Wanda

Contributor
  • Content Count

    257
  • Joined

  • Last visited

  • Days Won

    11
  • Feedback

    0%

Wanda last won the day on May 10

Wanda had the most liked content!

Community Reputation

255 Accomplished

About Wanda

  • Rank
    Well-Known Trader

Profile Information

  • Gender
    Female
  • Country

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Anti-piracy work by its very nature is usually conducted in the shadows, with only the results visible to the public. However, a job listing posted by the BPI recently gives more insight, with the right candidate managing everything from investigations through to covert credit cards, covert drop addresses, and covert social media accounts. Even working with the police. With a huge emphasis placed on the unlicensed distribution of music through platforms like YouTube, one might think that enforcement against other sources has taken a bit of a back seat. However, traditional anti-piracy investigations are alive and well, carried out mostly in the shadows by teams of professionals. It’s relatively rare to hear about these roles in public but a new listing posted by the British Phonographic Industry gives a flavor of the kinds of skills one would need to hold such a job. Titled ‘Evidence, Intelligence & Investigations Executive (Digital)’, the position currently waiting to be filled at the company is an important one. The BPI represents the interests of Sony, Universal and Warner in the UK, along with more than 400 independent labels. “Collectively, all those members account for approximately 99 per cent of recorded music consumed legally within the UK each year,” the BPI notes. The new addition to the BPI’s Content Protection team will have several key responsibilities, such as ensuring the industry group is in compliance with laws and regulations when evidence is collected in the pursuit of pirates. He or she will also be responsible for investigating online infringement, and as such, will have previous experience of digital investigations and be fluent in the use of case management and forensic tools. Given the nature of the work, candidates also require a good understanding of piracy and the tools used to carry it out. The same goes for web-hosting, Internet registries (domains etc), content delivery networks (Cloudflare etc) and advertising intermediaries, all of which can be leveraged to disrupt infringement. Since it’s a primary tool to reduce infringement, enforcing content removal “across a variety of online platforms” will also be a key task. As detailed in our report last year, the BPI is a prolific DMCA notice sender but unlike many outfits operating with huge volumes, also appears to be one of the most accurate. This certainly fits the requirement for the lucky applicant to be “meticulous in work output.” Another novel aspect is that the successful candidate will be required to manage test purchases, which could conceivably range from subscribing to an online pirate service through to buying a bunch of pirate karaoke DVDs from eBay. Interestingly, this will also entail managing “covert credit cards” and “covert drop addresses”. But the undercover action doesn’t stop there. Also in the job description is the managing of “covert social media accounts”, which suggests a level of penetration into piracy circles that many believed existed but hadn’t yet seen written down in black and white. At this point, there are probably quite a few readers thinking that not only does the job sound quite interesting, but they’re also qualified for the position. That might indeed be the case if one can also show expert use of Excel and PowerPoint and “good working knowledge” of IBM i2 and SQL databases. But from there the requirements go on and on. Preferred candidates will have a background in law enforcement, criminal law, or cyber investigations. They will also be experienced in computer forensics and writing witness statements, utilizing their knowledge of copyright law, of course. The reasons for this are made fairly clear in the listing. In addition to preparing intelligence and evidence that might be used in the prosecution of pirates, the lucky applicant will also spend one day a week working at PIPCU, the Police Intellectual Property Crime Unit. There’s little doubt that the BPI will find the right person for the job, but ticking all of the boxes in the listing will be a big ask. Especially when assisting the BPI with its lobbying activities with ISPs and other service providers is also one of the job’s requirements. Source: TorrentFreak
  2. Strike 3 Holdings has identified hundreds of alleged copyright infringers through US courts. This often happens without much hassle, but this week the company suffered a major setback. Florida District Court Judge Ursula Ungaro refused to issue a subpoena, stating that IP-address evidence is not enough to locate or identify an alleged pirate.Since the start of this decade, hundreds of thousands of alleged BitTorrent pirates have been sued by so-called ‘copyright trolls’ in the United States. The select group of rightsholders that file these cases generally rely on an IP address as evidence. They then ask the courts to grant a subpoena, ordering Internet providers to hand over the personal details of the associated account holder. While some judges have refused to do so in the past, many District Courts still issue these subpoenas. However, over the years judges have grown more skeptical about the provided evidence. This