand Cash From Popcorn Time Pirates

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

popcorntAfter suing hundreds of alleged downloaders in the United States, the makers of Dallas Buyers Club expanded their legal campaign to Europe late last year.

The first cases were brought in Denmark, with anti-piracy lawfirm Maqs demanding fines of roughly 250 euros per infringement.

After collecting several successful payments the scheme is now getting traction locally, especially following reports that Popcorn Time has become more popular than Netflix.

“You could say that the ‘Dallas Buyers Club’ letters have been a success in the number of inquiries that have come in,” Maqs’ lawyer Jeppe Brogaard Clausen told DR, noting that new letters are still being sent out for Dallas Buyers Club.

One of the filmmakers interested in the “speculative invoicing” scheme is Danish producer Ronnie Fridthjof. Together with other industry players he’s determined to go after Popcorn Time users.

“I had hoped that politicians and the police would take care of such matters, but unfortunately that hasn’t happened. When my business is threatened, I am more or less forced to do something,” Fridthjof tells TV2.

While Popcorn Time is specifically mentioned as a target, the action will affect regular BitTorrent users as well. After all, Popcorn Time streams films by connecting to regular torrent swarms.

The new fines are expected to be sent out this summer. The first ones will be around 1,000 to 2,000 Danish krone ($150 to $300), and will increase if recipients fail to respond. As a last resort the filmmakers are considering whether to take alleged pirates to court.

According to some users streaming films via Popcorn Time is seen as something in a legal gray area. Fridthjof, however, has no doubt that it’s against the law.

“It is absolutely crazy that people believe it is legal. It is in no way! It is comparable buying and selling counterfeit goods right next to an official store,” he says.

Similarly, the filmmaker doesn’t buy the excuse that people use Popcorn Time because the legal services don’t have the latest films. That doesn’t justify grabbing something for free, he says.

“We must be able to choose which business model we want, and it must not be guided by unlawful acts. We will not make a business model that competes with free content,” he says.

Legal threats against Popcorn Time users are not new. In the U.S. lawsuits against BitTorrent pirates are quite common, and in Germany Popcorn Time related ‘fines’ have also been issued.

Responding to these developments, various Popcorn Time variants have warned their users over possible legal repercussions and have started offering anonymizing options. Both popcorntime.io and popcorn-time.se now have built-in VPN support.

For now there are still many people using Popcorn Time without anonymizing services, so there will still be plenty of people to fine.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Raspberry Pi: The Young Innovators’ Club in Ulaanbaatar

This post was syndicated from: Raspberry Pi and was written by: Helen Lynn. Original post: at Raspberry Pi

The Young Innovators’ Club is a new initiative to promote engineering and tech education for school-aged children in Mongolia. It’s currently piloting a Raspberry Pi-based after-school club in Mongolia’s capital, Ulaanbaatar, with support from the National Information Technology Park, where activities take place:

Blinky lights
Girl with Pi
Student breadboarding
Students collaborate

Scratch and Python are on the menu, and electronics features prominently, with students using Raspberry Pis to control LEDs, sensors, motors and cameras. Club Coordinator Tseren-Onolt Ishdorj says,

So far the result of the club is very exciting because parents and children are very much interested in the club’s activity and they are having so much fun to be part of the club – trying every kind of projects and spending their spare time happily.

The idea of introducing Raspberry Pi-based after-school clubs was originally put forward by Enkhbold Zandaakhuu, Chairman of the Mongolian Parliament and himself an engineer by training; a group of interested individuals picked up the idea and established the Club in late 2014, and it has since attracted the interest of peak-time Mongolian TV news and other local media. The Club plans to establish After-School Clubs for Inventors and Innovators (ASCII) across the country with the help of schools, parents and other organisations and individuals; this would involve about 600-700 schools, and include training for over 600 teachers. They’re hopeful of opening a couple of dozen of these this year.

We’re quite excited about this at Raspberry Pi. It was lovely to see our Raspberry Jams map recently showing upcoming events on every continent except for Antarctica (where there are Pis, even if not, as far as we know, any Jams), but nonetheless there’s a displeasing Pi gap across central Asia and Russia:

Jams everywhere

Raspberry Jams on every continent except Antarctica (yes, really: the one that seems to be on the south coast of Spain is actually in Morocco)

It’s fantastic to know, then, that school students are learning with Raspberry Pis in Ulaanbaatar. We’ll be keeping up with developments at the Young Innovators’ Club on their Facebook page, where you can find lots of great photos and videos of the students’ work – we hope you’ll take a look, too.

Breadboard robot
Pi and breadboard
Lego robot

Backblaze Blog | The Life of a Cloud Backup Company: The Complete Guide to Computer Backup

This post was syndicated from: Backblaze Blog | The Life of a Cloud Backup Company and was written by: Andy Klein. Original post: at Backblaze Blog | The Life of a Cloud Backup Company

Backup Resource Center

“How do I backup my computer?” That should be an easy question to answer, but if you’ve spent any time at all searching online you know that a simple query produces a myriad of results that are often confusing, incomplete, and in the end are not very helpful.

What would be great is a single place that addresses all of the available backup options for your computer, your smartphone and your iPad/tablet. The information there would be unbiased, easy-to-understand, and give you the ability to create a backup plan that fits you. Yes, that would nice.

That’s why today we are introducing the Complete Guide to Computer Backup Resource Center. The center consists of multiple sections each covering the topics needed to create and implement a backup plan that fits your devices and your data. Each section is designed to help the backup newbie as well as the seasoned computer pro to safely and efficiently backup their data.

Below, you’ll find a quick overview of each of the sections of the Backup Resource Center.

Getting Started with Data Backup

If you are new to data backup, you can begin with the Computer Backup Guide. This introductory guide starts by answering, “what is a computer backup”, and looks at different backup options like drive cloning, external hard drives and online backup.

Computer Backup Options

If you’re ready to dig a little deeper then the next step is to read the Backup Options Guide, which details the pros/cons of each type of backup product option available, ranging from CD/DVDs to cloud based services.

How to Backup Guides for Mac and Windows

Once you are comfortable with your options the next step is to implement a backup system. We have specific guides for how to backup your Mac and how to backup your Windows PC. These are hands on instructions for specific tasks like setting up Time Machine, cloning a hard drive, and using Windows Backup and Restore functions.

Mobile Device Backup Options

Of course in this day and age no backup guide would be complete without exploring your options for backing up your iPhone, iPad, and Android devices. The Mobile Device Backup Options does just that. Digging into the various Apple and Google systems for backup as well as third party and manufacturer options.

Online Storage vs. Online Backup

Lastly a lot of people are confused about the differences between online storage and online backup. Although on the surface the services have many similarities, the ideal use cases are in fact very different. In this guide we delve into what makes each service different and when it is best to use one or other or both in conjunction.

Final Thoughts

In the Computer Backup Resource Center you will find everything you need to easily setup your own backup plan. Without a backup plan, a hard drive failure or a stolen or lost computer or smartphone can mean the loss of years of irreplaceable digital memories. Now there is a comprehensive collection of backup options in one place. Take you a few minutes, read through the guides, and get backed up before you wish you had.

 

Author information

Andy Klein

Andy Klein

Andy has 20+ years experience in technology marketing. He has shared his expertise in computer security and data backup at the Federal Trade Commission, Rootstech, RSA and over 100 other events. His current passion is to get everyone to back up their data before it’s too late.

The post The Complete Guide to Computer Backup appeared first on Backblaze Blog | The Life of a Cloud Backup Company.

Linux How-Tos and Linux Tutorials: How to Use the Linux Command Line: Basics of CLI

This post was syndicated from: Linux How-Tos and Linux Tutorials and was written by: Swapnil Bhartiya. Original post: at Linux How-Tos and Linux Tutorials

terminal window

One shell to rule them all, one shell to find them, one shell to bring them all and in the same distro bind them.

Command line is one of the many strengths of Linux based systems. Why is it a strength? There is no one answer; there are many answers. I agree that the graphical user interface (GUI) makes it easier for a user to interact with their system and that’s what new users may need to get started with Linux; that’s what I needed when I was starting off with Linux back in 2005. But as I matured as a user I found CLI (command line interface) was more efficient than fiddling with the buttons of a tool.

CLI also allows users to be independent of distros. Just look at the derivates of Ubuntu, even if they use the same code-base they have different tools to do the same job. Different desktop environments on the same distro need different ways to perform the same task. A user has to un-learn and then re-learn the process of doing the same thing while they hop between distros. Furthermore if we move between Fedora, openSUSE and Arch, it becomes even more complicated.

But once you understand that in Debian-based systems apt-get or dpkg are the commands that you need to manage software, life becomes easy. Then it desn’t matter whether you are on Ubuntu or Lubuntu.

When I was dependent on a GUI, I used to get worried whether that particular distro has that feature or not – it was all about certain features being exposed or hidden through the GUI. One simple example is that Gnome’s Nautilus doesn’t allow batch rename of files where as KDE’s Dolphin does. As a result the user of x distro or DE hesitates in trying out other projects fearing they won’t find the same tools. A Gnome user doesn’t have to sacrifice such a useful function, thanks to the command line.

But that’s not all command line does. It also saves system resources which are consumed by GUIs. So if you are on a slower system, you are better off with the command line than GUI.

People tend to think command line is difficult; it’s not. It’s more or less like SMSing to your PC, telling it what to do.

So without further ado let’s learn some basics of command line.

Get the shell

Shell is basically a program that turns the ‘text’ that you type into commands/orders for your computer to perform. As such there is a set structure of commands; different OSes may use a different structure to perform the same task.

There are many Shells available for Linux, but the most popular is Bash (Bourne-Again shell) which was written by the GNU Project. Another more modern shell with more features is ‘zsh’ which you can install for your distribution (we will talk about shells in a later article).

If you are using a desktop environment then you need a terminal emulator to emulate the terminal within that interface. Different distros come with their own terminal emulators: KDE comes with Konsole and Gnome comes with Gnome Terminal.

Basics Commands

When you open a terminal emulator, by default you are in the home directory of the logged in user. You will see the name of the logged in user followed by the hostname. $ means you are logged in as a regular user, whereas # means you are logged in as root.