includes Florida District Court Judge Ursula Ungaro. In February, Judge Ungaro was assigned a case filed by the adult entertainment company “Strike 3 Holdings,” which has filed hundreds of lawsuits over the past several months. The company accused IP-address “72.28.136.217” of sharing its content through BitTorrent without permission. The Judge, however, was reluctant to issue a subpoena. She asked the company how the use of geolocation and other technologies could reasonably pinpoint the identity and location of the alleged infringer. Responding to this order to show cause, Strike 3 explained that it used Maxmind’s database to link the IP-address to Internet provider Cogeco and a location in Southern Florida. According to Maxmind, its IP address tracing service is roughly 95% accurate in the US, so the rightsholder is confident that it filed the case in the right court. Strike 3 further admitted that, at this point, it doesn’t know whether the account holder is the actual copyright infringer. However, the company believes that this is the most plausible target and says it will try to find out more once the identity of the person in question is revealed. That was not good enough for Judge Ungaro. In an order released this week she writes that, other than stating that it’s “plausible” that the infringer can be identified through the IP-address, Strike 3 failed to explain how the geolocation software can properly identify or locate the actual infringer. “There is nothing that links the IP address location to the identity of the person actually downloading and viewing Plaintiff’s videos, and establishing whether that person lives in this district,” Judge Ungaro writes. The order points out that an IP-address alone can’t identify someone. As such, it can’t accurately pinpoint the person who allegedly downloaded the copyright infringing content. “For example, it is entirely possible that the IP address belongs to a coffee shop or open Wi-Fi network, which the alleged infringer briefly used on a visit to Miami,” Judge Ungaro notes. “Even if the IP address were located within a residence in this district, the geolocation software cannot identify who has access to that residence’s computer and who actually used it to infringe Plaintiff’s copyright,” she adds. Strike 3 stressed that many courts have issued subpoenas based on the exact same evidence. While that is true, the Judge counters that other courts, which also doubted the strength of an IP-address as evidence, have refused to do so. In this instance, the Court finds that Strike 3 hasn’t provided sufficient evidence to argue that it can reasonably rely on the usage of geolocation to establish the identity of the accused downloader. Nor does it prove that the person lives in the Court’s jurisdiction. As a result, the Court refused to issue a subpoena and dismissed the case against IP-address 72.28.136.217 for improper venue. The case is closed and Strike 3 won’t get the opportunity to refile. While not all judges may come to the same conclusion, the order is a setback for Strike 3 and other rightsholders. They clearly have to come up with other arguments or evidence if their case is handled by this Judge. But that shouldn’t really come as a complete surprise, as Judge Ungaro has issued similar orders in the past. Source:TorrentFreak
  3. As part of an ongoing lawsuit against several record labels, Internet provider Cox Communications has agreed to share the names and addresses of business subscribers who've been accused of sharing pirated material. The disclosure is cemented in a stipulated court order. What the labels plan to do with the information is currently unknown.Last summer, Cox ended its piracy liability lawsuit with music company BMG, agreeing to a “substantial settlement.” That didn’t mean an end to the ISP’s legal trouble though. Cox remains caught up in another lawsuit filed by a group of major music labels, all members of the RIAA. The labels argue that Cox categorically failed to terminate repeat copyright infringers and that it substantially profited from this ongoing ‘piracy’ activity. All at the expense of the record labels and other rightsholders. Most of these alleged copyright-infringers are situated in regular households. However, Cox also offers Internet connections to business clients and many of these – 2,793 to be precise – were also flagged as pirates. This essentially means that the ISP received copyright infringement notices for activity that took place on the IP-addresses that were assigned to these companies. This is a group of customers the RIAA labels are particularly interested in. During discovery, the labels have asked Cox to identify these business subscribers. The ISP initially only shared some billing and payment data, but that was not enough for the music companies, which want names and addresses as well. This is a rather broad request that we haven’t seen before, one that puts the Internet provider in a tough spot. Not least because handing over personal data of customers without a court order goes against its privacy policy. This week Cox and the labels submitted a proposed stipulated order in which the ISP agrees to hand over the information. There doesn’t appear to have been any opposition from the ISP, but both parties request a signed court order to address the privacy policy restrictions. The order, swiftly signed by U.S. District Court Judge Liam O’Grady, requires the ISP to identify the 2,793 business subscribers for which it received copyright infringement notices between February 1, 2013 and November 26, 2014. “It is hereby stipulated and agreed by and between Plaintiffs and Cox that Cox shall make reasonable efforts to notify the Business Subscribers, within five days of entry of this Stipulated Order, of Cox’s intent to disclose their name and contact information to Plaintiffs pursuant to this Order,”. The order also requires Cox to alert the affected business subscribers, who will then have the option to protest the decision. If that doesn’t happen, the personal information will be handed over to the labels. The names and addresses of the business subscribers won’t be made public, as they fall under an earlier signed protective order. This states that any personal information of subscribers is classified as “highly confidential” data which means that it’s for attorneys’ eyes only. While the paperwork is in order, one burning question remains. Why are the RIAA labels interested in knowing which businesses were flagged for copyright infringement? There are no signs that any of these companies will be pursued individually. What is clear, however, is that the music companies see the information as substantial evidence that will help to argue their case. Time will tell what the exact purpose is. Source:TorrentFreak
  4. As Ukraine continues its crackdown on pirate sites, the government has netted itself a surprise suspect. After shuttering four illegal streaming platforms, authorities detained two men - one of whom works for the State Fiscal Service, a high-level government department handling taxes and customs while tackling fraud. During April the Ukrainian government announced the launch of “Operation Pirates”, an anti-piracy initiative aimed at tackling the rising threat of online piracy. “We must learn how to respect intellectual works, because at first glance, watching a videotape on a pirate resource does not pose any threat to the security of society,” said Ukrainian cyberpolice chief Sergey Demedyuk. A memorandum accompanying the initiative was signed by Starlight Media (Ukraine’s largest broadcasting group), Media Group Ukraine (one of the largest media holding companies), TV channel Studio 1 + 1, Discovery Networks, IFPI-member Music Industry Association of Ukraine, and the Ukrainian Anti-Piracy Association. Since the launch of the campaign, no pirate sites have been reported as fallen. This week, however, police announced that they had successfully taken down four video streaming platforms. The main casualty was kinogo.co.ua, a site specializing in movies and TV shows. It was one of the most popular sites of its kind in Ukraine. According to SimilarWeb data, the site was good for around 500,000 daily visits in the month before its demise. Close to 84% of the site’s traffic came from Ukraine, with many of those visitors also going on to visit UAFilm.top, a pirate site operating in the same niche receiving around 100,000 daily visits. These sites, along with the recently-launched kino-hd.top (200,000 daily visits) and the relatively small kino-hd.top, were all shuttered in the latest operation. Police targeted the location from where the sites were administered and the home addresses of the suspects. According to Ukraine’s cyberpolice unit, the operators of all four platforms were two brothers, aged 38 and 32, from the Dnipropetrovsk region in eastern Ukraine. Interestingly, one of the men is reported as working for the government’s State Fiscal Service, which handles taxes, customs, and the fight against tax and customs fraud. As a result, officers also reportedly carried out a search at the suspect’s place of employment, seizing equipment. As is common with the majority of similar platforms worldwide, the four now-defunct streaming sites are said to have generated revenue via advertising. No exact figures have been released but the authorities suggest income of several thousand dollars per month. Police say that a pre-trial investigation under Part 3 of Article 176 of the Criminal Code of Ukraine, which deals with copyright and other intellectual property rights violations, is underway. If found guilty, the brothers face fines or imprisonment of up to six years. In earlier operations carried out this year, Ukrainian authorities shut down more than 60 pirate sites, most operating in the streaming sector. Meanwhile, the United States Trade Representative (USTR) has opted to keep Ukraine on its latest Priority Watch List published last month. “Online piracy remains a significant problem in Ukraine and fuels piracy in other markets,” the report reads. “Pirated films generated from illegal camcording and made available online cause particular damage to the market for first-run movies. In addition, inadequate enforcement continues to raise concerns among IP stakeholders in Ukraine.”