Unless you are performing administrative tasks or working inside root directories never work as root as it will change the permissions of all directories and files you worked on, making root the user of those directories and their content.

You can list all directories and files inside the current directory by using the ls command.

[swapnil@swaparch ~]$ ls
Desktop Documents Downloads Music Pictures Public Templates Videos

Moving around

To change to any directory, use the cd command. You can also use the ‘Tab’ key which will auto completes the path. Use forward slash to enter directories. So if I want to change directory to ‘Downloads’ which is inside my home folder, we run cd and then give the path. In this case ‘swapnil’ is the username. You need to type your username:

Documents/ Downloads/
[swapnil@swaparch ~]$ cd /home/swapnil/Downloads/
[swapnil@swaparch Downloads]$

As you can see in the third line, ‘Downloads’ directory has moved inside the square brackets, which denotes that currently we are inside this directory. I can see all subdirectories and files inside Downloads directory by running the ls command.

You don’t have to give the complete path if you want to move inside the sub-directory of the current directory. Let’s say we want to move inside the ‘Test’ directory within the current ‘Downloads’ directory. Just type cd and the directory name, in this case it’s ‘Test’, without any slash.

[swapnil@swaparch Downloads]$ cd Test

If you want to change to another directory just follow the same pattern: cd PATH_OF_DIRECTORY . If you want to move one step back in the directory then use cd . . /. To go back two directories use cd . . /. . /and so on.

But if you want to get out of the current directory and go back to home, simply type cd.

Seeing is believing

You don’t have to change directory to see its content. You can use the ls command in following manner:

ls /PATH_OF_DIRECTORY

Example:

[swapnil@swaparch ~]$ ls /home/swapnil/Downloads/Test/

There is no place to hide

To see hidden directories and files use -a option with the ls command.

[swapnil@swaparch ~]$ ls -a /home/swapnil/Downloads/Test/

Size does matter

In order to see the size of directories and files you can use -l option with the ls command. It will also tell the permissions of the files and directories, their owners and the time/date of modification:

[swapnil@swaparch ~]$ ls -l /home/swapnil/Downloads/Test/
total 4
drwxr-xr-x 2 swapnil users 4096 Mar 26 11:55 Test_2

The command gave us the file size in a form hard to understand. If you want to get the file size in human readable format then use ls -lh command:

[swapnil@swaparch ~]$ ls -lh /home/swapnil/Downloads/Test/
total 4.0K
drwxr-xr-x 2 swapnil users 4.0K Mar 26 11:55 Test_2

If you want to get a simple list of all the directories and files inside a location, without extra info such as file size, etc., use ls -R command. This command will give a very long output (depending on how many files are there) as directory trees.

Let’s create some directories

If you want to create new directories the command is mkdir. By default the directory will be created in the current directory. So give the complete path of the location where you want the directory to be created:

mkdir /path-of-the-parent-directory/name-of-the-new-directory

So if I want to create a directory ‘distros’ inside the ‘Downloads’ directory, then this is the command I will run:

[swapnil@swaparch ~]$ mkdir /home/swapnil/Downloads/distros

If you want to create a sub-directory inside a new directory then use ‘-p’ option with ‘mkdir’. I am going to create a directory called ‘distro’ along with a sub-directory called ‘opensuse’ inside it. If I run the mkdir command with ‘/distro/opensuse’ as the path, it will throw an error that the directory ‘distro’ doesn’t exist. That’s when the option ‘p’ comes at play and creates all the directories in the given path:

mkdir -p /home/swapnil/Downloads/distros/opensuse

This command will create new directory ‘distros’ and sub-directory ‘opensuse’ inside it.

And now let’s delete them

If you want to delete any file or directory the command is ‘rm’ (for files) and ‘rm -r’ (for directories). You need to be very careful with this command because if you fail to give the correct path of the file or directory then it will remove everything from the current directory and you may lose precious data. The command is simple:

rm /path-of-the-directory-or-file

If I want to remove the opensuse directory, the command would be:

rm -r /home/swapnil/Downloads/distros/opensuse/

However, if you want to delete all the content of a directory without deleting the directory itself use the ‘*’ wildcard with a slash. Let’s say I want to delete all the content of opensuse directory:

rm /home/swapnil/Downloads/distros/opensuse/*

If there are sub-directories inside, for example, opensuse directory then you will need that ‘-r’ option to also delete the sub-directories:

rm -r /home/swapnil/Downloads/distros/opensuse/*

That’s all for today. This article will make you pretty comfortable with the command line. In the next article we will take you to the next level of managing your system via CLI.

Till then, cd bye

SANS Internet Storm Center, InfoCON: green: YARA Rules For Shellcode, (Mon, Mar 30th)

This post was syndicated from: SANS Internet Storm Center, InfoCON: green and was written by: SANS Internet Storm Center, InfoCON: green. Original post: at SANS Internet Storm Center, InfoCON: green

I had a guest diary entry about my XORSearch tool using shellcode detection rules from Frank Boldewins OfficeMalScanner. To detect malicious documents, Frank coded rules to detect shellcode and other indicators of executable code inside documents.

I also translated Franks detection rules to YARA rules. You can find them here, the file is maldoc.yara.

This is an example:

rule maldoc_API_hashing{    meta:        author = Didier Stevens (https://DidierStevens.com)    strings:        $a1 = {AC 84 C0 74 07 C1 CF 0D 01 C7 EB F4 81 FF}        $a2 = {AC 84 C0 74 07 C1 CF 07 01 C7 EB F4 81 FF}    condition:        any of them}

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

TorrentFreak: KickassTorrents Celebrates ‘Happy Torrents Day’

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

HTDWith millions of unique visitors per day KickassTorrents (KAT) has become the most-used torrent site on the Internet, beating even The Pirate Bay.

The site also has a very active community of torrent aficionados from all over the world. On March 30th the site staff and its members come together to celebrate their beloved pastime on “Happy Torrents Day.”

The event was started by KAT administrator Mr. Pink. Initially it was a small celebration but over the years it has turned into a recurring tradition with many thousands of people participating.

TF spoke with Mr. Pink who notes that Torrents Day is a celebration of file-sharing. With the news being dominated by lawsuits, domain name trouble and torrent takedowns, this day is focuses of the positive.

“The main purpose is to get everybody to believe that what we do is worth fighting for. Everybody is equal. Yes it started on Kickass with us but it’s not about us. It’s about every person that believes in file sharing,” Mr. Pink says.

In recent weeks a lot of torrents have disappeared from the site as a result of an increase in DMCA takedown notices. The idea behind Torrent Day is to get people focused on something positive again.

“The DMCA is clamping down on us hard lately. And it’s becoming tougher so we need to give the userbase something to believe in,” Mr. Pink notes.

In celebration of the festive day several challenges and initiatives have been launched. A Happy Torrents Day album has been released for example, as well as the first issue of KAT’s official magazine “The KATalyst.”

happy-torrents-day

Besides KAT, Torrents Day is spreading to other sites as well. ExtraTorrent, another large community, previously joined in and is expected to do the same again this year.

If everything goes according to plan Torrents Day 2015 is expected to drive a lot of traffic to the site and perhaps set several new records.

“The support from other sites and the KAT team has been amazing,” Mr. Pink says. “We expect the site’s traffic and upload records to be broken today. We have a few ideas up our sleeves to make that happen.”

Records or not, judging from the activity on KAT’s website there’s definitely plenty of interest. So to all those who are celebrating: Happy Torrents Day!

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Schneier on Security: Brute-Forcing iPhone PINs

This post was syndicated from: Schneier on Security and was written by: schneier. Original post: at Schneier on Security

This is a clever attack, using a black box that attaches to the iPhone via USB:

As you know, an iPhone keeps a count of how many wrong PINs have been entered, in case you have turned on the Erase Data option on the Settings | Touch ID & Passcode screen.

That’s a highly-recommended option, because it wipes your device after 10 passcode mistakes.

Even if you only set a 4-digit PIN, that gives a crook who steals your phone just a 10 in 10,000 chance, or 0.1%, of guessing your unlock code in time.

But this Black Box has a trick up its cable.

Apparently, the device uses a light sensor to work out, from the change in screen intensity, when it has got the right PIN.

In other words, it also knows when it gets the PIN wrong, as it will most of the time, so it can kill the power to your iPhone when that happens.

And the power-down happens quickly enough (it seems you need to open up the iPhone and bypass the battery so you can power the device entirely via the USB cable) that your iPhone doesn’t have time to subtract one from the “PIN guesses remaining” counter stored on the device.

Because every set of wrong guesses requires a reboot, the process takes about five days. Still, a very clever attack.

More details.

lcamtuf's blog: On journeys

This post was syndicated from: lcamtuf's blog and was written by: Michal Zalewski. Original post: at lcamtuf's blog

- 1 -

Poland is an ancient country whose history is deeply intertwined with that of the western civilization. In its glory days, the Polish-Lithuanian Commonwealth sprawled across vast expanses of land in central Europe, from Black Sea to Baltic Sea. But over the past two centuries, it suffered a series of military defeats and political partitions at the hands of its closest neighbors: Russia, Austria, Prussia, and – later – Germany.

After more than a hundred years of foreign rule, Poland re-emerged as an independent state in 1918, only to face the armies of Nazi Germany at the onset of World War II. With Poland’s European allies reneging on their earlier military guarantees, the fierce fighting left the country in ruins. Some six million people have died within its borders – more than ten times the death toll in France or in the UK. Warsaw was reduced to a sea of rubble, with perhaps one in ten buildings still standing by the end of the war.

With the collapse of the Third Reich, the attendees of the Yalta Conference decided the new order of the post-war Europe. At Stalin’s behest, Poland and its neighboring countries were placed under Soviet political and military control, forming what has become known as the Eastern Bloc.

Over the next several decades, the Soviet satellite states experienced widespread repression and economic decline. But weakened by the expense of the Cold War, the communist chokehold on the region eventually began to weaken. In Poland, the introduction of martial law in 1981 could not put an end to sweeping labor unrest. Narrowly dodging the specter of Soviet intervention, the country regained its independence in 1989 and elected its first democratic government; many other Eastern Bloc countries soon followed suit.