  5. Two major players in the US sports industries, the NBA and the UFC, have informed lawmakers that illicit online streaming hurts their business. Both urge Congress to criminalize streaming piracy, which is currently only punishable as a misdemeanor. The organizations stressed that casual users should be left alone, although a Game of Thrones-loving Senator feels that some penalties for users are warranted.Under U.S. law, streaming and downloading piracy are seen as two different offenses. Not just from a technical point of view, but also in the way they are punished. Unauthorized streaming is categorized as a public performance instead of distribution, which is punishable as a misdemeanor, not a felony. Lawmakers tried to change this with the Commercial Felony Streaming Act in 2011, and later with the SOPA and PIPA bills. These bills were met with public outrage and didn’t pass. As a result, the gap between streaming and traditional file-sharing still remains today. However, calls to change this continue to resurface, especially now that streaming piracy is much more prevalent than file-sharing and downloading. During a hearing at the Senate Committee on the Judiciary last week, two major US sports organizations renewed their calls to criminalize streaming. Among the speakers were Michael Potenza, vice president and intellectual property counsel for the NBA, as well as Riché McKnight, who’s the Global Head Of Litigation at the UFC’s parent company Endeavor. Both sounded the alarm bell about streaming piracy, live streaming in particular. Potenza informed the subcommittee on Intellectual Property that his organization relies on streaming and that it has benefited from the technological advancements that were made in recent years. However, these same technologies are abused by pirates. To fight streaming piracy, the NBA has implemented a multi-pronged approach, of which takedown notices are an important part. The sports league uses a combination of human reviewers and technology to spot illegal broadcasts and tries to shut these down as soon as possible. Unfortunately, many of these reappear soon after. “Even when the NBA is successful in shutting down an illegal streaming website or social media accounts, continued vigilance during all live games is important, as the illegal streams often reappear at a new domain extension or social media account,” Potenza said. In some cases, illegal streams are operated or promoted by criminal enterprises. These sell dedicated pirate streaming boxes, unauthorized subscriptions, or offer web-based streaming portals. These dedicated streams can be virtually impossible to shut down, as they are hosted by companies that ignore takedown notices. “Some of these bad actors actively promote non-compliance with DMCA notices as a reason to sign-up for their ‘DMCA Ignored Hosting’ services. Platforms that utilize these services and fail to respond to take down notices in a timely manner do so intentionally,” Potenza noted. McKnight shared many of the same concerns. He pointed out that UFC events are severely impacted by piracy and hinted that social media and other digital platforms should step up their game. This includes terminating accounts of known infringers, but these companies could do more. “In addition, digital platforms should consider sending out piracy notices to their users before live events — or if that is not feasible, then at least periodically — reminding them that piracy is illegal. Much like the copyright notices at the start of a movie, these warnings can remind law-abiding viewers that unauthorized streaming is illegal,” McKnight said. Another common theme was a renewed call to criminalize online streaming. Both witnesses said that this could help to deter people from getting involved in the pirate streaming business. “Without a real fear of criminal prosecution, pirates are emboldened to continue engaging in illegal activity to distribute sports content – whether it is manufacturing and selling ISDs or operating an illegal streaming service,” NBA’s Potenza said. “It is important to revise the criminal law to recognize illegal streaming of copyrighted content as a felony, which would provide a more effective way to deter illegal streaming,” he added. This call was backed by Endeavor’s Global Head Of Litigation, who added that criminalizing streaming could motivate other countries to follow suit. “Strengthening the penalties will deter illegal streaming and increase the likelihood of prosecutors bringing these cases to court. In addition, it will send a message to the rest of the world that the United States takes this issue seriously, and will provide other countries an incentive to take similar actions,” McKnight noted. While the NBA and the UFC’s parent company agree that penalties for streaming should be similar to those of other forms of piracy, both witnesses stressed that this criminalization should target organized operations, not casual users. “I would clarify that, in terms of proportionality, we’re not seeking these types of penalties for people who simply log onto a pirated stream. Or even just for people who upload a pirated stream or two onto a social media platform,” McKnight said. “I think the casual viewer who’s streaming a game in his or her own home shouldn’t be subject to felony liability, or even misdemeanor liability,” Potenza added. Interestingly, the subcommittee Chairman, Senator Thom Tillis, jumped in at this point noting that he believes some penalties are warranted. Just the other day, he was tempted to look for a pirated copy of Game of Thrones, and potential penalties could motivate people to turn to legal sources more often. “I’m a Game of Thrones fan and I missed the Sunday night episode. Fortunately, I have HBO on demand, so I caught up last night, but there was a temptation for me to go out on the internet and see if I can find some way to get it. I didn’t do it, but if I had, I think it would have been fair if I had some minor penalty,” Tillis said. “That may at least make the general public a little bit more mindful that if you get caught you’re going to pay for it. You need to be aware of that and make sure that you’re going to sites that are legally disseminating the information. I don’t want to completely let the consuming public off the hook,” the Senator added. Based on this response, it seems that there is at least some support in Congress to criminalize unauthorized streaming. However, for now, there are no concrete proposals on the table yet. Source:TorrentFreak
  6. The Alliance for Creativity and Entertainment, the huge anti-piracy coalition that already boasts 33 of the world's largest entertainment companies as members, is about to get bigger. According to MPAA chief Charles Rivkin, the global initiative is about to get a "dramatic" expansion, which is likely to place further pressure on pirates worldwide. For more than 15 years and mainly since the rise of BitTorrent-based sharing, sites and platforms offering Hollywood movies or TV shows have been wary of the MPAA. At any moment, BitTorrent trackers and indexers could find themselves in the group’s crosshairs, targeted by full-blown lawsuits or threats that the same would follow, if infringing activity continued. But while the threat was real, litigation has always been expensive, sometimes prohibitively so. Furthermore, video content being shared by pirates wasn’t always owned by the studios of the MPAA, allowing many sites to slip through the net. In June 2017, the MPAA began plugging both of these loopholes with the launch of the Alliance for Creativity and Entertainment (ACE), a huge anti-piracy coalition featuring not only MPAA members, but companies like Amazon, Netflix, CBS, HBO, and the BBC. After adding Discovery Inc. and two Viacom-owned companies back in March, ACE now has 33 members. This not only means that it’s becoming more and more difficult to run a ‘pirate’ video platform or service without treading on at least one member’s toes, but there are almost three dozen large to huge companies now sharing the financial burden of chasing down pirates. Now, according to MPAA chief Charles Rivkin, ACE is about to become even more powerful. In an interview with WorldScreen, Rivkin detailed some of ACE’s achievements so far, such as shutting down 123Movies and taking on TickBox and Dragon Box, companies operating in the so-called ISD (illicit streaming device) market. A case against Omniverse is still ongoing. “We were able to win in court against pirate operators called TickBox and Dragon Box, and they represent a new threat: the internet streaming devices, the ISDs, that are basically devices that can be purchased completely legally but when loaded with illegal software, can do enormous damage to content. It’s a never-ending fight, but we’re starting to make a big difference,” he said. “And it’s an existential threat for some of the small and medium businesses that make up the industry. I was speaking to some broadcasters in Paris who said that piracy can be as big as their entire bottom line. And the impact on entertainment companies is huge, so this is a top priority for us.” That Rivkin mentions 123Movies (Vietnam), then Tickbox and Dragon Box (United States), followed by France (Canal+ is an ACE member), shows that the fight against piracy is going global. ACE has already targeted several Kodi-related platforms and add-ons in the UK since its inception, yet another sign that no important region is off-limits. If there is business worth doing there, ACE either has it covered already or will have it in hand fairly soon. “Every major market has a participating member. We’re in the process of dramatically expanding [ACE] even more. It is already the premier global effort to reduce piracy,” Rivkin added. How this expansion will manifest itself is not yet clear, but it seems likely that ACE will continue with its strategy of ‘loud’ public litigation (such as that taken against TickBox and Dragon Box) and selective ‘quiet’ action against certain players. Last month, ACE told TorrentFreak that it had “sought and obtained voluntary cooperation from a significant number of owners, operators, and developers of sites, add-ons, and services” that facilitate piracy. “We will execute more planned global actions along these lines and look to continue our success protecting creators around the world,” ACE spokesperson Richard VanOrnum added. These ‘quiet’ actions are of course intriguing. From the limited information available to us, it seems clear that they vastly outnumber the volume of ‘loud’ actions seen thus far and mainly target products with a large audience (Kodi add-ons and builds, for example) but without the obvious commercial element of many ‘pirate’ sites and services. However, we have received information which suggests that large platforms may not be immune from being presented with settlement agreements, which form part of the process to cease-and-desist. This complicates reporting because documentation previously seen by TF requires those targeted not to tell anyone apart from their lawyers about the approach to shut down. In return, ACE promises not to make their identities known, meaning that details shared are kept to a minimum. For example, last week huge IPTV service Vader shut down, stating that it had been approached by companies seeking its closure. The platform didn’t mention ACE directly but if anyone would like them to close down, ACE would be the prime candidate. We asked ACE if the coalition was behind the closure and a spokesperson promised to send over a statement. Thus far, however, we haven’t received anything back. While a comment may yet be forthcoming, an additional document sent to TF (the veracity of which we haven’t been able to independently confirm), suggests that Vader has been given the opportunity to settle. If that’s indeed the case, the matter could potentially disappear into the ether, as so many other services and tools have also done in recent times. Either way, we can probably expect much more of this type of action in the future, as ACE’s “drastic” expansion brings in more funds and tentacles in every corner of the world. Source:TorrentFreak