Ever since then, Poland has enjoyed a period of unprecedented growth and has emerged as one of the more robust capitalist democracies in the region. In just two decades, it shed many of its backwardly, state-run heavy industries and adopted a modern, service-oriented economy. But the effects of the devastating war and the lost decades under communist rule still linger on – whether you look at the country’s infrastructure, at its socrealist cityscapes, at its political traditions, or at the depressingly low median wage.

When thinking about the American involvement in the Cold War, people around the world may recall Vietnam, Bay of Pigs, or the proxy wars fought in the Middle East. But in Poland and many of its neighboring states, the picture you remember the most is the fall of the Berlin Wall.

- 2 -

I was born in Warsaw in the winter of 1981, just in time for the proclamation of martial law, with armored vehicles rolling onto Polish streets. My mother, like many of her generation, moved to the capital in the sixties as a part of an effort to rebuild and repopulate the war-torn city. My grandma would tell eerie stories of Germans and Soviets marching through their home village somewhere in the west. I liked listening to the stories; almost every family in Poland had some to tell.

I did not get to know my father. I knew his name; he was a noted cinematographer who worked on big-ticket productions back in the day. He left my mother when I was very young and never showed interest in staying in touch. He had a wife and other children, so it might have been that.

Compared to him, mom hasn’t done well for herself. We ended up in social housing in one of the worst parts of the city, on the right bank of the Vistula river. My early memories from school are that of classmates sniffing glue from crumpled grocery bags. I remember my family waiting in lines for rationed toilet paper and meat. As a kid, you don’t think about it much.

The fall of communism came suddenly. I have a memory of grandma listening to broadcasts from Radio Free Europe, but I did not understand what they were all about. I remember my family cheering one afternoon, transfixed to a black-and-white TV screen. I recall my Russian language class morphing into English; I had my first taste of bananas and grapefruits. There is the image of the monument of Feliks Dzierżyński coming down. I remember being able to go to a better school on the other side of Warsaw – and getting mugged many times on the way.

The transformation brought great wealth to some, but many others have struggled to find their place in the fledgling and sometimes ruthless capitalist economy. Well-educated and well read, my mom ended up in the latter pack, at times barely making ends meet. I think she was in part a victim of circumstance, and in part a slave to way of thinking that did not permit the possibility of taking chances or pursuing happiness.

- 3 -

Mother always frowned upon popular culture, seeing it as unworthy of an educated mind. For a time, she insisted that I only listen to classical music. She angrily shunned video games, comic books, and cartoons. I think she perceived technology as trivia; the only field of science she held in high regard was abstract mathematics, perhaps for its detachment from the mundane world. She hoped that I would learn Latin, a language she could read and write; that I would practice drawing and painting; or that I would read more of the classics of modernist literature.

Of course, I did almost none of that. I hid my grunge rock tapes between Tchaikovsky, listened to the radio under the sheets, and watched the reruns of The A-Team while waiting for her to come back from work. I liked electronics and chemistry a lot more than math. And when I laid my hands on my first computer – an 8-bit relic of British engineering from 1982 – I soon knew that these machines, in their incredible complexity and flexibility, were what I wanted to spend my time on.

I suspected I could be a competent programmer, but never had enough faith in my skill. Yet, in learning about computers, I realized that I had a knack for understanding complex systems and poking holes in how they work. With a couple of friends, we joined the nascent information security community in Europe, comparing notes on mailing lists. Before long, we were taking on serious consulting projects for banks and the government – usually on weekends and after school, but sometimes skipping a class or two. Well, sometimes more than that.

All of the sudden, I was facing an odd choice. I could stop, stay in school and try to get a degree – going back every night to a cramped apartment, my mom sleeping on a folding bed in the kitchen, my personal space limited to a bare futon and a tiny desk. Or, I could seize the moment and try to make it on my own, without hoping that one day, my family would be able to give me a head start.

I moved out, dropped out of school, and took on a full-time job. It paid somewhere around $12,000 a year – a pittance anywhere west of the border, but a solid wage in Poland even today. Not much later, I was making two times as much, about the upper end of what one could hope for in this line of work. I promised myself to keep taking courses after hours, but I wasn’t good at sticking to the plan. I moved in with my girlfriend, and at the age of 19, I felt for the first time that things were going to be all right.

- 4 -

Growing up in Europe, you get used to the barrage of low-brow swipes taken at the United States. Your local news will never pass up the opportunity to snicker about the advances of creationism somewhere in Kentucky. You can stay tuned for a panel of experts telling you about the vastly inferior schools, the medieval justice system, and the striking social inequality on the other side of the pond. But deep down inside, no matter how smug the critics are, or how seemingly convincing their arguments, the American culture still draws you in.

My moment of truth came in the summer of 2000. A company from Boston asked me if I’d like to talk about a position on their research team; I looked at the five-digit figure and could not believe my luck. Moving to the US was an unreasonable risk for a kid who could barely speak English and had no safety net to fall back to. But that did not matter: I knew I had no prospects of financial independence in Poland – and besides, I simply needed to experience the New World through my own eyes.

Of course, even with a job offer in hand, getting into the United States is not an easy task. An engineering degree and a willing employer opens up a straightforward path; it is simple enough that some companies would abuse the process to source cheap labor for menial, low-level jobs. With a visa tied to the petitioning company, such captive employees could not seek better wages or more rewarding work.

But without a degree, the options shrink drastically. For me, the only route would be a seldom-granted visa reserved for extraordinary skill – meant for the recipients of the Nobel Prize and other folks who truly stand out in their field of expertise. The attorneys looked over my publication record, citations, and the supporting letters from other well-known people in the field. Especially given my age, they thought we had a good shot. A few stressful months later, it turned out that they were right.

On the week of my twentieth birthday, I packed two suitcases and boarded a plane to Boston. My girlfriend joined me, miraculously securing a scholarship at a local university to continue her physics degree; her father helped her with some of the costs. We had no idea what we were doing; we had perhaps few hundred bucks on us, enough to get us through the first couple of days. Four thousand miles away from our place of birth, we were starting a brand new life.

- 5 -

The cultural shock gets you, but not in the sense you imagine. You expect big contrasts, a single eye-opening day to remember for the rest of your life. But driving down a highway in the middle of a New England winter, I couldn’t believe how ordinary the world looked: just trees, boxy buildings, and pavements blanketed with dirty snow.

Instead of a moment of awe, you drown in a sea of small, inconsequential things, draining your energy and making you feel helpless and lost. It’s how you turn on the shower; it’s where you can find a grocery store; it’s what they meant by that incessant “paper or plastic” question at the checkout line. It’s how you get a mailbox key, how you make international calls, it’s how you pay your bills with a check. It’s the rules at the roundabout, it’s your social security number, it’s picking the right toll lane, it’s getting your laundry done. It’s setting up a dial-up account and finding the food you like in the sea of unfamiliar brands. It’s doing all this without Google Maps or a Facebook group to connect with other expats nearby.

The other thing you don’t expect is losing touch with your old friends; you can call or e-mail them every day, but your social frames of reference begin to drift apart, leaving less and less to talk about. The acquaintances you make in the office will probably never replace the the folks you grew up with. We managed, but we weren’t prepared for that.

- 6 -

In the summer, we had friends from Poland staying over for a couple of weeks. By the end of their trip, they asked to visit New York City one more time; we liked the Big Apple, so we took them on a familiar ride down I-90. One of them went to see the top of World Trade Center; the rest of us just walked around, grabbing something to eat before we all headed back. A few days later, we were all standing in front of a TV, watching September 11 unfold in real time.

We felt horror and outrage. But when we roamed the unsettlingly quiet streets of Boston, greeted by flags and cardboard signs urging American drivers to honk, we understood that we were strangers a long way from home – and that our future in this country hanged in the balance more than we would have thought.

Permanent residency is a status that gives a foreigner the right to live in the US and do almost anything they please – change jobs, start a business, or live off one’s savings all the same. For many immigrants, the pursuit of this privilege can take a decade or more; for some others, it stays forever out of reach, forcing them to abandon the country in a matter of days as their visas expire. With my O-1 visa, I always counted myself among the lucky ones. Sure, it tied me to an employer, but I figured that sorting it out wouldn’t be a big deal.

That proved to be a mistake. In the wake of 9/11, an agency known as Immigration and Naturalization Services has been dismantled and replaced by a division within the Department of Homeland Security. My own seemingly straightforward immigration petition ended up somewhere in the bureaucratic vacuum that formed in between the two administrative bodies. I waited patiently, watching the deepening market slump, and seeing my employer’s prospects get dimmer and dimmer every month. I was ready for the inevitable, with other offers in hand, prepared to make my move, perhaps the very first moment I could. But the paperwork just would not come through. With the Boston office finally shutting down, we packed our bags and booked flights. We faced the painful admission that for three years, we chased nothing but a pipe dream. The only thing we had to show for it were two adopted cats, now sitting frightened somewhere in the cargo hold.

The now-worthless approval came through two months later; the lawyers, cheerful as ever, were happy to send me a scan. The hollowed-out remnants of my former employer were eventually bought by Symantec – the very place from where I had my backup offer in hand.

- 7 -

In a way, Europe’s obsession with America’s flaws made it easier to come home without ever explaining how our adventure really played out. When asked, I could just wing it: a mention of the death penalty or permissive gun laws would always get you a knowing nod, allowing the conversation to move on.

Playing to other people’s preconceptions takes little effort; lying to yourself calls for more skill. It doesn’t help that when you come back after three years away from home, you notice all the small things you simply used to tune out. The dilapidated road from the airport; the drab buildings on the other side of the river; the uneven pavements littered with dog poop; the dirty walls at my mother’s place, with barely any space to turn. You can live with it, of course – but it’s a reminder that you settled for less, and it’s a sensation that follows you every step of the way.

But more than the sights, I couldn’t forgive myself something else: that I was coming back home with just loose change in my pocket. There are some things that a failed communist state won’t teach you, and personal finance is one of them; I always looked at money just as a reward for work, something you get to spend to brighten your day. The indulgences were never extravagant: perhaps I would take the cab more often, or have take-out every day. But no matter how much I made, I kept living paycheck-to-paycheck – the only way I knew, the way our family always did.