  7. The RIAA has obtained a subpoena from a Columbia federal court ordering Cloudflare to hand over the IP and email addresses and all other identifying information related to several allegedly infringing users. The RIAA notes it will use the information it receives to protect the rights of its member companies.Despite the increased availability of legal options, millions of people still stream, rip, or download MP3s from unofficial sources. These sites are a thorn in the side of the RIAA, one of the music industry’s leading anti-piracy outfits. The RIAA has a long history of going after, what it sees as, pirate sites. The problem, however, is that many owners of such sites operate anonymously. The group, therefore, often has to turn to third-party intermediaries to find out more. While some services may be willing to voluntarily share information with the music industry group, many don’t. Cloudflare falls into the latter category. While the CDN service does voluntarily reveal the true hosting locations of some of its users, it doesn’t share any personal info. At least, not without a subpoena. Luckily for rightsholders, getting a subpoena isn’t very hard in the US. Under the DMCA, copyright holders only have to ask a court clerk for a signature to be able to demand the personal information of alleged copyright infringers. That’s exactly what the RIAA did last week. In a letter sent by Mark McDevitt, the RIAA’s vice president of online anti-piracy, the music group informs Cloudflare that it requests personal details including names, addresses and payment information relating to the operators of six domains, which are all Cloudflare users. The domains in question include those connected to the file-hosting site DBREE, music release site RapGodFathers, file-host AyeFiles, and music download portal Plus Premieres. The sites are accused of sharing copyrighted tracks from artists such as Pink, Drake, and Taylor Swift. “We have determined that users of your system or network have infringed our member record companies’ copyrighted sound recordings. Enclosed is a subpoena compliant with the Digital Millennium Copyright Act,” the RIAA’s McDevitt writes. “As is stated in the attached subpoena, you are required to disclose to the RIAA information sufficient to identify the infringers. This would include the individuals’ names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account history.” The RIAA stresses that the mentioned files are offered without permission and it asks Cloudflare to consider the widespread and repeated infringing nature of the sites and whether these warrant a termination under its repeat infringer policy. At the time of writing the sites are still using Cloudflare’s services. However, the allegedly infringing files are no longer available. These were presumably removed by the site owners. There is no obvious connection between all the targeted sites. However, RapGodFathers is a familiar name when it comes to anti-piracy enforcement. Nearly ten years ago, the site was targeted by the U.S. Government, but the name is still around today. It is unclear what RIAA plans to do with the requested information. It could form the basis of a legal complaint, but the music group may also use it to contact the site operators more directly. The letter only mentions that the information will be used to protect the rights of RIAA member companies. “The purpose for which this subpoena is sought is to obtain the identities of the individuals assigned to these websites who have reproduced and have offered for distribution our members’ copyrighted sound recordings without their authorization. “This information will only be used for the purposes of protecting the rights granted to our members, the sound recording copyright owner, under Title II of the Digital Millennium Copyright Act,” the letter adds. What this “protection” entails remains a mystery for now. While the court clerk signed the DMCA subpoena, Cloudflare still has the option to object, by asking the court to quash it. However, thus far there are no signs that the company plans to do so. Source:TorrentFreak
  8. Late April, researchers acting on behalf of the Digital Citizens Alliance, which tries to deter piracy, published results of a study indicating that the popular Mobdro streaming application is malicious. Speaking with TorrentFreak in depth, the developers say the claims being made are false and misleading. Late April the Digital Citizens Alliance, which regularly campaigns against online piracy, published results of a study into ‘pirate’ online streaming apps. Carried out by network security company Dark Wolfe Consulting, the report placed focus on popular Android-based streaming app Mobdro. The report claimed that Mobdro carries out a number of malicious acts, including the stealing of wifi names and passwords. It also allegedly accessed other media content and legitimate apps on the researchers’ network. According to the study, Mobdro acted in other suspicious ways too, ones not authorized by the user. Over the past several days, TorrentFreak put every single allegation to the developers behind the official Mobdro software who were happy to answer our questions. In short, they either completely dispute or give explanations for every claim made against them. TF: Does Mobdro attempt to steal users’ wifi names and passwords? Mobdro: It’s impossible that our app reads wifi passwords because first of all, it is impossible for an Android app to read wifi passwords or any sensitive system data without the device being rooted. So the user would have to root his device first, so that statement is completely ridiculous. Basically, no Android application can read files outside of its working directory. In the case of wifi passwords, they are stored in the /data directory of the Android device. This folder is not readable unless you have a rooted [device], because it’s a protected system directory. TF: To be clear, does Mobdro attempt to get a wifi password from a rooted device? Mobdro: No, the app does no attempt to get wifi passwords on any device. Rooted or non-rooted, the app does not try to get any wifi password. It can be shown via a simple test. Get a rooted device and if Mobdro tries to read protected data, then the rooted device would prompt you to allow or disallow Mobdro root access. As simple as that. But the burden of proving something does not rely on us, it relies on [the researchers]. They should prove that the app does what they accuse us of doing. TF: The researchers’ next big claim is that Mobdro tried to access media content and other legitimate apps on the researchers’ network. Is that true? Mobdro: The only permission required in the app is to access external storage [TF note: An earlier permission to access location is no longer required]. [The external storage] permission is used to save updates in the external storage of the device because Android only allows installations of APKs when they are located in external storage (for off-store apps like Mobdro). Also, this permission is used to download/cast streams when the user chooses to do that. Unfortunately, Google gives the read external storage permission a name that leads to confusion, like the app could access your files and modify them etc. But the folder [Mobdro] accesses is a folder located under /sdcard/Mobdro where it downloads APK updates, streams or files necessary for casting. TF: The researchers say that Mobdro “port knocks” which they explain as a “process to look for other active malware.” They also said Mobdro accepted commands but admitted that since they were “either encrypted or encoded” it made it “difficult to analyze for infection.” What are they talking about? Mobdro: To protect against unofficial versions [TF note: Mobdro is often cloned and modified by third-parties] we have some anti-tampering measures. One of them was to detect the presence on the user device of the Frida toolkit. This is a kit used by ‘crackers’ to remove the SSL certificate we use to [securely] communicate with the servers that host the API. When they break this protection they then release their unofficial versions. In past versions (prior to 2.1.34) we tried to detect the presence of the Frida toolkit in the user device and one of the methods to try to detect Frida was to try to connect to the port that Frida uses in the device. If a connection was succesful we enabled anti-tampering measures. In newer versions, we no longer have these anti-tampering measures because we found a way to make it very difficult to break the SSL protection within the app. TF: The study claims suggests that Mobdro can receive potentially malicious commands “through movie streams”. What’s the official response to that claim? Mobdro: We don’t know what they are talking about here. Some commands from a movie stream….encrypted…Does not make sense to us to be honest. When Mobdro gets a video stream, it fires a video player that uses the FFmpeg API and that’s it. The result is the stream being displayed on the phone, tablet or Android TV. TF: The study says that it’s also possible for a “threat actor” to log in to a user’s device via Mobdro and then navigate away from the device to the Internet, effectively posing as the user online. In our initial report, we noted that this is probably referencing Mobdro’s use of the Luminati network, as used by the proxy app Hola, something highlighted in Mobdro’s EULA. Anything to add? Mobdro: We have included a mode called NO ADS mode, in which the user accepts to be a peer in the Luminati Network. The default mode is and will be ADS mode. If the user does not want to see ads, the user has the possibility to not see them in exchange for their network resources under certain circumstances that are explained before accepting to be a peer. The user has to click and accept the Luminati EULA that is prompted when the user clicks on ‘remove ads’ before enabling the NO ADS mode. Mobdro final comment: We are busy enough trying to keep the app afloat without doing these crazy things that they accuse us of. But again, they should show the proofs that the app is doing these crazy things. What they describe maybe could be done if we were founded by a government [agency] like the CIA or the Mossad and we were looking to infect and destroy nuclear centrifuges. [END] Whether the researchers will provide more information to back up their claims remains to be seen. If the source material that led them to publish the claims against Mobdro (and indeed other applications) was made publicly available, it would certainly help to clear up the confusion and ambiguity. It would also allow anti-virus and anti-malware companies to do their own analysis and publish their findings too. Currently, we are not aware that Mobdro triggers malware warnings with leading vendors, which either means it doesn’t contain malware, or these products are missing something serious. At this point, it’s down to simple faith as to who one believes. Source:TorrentFreak