- 8 -

With a three-year stint in the US on your resume, you don’t have a hard time finding a job in Poland. You face the music in a different way. I ended up with a salary around a fourth of what I used to make in Massachusetts, but I simply decided not to think about it much. I wanted to settle down, work on interesting projects, marry my girlfriend, have a child. I started doing consulting work whenever I could, setting almost all the proceeds aside.

After four years with T-Mobile in Poland, I had enough saved to get us through a year or so – and in a way, it changed the way I looked at my work. Being able to take on ambitious challenges and learn new things started to matter more than jumping ships for a modest salary bump. Burned by the folly of pursuing riches in a foreign land, I put a premium on boring professional growth.

Comically, all this introspection made me realize that from where I stood, I had almost nowhere left to go. Sure, Poland had telcos, refineries, banks – but they all consumed the technologies developed elsewhere, shipped here in a shrink-wrapped box; as far as their IT went, you could hardly tell the companies apart. To be a part of the cutting edge, you had to pack your bags, book a flight, and take a jump into the unknown. I sure as heck wasn’t ready for that again.

And then, out of the blue, Google swooped in with an offer to work for them from the comfort of my home, dialing in for a videoconference every now and then. The pay was about the same, but I had no second thoughts. I didn’t say it out loud, but deep down inside, I already knew what needed to happen next.

- 9 -

We moved back to the US in 2009, two years after taking the job, already on the hook for a good chunk of Google’s product security and with the comfort of knowing where we stood. In a sense, my motive was petty: you could call it a desire to vindicate a failed adolescent dream. But in many other ways, I have grown fond of the country that shunned us before; and I wanted our children to grow up without ever having to face the tough choices I had to make in my life.

This time, we knew exactly what to do: a quick stop at a grocery store on a way from the airport, followed by e-mail to our immigration folks to get the green card paperwork out the door. Half a decade later, we were standing in a theater in Campbell, reciting the Oath of Allegiance and clinging on to our new certificates of US citizenship.

The ceremony closed a long and interesting chapter in my life. But more importantly, standing in the hall with people from all over the globe made me realize that my story is not extraordinary; many of them had lived through experiences far more harrowing and captivating than mine. If anything, my tale is hard to tell apart from that of countless other immigrants from the former Eastern Bloc. By some estimates, in the US alone, the Polish diaspora is about 9 million strong.

I know that the Poland of today is not the Poland I grew up in. It’s not not even the Poland I came back to in 2003; the gap to Western Europe is shrinking every single year. But I am proud to now live in a country that welcomes more immigrants than any other place on Earth – and at the end of their journey, makes them feel at home. It also makes me realize how small and misguided the conversations we are having about immigration – not just here, but all over the developed world.

TorrentFreak: New Pirate Bay Blockade Foiled By Simple DNS Trick

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

One of the major strategies of the world’s leading entertainment companies is to have sites like The Pirate Bay blocked at the ISP level. The idea is that when subscribers can’t access ‘pirates’ sites they will flock to legal alternatives.

While there can be little doubt that some will take the opportunity to test out Netflix or Spotify (should they be available in their region), other users will be less ready to take the plunge.

In Spain, where online piracy is reportedly more widespread than most other European countries, users faced a Pirate Bay problem on Friday when a judge ordered the country’s service providers to block the site within 72 hours.

Some ISPs blocked the site immediately, provoking questions of where to get free content now that The Pirate Bay is off-limits. Of course, there are plenty of alternatives but for those a little more determined, access to TPB was just a click or two away.

The problem is that for whatever reasons, thus far Spanish ISPs are only implementing a Pirate Bay ban on the most basic of levels. In the UK, for example, quite sophisticated systems block domain names and IP addresses, and can even automatically monitor sites so that any blocking counter-measures can be handled straight away. But in Spain users are finding that blocks are evaded with the smallest of tweaks.

By changing a computer or router’s DNS settings, Spaniards are regaining access to The Pirate Bay in an instant. Both Google’s DNS and OpenDNS are reported as working on several Spanish discussion forums.

“I’ve [followed the instructions] and in two minutes you can enter Pirate Bay. And I am a computer illiterate and have no idea what a DNS is,” a user of a gaming forum writes.

Another user, who moved away from his ISP’s DNS a while ago, wasn’t even aware that any block had been put in place.

“If the block is using DNS, I would not call that blocking, really. I’ve been using the DNS of Google for years and I have not even noticed anything,” he notes.

While Spaniards will be pleased that the blockade is easily circumvented, it’s the reaction to the news that’s perhaps the most interesting aspect. News that the site is being blocked is hardly being welcomed, but there is a definite absence of panic among those who are supposed to be some of Europe’s most hardcore pirates.

Whether that’s chiefly down to the weak blocking method being employed by some ISPs is up for debate, but having seen blocks do little to stop file-sharers across Europe – particularly in the UK where the practice is widespread – the Spanish probably see no real reason to break into a cold sweat just yet.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Once You Accept File-Sharing Is Here To Stay, You Can Focus On All The Positive Things

This post was syndicated from: TorrentFreak and was written by: Rick Falkvinge. Original post: at TorrentFreak

diskettePeople started sharing files with each other – text, games, music – as soon as there was a storage medium you could copy.

Originally, this meant the compact cassette which was used for music and programs for the first home computers. Cassette decks at the time had a convenient copy mechanism where you’d insert an original in one slot, a blank tape in another slot, and press a prominent “copy” button to get an analog replica – not perfect, if it was music, but if it was a digital computer file, it would be readable and usable. The one-push copy was even a sales point.

Everybody had their circle of friends who contributed to the common collection between them, and we’d always be carrying some copy of something else we anticipated was in demand. People would copy something from you more or less every day. You would copy things from several people pretty much every day.

Copyparties were huge fests where hundreds of teens (or pre-teens) rented a school building for a weekend, brought their entire catalog of tapes and diskettes, an equivalent amount of blank media, and just copied everything they could from each other instead of sleeping. These copyparties frequently had pallets of Jolt Cola for sale.

In this setup, completely before the Internet, if something in high demand was published, it would take three days on average for that piece of media to get to everybody who wanted it.

In other words, in a complete shutdown of the Internet where people go back to sharing by copying media by hand, the very best the copyright industry can hope for is three days until saturation instead of today’s one day. It’s almost funny how the copyright industry still delays releases by weeks if not months between neighboring countries and think they can determine who gets to see what when. That was never the case, and won’t ever be the case.

File sharing is here to stay and the reason it’s still traceable is mostly because the risk of getting caught by stale, obsolete, and outdated laws is considerably lower than the risk of getting struck by lightning. There’s no real push to improve it, like there was right after Napster shut down. But let’s imagine for a moment if there was a real push to move sharing back under the radar.

Today, the storage of an ordinary mobile phone can effectively store all music except the most narrow. And with fourth-generation Bluetooth, it can wirelessly – and tracelessly! – share all of it to all mobile phones in a 50-meter range. Subway cars, cafés, even cars at red light stops become torrent swarms without somebody acting – or even noticing. The notion of being able to stop, control, or contain this files under “what’s the weather like on your planet?”.

Not only that, but the best-generation scenario that the copyright industry can ever hope for is the equivalent of a shutdown of the entire internet. That would mean a regression from today’s 24-hour saturation to a pre-internet 72-hour saturation. Think about that. The best conceivable scenario for the copyright industry, if they really manage to destroy the entire Internet, is that it would take three days instead of one day for something to get shared to everybody who wants it.

Moore’s Law further suggests that in a decade or so, an ordinary mobile phone will also have capacity to store most TV and movies ever made.

So once you accept that file-sharing is here to stay for good, and that any attempt to contain it is a Canutian attempt to order the tide back, you can let go of that and instead focus on all the positive aspects of that development:

The income is there for artists. In fact, more than twice the income is there for artists with file-sharing. There’s no need to fret and worry about that development, no need to hunt license fees for every copy manufactured without a license. Rather, as soon as you realize that chasing license fees for every copy is actually a cashflow net negative, you’ll start to chill and realize the revenue is still there. (Well, not for the parasitic middlemen: not for the actual copyright industry. But artists have always hated those with a passion.) As a significant bonus, you won’t be turning your customers into enemies.

But more importantly, it means that every human being has 24/7 access to humanity’s collective knowledge and culture, and that every human being is able to add to that pool. That’s the equivalent of when the first public libraries opened in 1850, but on an enormously larger scale. Even though the copyright industry is trying again and again to burn this Library of Alexandria, it’s worth more than pause to consider what a huge leap ahead for humanity this really is.

And while the copyright industry may order the tide held back, waging war against future generations is rarely a winning proposition in the long run.

About The Author

Rick Falkvinge is a regular columnist on TorrentFreak, sharing his thoughts every other week. He is the founder of the Swedish and first Pirate Party, a whisky aficionado, and a low-altitude motorcycle pilot. His blog at falkvinge.net focuses on information policy.

Book Falkvinge as speaker?

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: Cox Refuses to Reveal Financials in “Repeat Infringer” Piracy Case

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

cox-logoEvery month copyright holders and anti-piracy groups send hundreds of thousands of takedown notices to Internet providers.

These notifications have to be forwarded to individual account holders under the DMCA law, to alert them that their connection is being used to share copyrighted works without permission.

Cox Communications is one of the ISPs that forwards these notices. The ISP also implemented a strict set of rules of its own accord to ensure that its customers understand the severity of the allegations.

According to some copyright holders, however, Cox’s efforts are falling short. Last December BMG Rights Management and Round Hill Music sued the ISP because it fails to terminate the accounts of repeat infringers.

The companies, which control the publishing rights to songs by Katy Perry, The Beatles and David Bowie among others, claim that Cox has given up its DMCA safe harbor protections due to this inaction.

The case is a critical test for the repeat infringer clause of the DMCA and the safe harbor protections ISPs enjoy. In recent weeks both parties have started the discovery process to gather as many details as they can for the upcoming trial.

Cox, for example, is looking into the ownership of the 1,000 works for which they received seven million DMCA takedown notices. In addition, the ISP also wants an expert opinion on the source code of the Rightscorp’s crawler that was used to spot the alleged infringements.

For their part, BMG Rights Management and Round Hill Music have asked for details on Cox’s policy towards repeat copyright infringers and extensive details on the company’s financials. The ISP believes the latter request is too broad and as a result is refusing to produce the requested documents.

In a response the music companies have filed a motion asking the federal court to force the ISP to comply (pdf). Among other things, they argue that the financial details are needed to calculate damages and show that Cox has a financial motive to keep persistent pirates on board.

“The financial information that Cox refused to produce is directly relevant to Cox’s strong motivation for ignoring rampant infringement on its network because ignoring this infringement results in a financial benefit to Cox,” they argue.

“Moreover, Cox’s financial motivation for refusing to take meaningful actions against its repeat infringing customers is important to both the knowledge element of contributory infringement and the financial benefit element of vicarious liability,” the music groups add.

In its response Cox states that the rightsholders’ demands are too broad (pdf) since the documents requested include those related to the ISP’s market share, capital expenditures, profits per customer for each service, and so forth. According to Cox most of the information is irrelevant to this case.

“Plaintiffs’ document requests seek virtually every financial record that Cox maintains about its internet Customers and its provision of internet services,” Cox notes.

The ISP says it’s willing to share some financial detail but with a far more limited scope than demanded by the rightsholders.

“To be clear, Cox has been and remains willing to produce high-level, aggregate financial data of the kind that courts permit in cases involving statutory copyright damages, for example corporate tax returns. But Plaintiffs have never offered to entertain even minor limitations to the scope of their discovery requests, making any compromise effectively impossible,” the ISP notes.

The court has yet to decide how many of its financial secrets Cox must reveal but judging from the demands being made from both sides, it’s clear that we can expect more fireworks during the months to come.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: MPAA Wanted Less Fair Use In Copyright Curriculum

This post was syndicated from: TorrentFreak and was written by: Ernesto. Original post: at TorrentFreak

gr3During the summer of 2013 we voiced our doubts about an initiative from the Center for Copyright Information (CCI).

The group, which has the MPAA and RIAA as key members, had just started piloting a kindergarten through sixth grade curriculum on copyright in California schools.

The curriculum was drafted in collaboration with iKeepSafe and aims to teach kids the basics of copyright. Unfortunately, the lesson materials were rather one-sided and mostly ignored fair use and the more flexible copyright licences Creative Commons provides.

These concerns were picked up by the mainstream press, creating a massive backlash. The CCI and other partners emphasized that the pilot was tested with an early draft and promised that the final curriculum would be more balanced.

In the months that followed the lesson plans indeed got a major overhaul and last summer the “Copyright and Creativity for Ethical Digital Citizens” curriculum was finalized.

As reported previously, the new and improved version was indeed expanded to discuss fair use principles and Creative Commons licenses. However, as far as Hollywood is concerned it now includes too much discussion on fair use.

TorrentFreak received a copy of a leaked email the MPAA’s Howard Gantman sent to various insiders last summer, explaining what happened. It starts off by mentioning the negative response to the leak and states that the MPAA and RIAA will try to keep a low profile in future, probably to prevent another wave of critique.

“After there was serious negative commentary on twitter, blogs and by news columnists who are not strong supporters of copyright last fall when a draft version of the curriculum was leaked accidentally by iKeepSafe – a determination was made to try to release this in a way that would keep a low profile for any MPAA or RIAA involvement,” Gantman writes.

The copyright holder groups and CCI decided to let iKeepSafe and its PR firm handle the media, something which eventually came to pass. Continuing the conversation Gantman explains that the lesson materials were heavily edited to include a broader and more diverse perspective on copyright.

“The curriculum that has been produced also went through numerous rounds of edits and debate involving a wide range of organizations with differing views on copyright,” Gantman writes.

According to the MPAA, the end result is a compromise that includes more fair use than they had wanted, but still good enough to teach kids how to behave ethically on the Internet.

“So the end result contains sections on fair use that are more extensive than we would use if we drafted the curriculum ourselves. But overall, the effort will hopefully lead to an active program within our schools to help get kids to understand what it means to behave ethically on the Internet,” Gantman adds.

By comparing the first pilot materials with the final curriculum it becomes clear that nearly all additions are about fair use.

Grade 4 lesson handout
shareinggrade4

For example, where children were initially warned against using copyrighted images and music from the Internet in Powerpoint presentations, they are now told that this is totally fine, as long as the material is only shown in class.

Similar changes have been made throughout the entire curriculum, as we documented in our earlier coverage.

The question that remains is whether these extensive changes would have been made if the pilot materials hadn’t leaked in advance. That will probably remain a secret, but at least it’s clear that Hollywood got more fair use than they hoped for.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Lauren Weinstein's Blog: For the Anti-Gay Indiana GOP, the Web Is a Harsh Mistress

This post was syndicated from: Lauren Weinstein's Blog and was written by: Lauren. Original post: at Lauren Weinstein's Blog

It was with obvious glee two days ago that GOP Governor Mike Pence signed Indiana’s new “Religious Freedom Restoration Act” — in reality a law created to gladden the political voting hearts of closeted and outed racists, not to mention other right-wing lowlifes throughout the Hoosier State. While written so broadly that it conveniently could be used to discriminate against…

TorrentFreak: Block Pirate Bay in 72 Hours, Spanish Court Tells ISPs

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

When it comes be being blocked on copyright grounds, no site in the world can come close to the ‘achievements’ of The Pirate Bay.

The infamous ‘pirate’ domain is blocked in more than a dozen countries including the UK, Ireland, Denmark, Italy, Finland, Belgium and Portugal, to name just a few.

After a ruling today from Madrid’s Central Administrative Litigation Court No. 5, the torrent site can now add Spain to its ever-growing collection.

Due to the site’s failure to respond to rightsholder requests to remove links to copyrighted material in a timely manner as required by Spain’s copyright law, ISPs are now required to block their subscribers from accessing the site.

According to a statement issued by Promusicae, the trade association that represents more than 90 percent of the Spanish recorded music industry, the decision comes two and a half years after the Association of Intellectual Rights Management (AGEDI) submitted a complaint against Neij LMT Holdings, the company behind several Pirate Bay-related domains.

“It is the first blocking of a website dedicated to pirating music and other content that takes place in Spain under the so-called Sinde Law,” the group said in a statement.

According to Elmundo the injunction requires ISPs to block thepiratebay.org, thepiratebay.net, thepiratebay.se and thepiratebay.com within 72 hours.

Early this year ISP Vodafone blocked The Pirate Bay in Spain believing that it was required to do so. Amid confusion, Vodafone lifted the block and said it would wait for a warrant before blocking the site again.

From early next week the site should be inaccessible to most Internet users in Spain, a situation likely to spark traffic to other key sites and the take up of VPN services.

Like all countries in the world, Spain had a taste of a Pirate Bay free world
after the site was shutdown in December 2014. Almost two months passed before it reappeared at the end of January.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

TorrentFreak: DHS / ICE and City of London Police Make Piracy Fight Official

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

Some of the first major signs that U.S. Immigration and Customs Enforcement’s (ICE) Homeland Security Investigations (HSI) had entered the online piracy fight came with the shuttering of streaming site NinjaVideo and the seizing of several piracy-related domains in the summer of 2010. Months later a torrent search engine was also targeted.

By January 2014 a total of 2,713 domains had been taken down on various infringement grounds and as a result the now infamous ICE seizure banner has been viewed in excess of 122 million times.

On the other side of the Atlantic, City of London Police have also forced the suspension of hundreds of domains alleged to be involved in copyright and trademark infringement. In particular the integrated Police Intellectual Property Crime Unit (PIPCU) has generated plenty of headlines over the past couple of years, many of them relating to file-sharing, video streaming and similar operations.

After dealings dating back 10 years, ICE and City of London Police this week decided to formalize their “special relationship” with the signing of an official Memorandum of Understanding focusing on their shared interest in reducing IP related crime.

Signed by Homeland Security Investigations’ London Attaché Matthew Etre and City of London Police Commissioner Adrian Leppard, the MOU focuses on enhancing collaboration on major investigations between the two law enforcement bodies.

“International cooperation among law enforcement agencies is crucial to effectively combating intellectual property crime,” said Etre.

“This memorandum of understanding between HSI and the City of London Police formalizes a long-standing and mutually beneficial partnership in the fight against these global criminal networks.”

ICE says that with their shared focus on tackling IP crime the launch of PIPCU in September 2013 brought a “new dimension” to the trans-Atlantic partnership. Just over year later the partnership was bearing high-profile fruit.

cityoflondonpoliceAfter a pristine copy of The Expendables 3 appeared online ahead of its release in 2014, an HSI referral led to PIPCU arresting two men last November in connection with the leak.

Collaboration like this will continue, the agencies say, with HSI and PIPCU agents now meeting twice yearly in the Hague, Netherlands, to exchange intelligence on websites distributing content illegally.

“Our partnership with US Immigration and Customs Enforcement (ICE), Homeland Security Investigation has already directly led to the suspension of hundreds of illegally operating websites and the arrest of several people,” said Police Commissioner Adrian Leppard.

“I look forward to the MOU we have signed taking our partnership to a new level of collaboration which in turn will make life more difficult for intellectual property criminals who continue to offend in our two countries and many others around the world.”

PIPCU’s most recent file-sharing related arrest came last month when the unit raided the world’s most prolific UFC and WWE content uploader. Known online as Sir Paul, the man was arrested at his Leicestershire home after uploading thousands of shows using BitTorrent. No ICE involvement was detailed at the time, but it’s likely that a complaint originating from the United States prompted the move.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Errata Security: Message to Errata employees

This post was syndicated from: Errata Security and was written by: Robert Graham. Original post: at Errata Security

Dear employees,

Starting next week, Errata Security will be following RSA Conference’s lead and institute a “Morality Dress Code” in order to deal with the problem of loose women on the premises.

Attire of an overly revealing or suggestive nature is not permitted. Examples of such attire may include but are not restricted to:

  • Tops displaying excessive cleavage;
  • Tank tops, halter tops, camisole tops or tube tops;
  • Miniskirts or minidresses;
  • Shorts;
  • Lycra (or other Second-Skin) bodysuits;
  • Objectionable or offensive costumes.
These guidelines are applicable to all staff, regardless of gender, and will be strictly enforced. Therefore, Dave’s practice of showing up on casual Friday’s in a miniskirt and push-up bra will no longer be tolerated. We have burkas on hand of varying sizes for those who fail to comply.
If you have any questions, please consult the Morality Officer for your department.
Regards,
Robert Graham
CEO, Errata Security
“Shalim” by Zivya – Own work. Licensed under CC BY-SA 3.0 via Wikimedia Commons – http://commons.wikimedia.org/wiki/File:Shalim.JPG#/media/File:Shalim.JPG
PS: This is satire, of course. We don’t support RSA’s morality code.

TorrentFreak: “VPN Friendly” Aussie Pirate Site Blocking Draft Unveiled

This post was syndicated from: TorrentFreak and was written by: Andy. Original post: at TorrentFreak

stopstopDuring December 2014, Attorney-General George Brandis and Communications Minister Malcolm Turnbull asked the Australian Cabinet to approve the development of a new legal mechanism which would allow rightsholders to obtain site-blocking injunctions against ISPs. Today that legislation was introduced to parliament.

Kept under wraps until this morning, the site-blocking elements of the Copyright Amendment (Online Infringement) Bill 2015 are likely to please rightsholders with their significant reach.

Injunctions against providers

In order to apply for an injunction against an ISP, rightsholders need to show that the provider in question provides access to “an online location” outside Australia and that the “location” infringes or facilitates infringement of copyright. The location’s primary purpose must be to infringe copyright, “whether or not in Australia”.

Aside from the rightsholder and ISP, operators of “locations” (the word ‘site’ is not used, presumably to add breadth) will be given the option to apply to become party to any proceedings.

Once an injunction is handed down against an ISP it will be required to take “reasonable steps” to disable access to the infringing site. What amounts to reasonable will almost certainly be the subject of further discussion as any over-broad moves could result in collateral damage and bad PR.

Issues determining whether sites/locations become blocked

Currently there are 11 areas that the Court will examine when deciding whether to hand down an injunction. The key issues involve intent, in particular whether a location/site’s primary purpose is to infringe and the flagrancy of any infringement.

In a nod to BitTorrent and similar indexes around today (Pirate Bay, KickassTorrents and Usenet sites, for example), the Court will consider whether the location “makes available or contains” any “directories, indexes or categories of the means to infringe, or facilitate an infringement of, copyright.”

The Court will also consider whether the operator of the “location” demonstrates “disregard” for copyright. In the case of The Pirate Bay, for example, that should be easy to show but for others such as KickassTorrents – which removes masses of content following rightsholder request – the line becomes more wavy.

That being said, removing content alone won’t be enough to save a site from the blocklist. The Court will also take into consideration whether a site has already been blocked on copyright infringement or related grounds anywhere else on the planet. That immediately puts at least 110 UK-blocked sites in the spotlight.

Other issues to be considered are more focused on the needs of the public, such as whether blocking a resource would be “proportionate”, in the public interest, or likely to have a “an impact” on third parties. Who will be allowed to have an input into these matters is not detailed but participating in court proceedings could prove prohibitively expensive for smaller groups.

Additional matters

The draft caters for injunctions to have a limited duration, and be rescinded or varied upon application. While ISPs will be expected to spend money on implementing injunctions, they won’t be liable for any costs in relation to injunction proceedings, unless they wish to take part. Unless rightsholders go overboard or there is public outcry, it seems unlikely that Aussie ISPs will choose to do so.

VPN friendly

While the draft is now up for debate and amendment, changes are reported to have been introduced as late as last week, delaying its introduction. According to SMH the legislation was worded in such a way that VPN providers could have been eligible for blocking if the Court decided they were facilitating infringement.

“In an area such as this if you are not really specific you end up catching a lot more stuff than you are potentially targeting,” a source explained.

Of course, the current draft could still scoop up a VPN provider if it marketed itself as a service designed for piracy, but there are few if any that are that naive today.

Overall

As it currently stands the draft appears to have ‘teeth’ and the scope to take down any significant ‘pirate’ site or service on the planet, at least as far as regular Aussie Internet subscribers are concerned and provided their ISPs have the technical ability.

Another rightsholder-pleasing aspect of the Bill is the lack of limits being placed on the number of sites that can be blocked in a single injunction. While it may make sense to have the facts heard against a few well-known sites in an initial order, subsequent orders could potentially list hundreds of additional sites alongside comment that they are “structurally similar” to those already presented.

Also of interest is the continued use of the words “online location” instead of “site”. This is likely in preparation for new technologies, or perhaps even some of the decentralized technologies already available today.

There will now be a six week consultation period for additional submissions and tweaks.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Linux How-Tos and Linux Tutorials: Get the Most Out of Google Drive and Other Apps on the Linux Desktop

This post was syndicated from: Linux How-Tos and Linux Tutorials and was written by: Jack Wallen. Original post: at Linux How-Tos and Linux Tutorials

Google Apps are an incredibly powerful means to a very productive end. With this ecosystem you get all the tools you need to get the job done. And since most of these tools work within a web browser, it couldn’t be more cross-platform friendly. No longer do open source users have to hear “Linux need not apply”, because Google Apps is very Linux friendly.

But when using Linux, how do you get the most out of your experience? There are certain elements of Google Apps that come up a bit short on Linux ─ such as the Google Drive desktop client. Worry no longer, because I have a few tips that will help you extend and get the most out of Google Apps on the Linux platform.

All about the browser

One of the first pieces of advice I will offer up is this: Although Google Apps work fantastic in nearly every browser, I highly recommend using Google Chrome. This isn’t because you’ll find Apps work more efficiently or reliably with Google’s own browser, but because of two simple reasons:

  • Additional functionality.

With the Google Web Store you will find plenty of apps that help extend the functionality of some of the tools offered by Google. Apps like Google Doc Quick Create (quick access to creating any document within Google Apps), or Google Docs To WordPress (export your Google Doc to WordPress) add functionality to your Google Apps you won’t find in other browsers.

  • Faster access with quick links (also called Chrome Notifications Bar.)

Quick links are those tiny buttons that appear in the upper right corner of every blank tab you open in Chrome (Figure 1). Unfortunately, you cannot configure the Chrome Notifications Bar.

google apps

Let’s get beyond the simplicity of the browser and see other methods to get the most out of Google Apps.

Google Calendar Indicator

I want to highlight a tool that I use on a daily basis. On many desktops (such as Ubuntu Unity), you can add Indicator apps that allow you to get quick access to various sorts of information. One such indicator that I rely on is the Calendar-indicator. This particular indicator not only will list out upcoming events on your Google Calendar, it also allows you to add new calendars, add events, show your calendar, sync with your calendar, and enable/disable the syncing of your Google Calendars to the indicator (in case you have multiple calendars and do not want to show them all). Of course, the mileage you get out of this will depend upon which desktop you use and how much you depend upon the Google Calendar.

To install this indicator (I’ll demonstrate on Ubuntu 14.10), do the following:

  1. Press Ctrl+Alt+t to open a terminal window

  2. Add the PPA with the command sudo add-apt-repository ppa:atareao/atareao and hit Enter

  3. Type your sudo password and hit Enter (and a second time when prompted)

  4. Type the command sudo apt-get update and hit Enter

  5. Type the command sudo apt-get install calendar-indicator and hit Enter

  6. Allow the installation to complete

  7. Log out of your desktop and log back in.

The next step is to enable the indicator. Open the Unity Dash (or however you get to your apps) and type calendar-indicator in the search field. When you see the launcher for the indicator, click on it to open the Calendar-indicator Preferences window (Figure 2).

The Calendar-indicator preferences window.

The first thing you must do is enable access to Google Calendar by switching the ON/OFF slider to ON. When you do that, an authentication window will appear where you can enter your credentials for your Google account. If you have two-step authentication set up for your Google account (which you should), you will prompted to enter a two-step 6-digit code. Finally you will have to grant the indicator permission to access your Google account by clicking Accept (when prompted).

Click OK and the Calendar-indicator icon will appear in your panel (Figure 3).

The Calendar-indicator icon ready to serve (sixth from the left).

Click on the Calendar-indicator to reveal the drop-down that lists your upcoming events and more (Figure 4).

See all of your upcoming appointments with a single click.

Backing up your Google Drive

If there’s one area where Google seems to be slighting Linux, it’s on the Drive desktop client arena. This is sort of a shock, considering how supportive Google is of the Linux platform (and open source as a whole). But that doesn’t mean we Linux users are out of luck. There are third party tools that allow the syncing of your Google Drive to your desktop.

Of the third-party tools, only one tool really can be trusted to handle the syncing of your documents ─ Insync. This is the tool I depend upon for the real-time syncing of my Google Drive and desktop. Of course, some will have issue with Insync because it is neither open nor free.

However, if you want to look at open source solutions you’ll find the options limited. There’s:

  • grive: which hasn’t been updated for two years

  • drive: an “official” Google drive client that simply doesn’t work (and, even if it did work, it doesn’t actually do background syncing)

There used to be a very handy Nautilus extension (called nautilus-gdoc), which added a right-click option to the Nautilus file manager, that would upload files/folders to your Google Drive cloud storage. Sadly, that extension no longer works.

In the end, the only logical choice for backing up your Google Drive account is Insync. With this tool, you can even save files/folders within your sync’d folder (you get to define the location of this folder) and they will be automatically uploaded to your Drive cloud storage.

Enable the Google Apps Launcher

The Google Apps Launcher on the Ubuntu Unity launcher.

If you want the fastest possible access to your Google Apps, you can add the Google Apps Launcher to your desktop launcher. This Apps Launcher is very similar to the ChromeOS menu button and enables you to launch any of the Google Apps with a single click. To add this feature, do the following:

  1. Open up Google Chrome

  2. Enter the following the address bar chrome://flags/#enable-app-list

  3. In the resulting page, click the Enable link under Enable the app launcher

  4. Relaunch Chrome.

You should now be able to find the App Launcher in your desktop menu and add it to your Launcher, Dash, Panel, etc (Figure 5). If you use Ubuntu, open the Dash, type calendar-indicator, click on the resultant launcher, and then (when the app is open), right-click the launcher and select Lock to Launcher.

When you add new apps from the Google Web Store, they will automatically appear in the Google App Launcher.

You don’t have to relegate your Google Apps work within the web browser alone. With just a few tools and tweaks, you and your Linux desktop can get the most out of your Google Apps account.

Have you found other tools that help make your Google Apps experience more efficient and powerful? If so, share with your fellow Linux.com readers in the comments.

Backblaze Blog | The Life of a Cloud Backup Company: Backblaze Online Backup 4.0 – It’s All About The Pace

This post was syndicated from: Backblaze Blog | The Life of a Cloud Backup Company and was written by: Andy Klein. Original post: at Backblaze Blog | The Life of a Cloud Backup Company

Backblaze Online Backup 4.0

We are proud to introduce Backblaze Online Backup 4.0, our fastest release for backing up and recovering customer data. There are a lot of cool things in 4.0, but making sure our customers can backup and recover their data fast is at the top of the list. We have always allowed customers to backup and restore as quickly as they were able and never throttled our customers’ speeds. However, some customers have experienced less than optimal upload and download speeds and this concerned us. As we dug into the issue, we realized we had two choices, 1) fix the Internet or 2) work around the problem: we chose the latter. Let’s start with how we have improved upload and download speeds and then finish up with a look at some of the other improvements in software release 4.0.

Improving Data Upload Speed With Threading

    Network Latency and Data Upload

    When Backblaze is installed on a PC or Mac, it regularly tests the amount of network bandwidth we can use without getting in the way. Customers have always had the ability to let us use more (or less) of their available bandwidth by using “Manual Throttle” in the Backblaze Preferences Panel. Unchecking “Automatic Throttle”, as shown below, accesses this capability.

    Backblaze Performance Panel

    Placing the Manual Throttle slider all the way to the right (Faster Backups) should use nearly all the bandwidth available for data uploading, but for some users this wasn’t the case. The primary culprit is network latency or more precisely round-trip network latency. For Backblaze this is the length of time it takes encrypted data to travel from a computer to the Backblaze datacenter and then to receive back an acknowledgement that the data was delivered. In general, the further away a customer is from our datacenter in Sacramento, California, the longer the latency. So a customer in San Francisco (87 miles from the data center) should have almost no latency, while a customer in Sydney, Australia (7,486 miles) could have hundreds milliseconds of latency. Other factors can also impact the optimization of upload speed such as local area network traffic, wide area network traffic and other applications on your computer using bandwidth. These are factors the customer has control over, but network latency is part of the Internet infrastructure and that’s where threading comes in.

    Introducing Threading

    Backblaze 4.0 includes threading in our Mac and Windows software clients. Threading allows Backblaze to optimize upload and downloads speeds if there is network latency in the Internet connection between the computer and Backblaze.

    While threading is pretty cool, let’s take a minute to see if this is something that can improve your upload speed. We created two different sets of questions you can use to see if you can benefit from threading: one set for “regular users” and another set for “advanced users.”

    Regular Users

    1. Are you doing your initial data upload to Backblaze?
    2. Are you over 500 miles away from the Backblaze data center in Sacramento, California.
    3. Do you think your data upload is taking too long?

    If you answered, “Yes” to all three of these questions, you’re a candidate for using threading. If your system is working and you haven’t noticed any issues uploading data, you don’t need to do anything, you’re all set.

    Advanced Users

    1. Are you doing your initial data upload to Backblaze?
    2. When you “ping” backblaze.com, is the round-trip (latency) over 10 milliseconds on average.
    3. When you run the Backblaze online speed test on your system, the upload speed is over 5 times more than that shown on your last Backblaze file upload as shown in the Backblaze Preferences >> Settings >> Performance Panel.

    If you answered, “Yes” to all three of these questions, you’re a candidate for using threading. If your system is working and you haven’t noticed any issues uploading data, you don’t need to do anything, you’re all set.

    Just Want to Play?

    Some of you may want to try to use threading even though everything is working fine. That’s fine, but remember to document your initial Backblaze Preferences Panel settings before you make changes. Threading will be system resource intensive and if it is not beneficial to use it, you’ll want to return Backblaze back to your initial settings.

    Activating Threading

    If you are a candidate for using the threading option, the very first thing you’ll need to do is to be running Backblaze 4.0. You can download and install the latest version of Backblaze from here: http://files.backblaze.com.

    Once you are running Backblaze 4.0, here’s how to activate threading.

    1. Open the Backblaze Preferences Panel.
    2. Click Settings >> Performance.
    3. Uncheck “Automatic Throttle” if it is checked.
    4. Using the pull down menu, select “2” as the number of threads to use.
    5. Click “OK” to accept the change the return to the main preferences panel.
    6. Your backup will restart automatically after a few minutes, but you can click “Backup Now” to restart immediately.

    Over the next several of hours you can monitor your system to see if you are benefiting from activating threading. For the most part you’ll be monitoring network traffic and CPU utilization. If appropriate, you can repeat the procedure above increasing the number of threads by “1” each time until you have optimized your upload speed. For additional information on how to set-up and monitor Backblaze threading, you can review the Backblaze Knowledge Base for your Windows system or your Mac system as needed.

    Threading Can Really Help

    One of our 4.0 Beta testers is in Taiwan. Using the Backblaze speed test, he determined he should be getting at least 10.9 Mbps on upload. The speed test just pumps data up/down the wire making it a good proxy for the real speed of the connection. The tester then checked his “Last file transfer speed” on the Backblaze Preferences >> Settings >> Performance Panel.

    The tester documented his observations of his data upload speed as he progressed through different thread settings, these are below.

    Backblaze Upload Speeds

    Using Backblaze Online Backup 4.0 with 10 threads he was able to back up nearly 100GB of data over a 24 period. To quote our Beta tester;

    “Yep, it’s blazing now.”

    While using 10 threads is extreme, it demonstrates the amount of unused bandwidth that can be utilized by using the threading option when appropriate.

    What Backblaze Means By Threading

    Typically, threading means adding multiple threads in the given process to perform more activities – in our case to move blocks of encrypted data from a computer over the network to our data center. We instead use multiple processes, each of which autonomously moves an encrypted block of data from a computer over the network to our data center.

    We found that implementing the use of multiple processes versus multiple threads was more straight-forward and allowed us to manage the data upload process more effectively. In addition, if a process fails (is killed or dies), the recovery is to simply retransmit the data via a different process. While we use the terms threads and threading, we are actually creating and using multiple processes.

    How Threading Works to Improve Upload Speed

    Threading is designed to optimize bandwidth utilization when network latency is present. Our implementation works by having multiple processes independently sending encrypted blocks of data over the wire. The first process sends a block of data, and while it is waiting for an acknowledgement from our data center the void is filled by a second process that sends its block of data right after the first process in done sending. Once the second block is done sending a third process can send a block of data, and so on. Optimally, most of the voids are now filled with data being uploaded.

    Obviously, the wire can get overstuffed with too many processes and the upload speed can slow down to be even less than when you started. That’s why, if you do activate threading, you need to start with 2 threads and work your way up, monitoring network resources along the way.

    Caveats and Things to Remember

    Threading does not magically create more upload bandwidth and does not allow you to change the laws of physics. If you have a 500 kbps upload connection and terabytes of data, it will still take months/years to upload all of your data. We can only use the upstream bandwidth that’s available and changing the number of threads most likely will not help if you have a slow Internet connection.

    Upload speeds and download speeds for most home and some business connections are usually different. You may have a 30 Mbps download connection, but only have a 5 Mbps upload connection. If you are not sure, you can run https://www.backblaze.com/speedtest to check your connection speed to/from Backblaze. Backblaze uses the upload bandwidth of your connection when uploading data, so that number is most important when backing up to Backblaze.

    Remember Bits and Bytes are different. Your upload and download speeds are measured in Bits as in “I have an 8 Mbps connection,” but, your data is measured in Bytes, as in “I have 8 Mbytes of data” to upload. There are 8 bits in 1 byte, so mathematically transferring 8 Mbytes of data over an 8Mbps connection will take 8 seconds, not 1.

Improving Data Recovery Speed with Threading

Our Engineers just couldn’t stop with threading the upload process. They’ve also threaded the Backblaze Downloader for both the Windows and Mac platforms. If you are not familiar with the Backblaze Downloader, it is a free utility you can use to download your Backblaze recovered files instead of using your web browser. You can learn more about the Backblaze Downloader here: https://help.backblaze.com/entries/21298948-Large-Download-Restore-Use-the-Backblaze-Downloader-.

Just like using upload threading, the Backblaze Downloader will allow you to choose the number of threads (processes) you wish to use when downloading your Backblaze restore file.

Backblaze Downloader

Also, like upload threading, download threading uses multiple processes to fill in the latency voids to improve overall download speeds. The graphs below depict the increase in download throughput achieved by one of the Beta testers when testing the Backblaze Downloader and going from 1 thread (the first graph) to 4 threads (the second graph).
Data Recovery with Backblaze
Data Recovery with Backblaze
Anyone using the Backblaze Downloader can use the threading option by selecting the number of threads from the pull down menu. We highly recommend starting with “2” threads and to see how the system behaves. One can always increase the number of threads the next time they use the Backblaze Downloader.

Datacenter Improvements to Handle Threading

To support threading, the datacenter/server code was upgraded so multiple threads can simultaneously backup to multiple Backblaze Pods or multiple Pods with a Backblaze Vault in parallel. Each encrypted block of data in a thread (process) that is sent to Backblaze is independent of all others and is stored in the Vault or Pod that is ready to accept it. For example, your system has four threads each sending data to Backblaze. They could all arrive at the same time and be stored at the same time, in parallel, with no issues. The upgrades removed any potential bottlenecks in accepting and storing data that is sent to us, or recovering data for our customers.

Large Files Over Slow Connections

When backing up very large files, we now allow the file to take several months to be uploaded. For example, assume you have a large 19 GB video file and a slow 500 Kbps upload Internet connection. Uploading this file could take several days or weeks depending on when the system is on, etc. Previously, we would have given up on sending the file after a few days and tried another time; now we’ll just keep working on that file until we have it completely uploaded.

De-duplication and Threading

You’ll be happy to know that threading works hand-in-hand with de-duplication. Each process (thread) being sent, checks to see if the same files were previously uploaded or are waiting to be uploaded across multiple processes. Duplicate files are recorded, but not transmitted. This saves network bandwidth and data storage.

Changes in Supported Platforms

Backblaze Online Backup Version 4.0, can only be installed on Mac OS 10.6 or higher. Previous versions of Backblaze will continue to run on 10.5 and will be supported for the foreseeable future.

For Windows, Backblaze Online Backup 4.0 is supported on XP (32-bit), Vista (32-bit and 64-bit), Windows 7 (32-bit and 64 bit) and Windows 8 (32-bit and 64 bit) and Windows 8.1 (32-bit and 64 bit).

Backblaze Online Backup 4.0 Details:

Version: 4.0.0 for both Mac OS and Windows.

Availability: 26-March-2014

Upgrade Methods:

  • Immediately when performing a “Check for Updates”.
  • Immediately as a download from files.backblaze.com.
  • Immediately as the default download on backblaze.com.
  • Auto-update will begin in the next couple of weeks.

Cost: Free as an update for all Backblaze customers.

Questions: Please contact Backblaze Support at www.backblaze.com/helpme.

 

Author information

Andy Klein

Andy Klein

Andy has 20+ years experience in technology marketing. He has shared his expertise in computer security and data backup at the Federal Trade Commission, Rootstech, RSA and over 100 other events. His current passion is to get everyone to back up their data before it’s too late.

The post Backblaze Online Backup 4.0 – It’s All About The Pace appeared first on Backblaze Blog | The Life of a Cloud Backup Company.

Krebs on Security: Who Is the Antidetect Author?

This post was syndicated from: Krebs on Security and was written by: BrianKrebs. Original post: at Krebs on Security

Earlier this month I wrote about Antidetect, a commercial tool designed to help thieves evade fraud detection schemes employed by many e-commerce companies. That piece walked readers through a sales video for Antidetect showing the software being used to buy products online with stolen credit cards. Today, we’ll take a closer look at clues to a possible real-life identity of this tool’s creator.

The author of Antidetect uses the nickname “Byte Catcher,” and advertises on several crime forums that he can be reached at the ICQ address 737084, and at the jabber instant messaging handles “byte.catcher@xmpp.ru” and “byte.catcher@0nl1ne.at”. His software is for sale at antidetect[dot]net and antidetect[org].

Antidetect is marketed to fraudsters involved in ripping off online stores.

Antidetect is marketed to fraudsters involved in ripping off online stores.

Searching on that ICQ number turns up a post on a Russian forum from 2006, wherein a fifth-year computer science student posting under the name “pavelvladimirovich” says he is looking for a job and that he can be reached at the following contact points:

ICQ: 737084

Skype name: pavelvladimirovich1

email: gpvx@yandex.ru

According to a reverse WHOIS lookup ordered from Domaintools.com, that email address is the same one used to register the aforementioned antidetect[dot]org, as well as antifraud[.biz] and hwidspoofer[dot]com (HWID is short or hardware identification, a common method that software makers use to ensure a given program license can only be used on one computer).

These were quite recent registrations (mid-2014), but that gpvx@yandex.ru email also was used to register domains in 2007, including allfreelance[dot]org and a domain called casinohackers[dot]com. Interestingly, one of the main uses that Byte Catcher advertises for his Antidetect software is to help beat fraud detection mechanisms used by online casinos. As we can see from this page at archive.org, a subsection of casinohackers.com was at one time dedicated to advertising Antidetect Patch — a version that comes with its own virtual machine.

That ICQ number is tied to a user named “collisionsoftware” at the Russian cybercrime forum antichat[dot]ru, in which the seller is advertising software that routes the user’s Internet connection through hacked PCs. He directs interested buyers to the web site cn[dot]viamk[dot]com, which is no longer online. But an archived version of that page at archive.org shows the same “collision” name and the words “freelance team.” The contact form on this site also lists the above-referenced ICQ number and email gpvx@yandex.ru, and even includes a résumé of the site’s owner.

Another domain connected to that antichat profile is cnsoft[dot]ru, the now defunct domain for Collision Software, which bills itself as a firm that can be hired to write software. The homepage lists the same ICQ number (737084)

Antidetect retails for between $399 and $999, and includes live support.

Antidetect retails for between $399 and $999, and includes (somewhat unreliable) live support.

Both antifraud[dot]biz and allfreelance[dot]org were originally registered by an individual in Kaliningrad, Russia named Pavel V. Golub. Note that this name matches the initials in the email address gpvx@yandex.ru. KrebsOnSecurity has yet to receive a response to inquiries sent to that email and to the above-referenced Skype profile.

A little searching turns up this profile on Russian social networking giant Odnoklassniki.ru for one Pavel Golub, a 29-year-old male from Koenig, Russia. Written in Russian as “Кениг,” this is Russian slang for Kaliningrad and refers to the city’s previous German name.

One of Pavel’s five friends on Odnoklassniki is 27-year-old Vera Golub, also of Kaliningrad. A search of “Vera Golub, Kaliningrad” on vkontakte.com — Russia’s version of Facebook — reveals a vk.com group in Kaliningrad about artificial fingernails that has two contacts: Vera Ivanova (referred to as “master” in this group), and Pavel Vladimirovich (listed as “husband”).

The Vkontakte profile linked to Pavel’s name on that group has been deleted, but “Vera Ivanova” is the same face as Vera Golub from Pavel’s Odnoklassniki profile.

A profile of one of Vera’s friends – one Natalia Kulikova – shows some photos of Pavel from 2009, where he’s tagged as “Pavel Vladimirovich” and with the link to Pavel’s deleted Vkontakte profile.  Also, it shows his previous car, which appears to be a Mitsubishi Galant.

Pavel, posing with his Mitsubishi Galant

Pavel, posing with his Mitsubishi Galant in 2008.

A search on the phone number “79527997034,” referenced in the WHOIS site registration records for Pavel’s domains — antifraud[dot]biz and hwidspoofer[dot]com — turns up a listing on a popular auto sales Web site wherein the seller (from Kaliningrad) is offering a 2002 Mitsubishi Galant. That same seller sold a 2002 BMW last year.

On one level, it’s amusing that a guy who sells software to help Web criminals evade detection is so easily found on the Internet. Then again, as my Breadcrumbs series demonstrates, many individuals involved in writing malware or selling fraud tools either do not care or don’t take too many precautions to hide their identities — probably because they face so little chance of getting into trouble over their activities as long as they remain in Russia.

The above photo of Pavel in his Mitsubishi isn’t such a clear one. Here are a couple more from Kulikova’s Vkontakte pictures.

Vera and Pavel Golub in April 2012.

Vera and Pavel Golub in April 2012.

Pavel V. Golub, in 2009.

Pavel V. Golub, in 2009.

Raspberry Pi: PiJuice: portable power for your Pi projects

This post was syndicated from: Raspberry Pi and was written by: Helen Lynn. Original post: at Raspberry Pi

Helen: some Kickstarter campaigns just jump out at you. When I took a look at PiJuice it was obvious it was the real deal – they’ve only gone and sorted out portable power for the Raspberry Pi, with bells on. Their Kickstarter runs until Tuesday, so you’ve got the weekend to jump on board. Here’s Aaron Shaw to tell you more.

I started playing with the Raspberry Pi since the very beginning and after being involved in The MagPi and various other activities I am now fortunate enough to call Raspberry Pi tinkering my “work”. The thing that got me hooked back in 2012 was the hardware and physical computing capability – writing code to do things in real life (probably because of my background in Automotive Engineering) and I still spend a considerable amount of my time just learning new things and playing around with everything the Raspberry Pi has to offer. It has been a fantastic opportunity and I want to share it with as many people as possible.

PiJuice

Around a year ago I met Harry Gee from PiBot and we started by just throwing around our ideas for how we could help to make the Raspberry Pi even better. One of the things that we had both found difficult was creating portable or remote projects – it was of course possible, but it was just a lot harder than it needed to be. This ultimately led us to the idea of making a neat, safe, portable power solution for the Raspberry Pi to allow people to do even more exciting things with their Pi, whilst saving a lot of time and effort in the process.

PiJuice module

We’ve called this the PiJuice and it’s the ultimate product for portable and remote Raspberry Pi projects. The idea with PiJuice was to remove a barrier to entry from portable Pi projects so that beginners and professionals alike could focus on building, making and learning rather than worrying about the complexities of lithium battery charging and other electronics issues, whilst reducing the costs in the process.

 

Maker Kits – Made for Makers

PiJuice is more than just an add-on board. We are passionate about education and are keen to turn PiJuice into a modular project platform – a way to allow people to build their awesome ideas much more quickly and easily.

To kick things off and provide some inspiration we have developed a number of exciting tutorials and projects including a Raspberry Pi games console, a compact camera, a Pocket Pi and more.

Make cool stuff

We are calling these Maker Kits and they are already available to purchase in kit form from our Kickstarter page and are being uploaded as free guides on Instructables.

These guides will soon be turned into high quality step-by-step guides that you can either use with our Maker Kits or to build and make your own.

Free Off-Grid Power To the Pi

Off-grid power

When creating Raspberry Pi projects outdoors we’ve also been interested in using solar power as it is free and renewable. We’ve worked hard to create an efficient and low cost solution that will open up new off-grid and sustainable applications for the Raspberry Pi.

The PiJuice Solar has additional circuitry which adds functionality to enable truly autonomous, self-monitoring operation of the Raspberry Pi – perfect for weather stations, remote camera systems for nature watching and more.

Additionally, we are actively investigating possibilities for affordable wind and thermoelectric power generation with PiJuice Solar for added flexibility.

What would you do with yours?

What would you do with yours?

We are really interested in what you want to do with your own PiJuice. We want to create the projects that appeal to you the most, so please suggest us your ideas in the comments, or on Twitter (@ThePiJuice) using the hashtag #ProjectPiJuice to get our attention. We will turn the best of these into free projects for everyone to enjoy!

We really hope to help as many people as possible create awesome portable Raspberry Pi projects as well as continuing to create beautiful guides for cool projects! We’re currently coming to the closing stages of our Kickstarter and would appreciate any support to help make PiJuice even better – http://pijuice.com.

– Aaron & The PiJuice Team