  9. Due to disagreements in staff, NordicBits is shut down from this day. We are all very sad about this development. Without going into details, today's staff meeting ended up with most of the staff leaving the site's management, and in the light of this, Owner decided to shut down the site. This development was very unexpected, but unfortunately we saw no other way out. We are still a group of staff members who are passionate about giving you the best platform in DK, so we are considering starting something else and hope that many of you will follow us if this is the case. Check back here for info on the development.
  10. Open FLS Recruitment Hello Pervs! Empornium is always in need of helpful individuals that are interested in keeping the site running smoothly. For the first time in years we have decided to relax our closed door policy on accepting new First-Line Support staff, and for the time being we have decided to recruit users through the forums. We're looking for qualified users who can invest a few hours a week in site-related activities. The FLS are a vital component in helping to keep Empornium running smoothly. They assist by answering questions via StaffPM and IRC, and also checking forum posts/torrent comments for rule violations. Staff may also ask or assign other duties to FLS team members as needed, including but not limited to running contests and assisting with Medals and Awards. FLS and Staff work closely together and the staff value the opinions of the FLS. At this time we are compiling a list of names from the users who express an interest in joining the FLS. (This may cease or continue based on our current needs and user response). Posting in this thread does not guarantee that you will be selected. If you are chosen you will be contacted by a StaffPM with more information and instructions on how to proceed. If this is something you are interested in and you meet the requirements, simply post in the thread linked below. You must be a Good Perv or higher. Your account must be at least 6 months old. Your account must be in good standing. You must have 2FA enabled or be willing to enable it. You must be an active contributor of the community. IRC is required when performing FLS tasks. Thread: Open FLS Recruitment
  11. As migration to UNIT3D draws closer, we are now taking steps to ensure a smooth transition to the new platform. As mentioned earlier, invites were removed and refunded for BP (see news below). Now, the next step for migration is give users the ability to set a password on the new site. We are now offering a form where you can reserve a password on the new site. For security reasons, current passwords are encrypted are not compatible with the new site. This form will allow you to reserve a password on the new site. This is optional, you will still be able to recover a temporary password at the new site if you have access to your BeyondHD linked email address (so it would be wise to confirm that you do). Click here to set your password for the new site. Thank you for your patience, the new platform should be ready in the coming days! - BeyondHD
  12. Hi, as so many of our users including all our staff use seedboxes i decided that copy pasting the download button into my client was boring. This boring process is why many scripts and tools exist to search sites and source what you want, however for me i like to search the site, instead of pre-configuring another tool to do it for me when the item in available later. And so the Queue system is born, its very simple next to the "DL" button on torrents page is now a "Q" button for simple Queue and "FLQ" for Personal FreeLeech Queue. The site will now store each item per user in a queue for a MAX for 14 Days, a bearbones script can now call the torrents.php?action=getqueue page to access Queue'd requests. It works similar to the standard Gazelle Ajax pages, its AUTH'ing works identical to the torrents.php?action=download Page. You can either use Cookies like many upload scripts, or you can use your account keys like many download scripts, here is example. URLs are in this form: torrents.php?action=getqueue&authkey=KEY&torrent_p ass=PASS authkey and torrent_pass are only needed IF you are not using the standard gazelle cookie method. Click HERE to view the standard JSON replys: Show You will either get a "response" array or an "error" array, if you get "error" just have your script stop, an "error" array will be "none" if your queue is empty or "delay" if your script is request to fast. We use Cache to block spam requests, each request will pass back up to 8 items for your script to process and then add a 55 second delay on your next request, each time to add an item to your Queue it resets the next queue delay to 20 seconds , this is to alone Queue building to reduce the need for mass requests to AR's web server. TorrentID's are NOT removed from the Queue system until your script downloads them, unless they get to 14 Days old, then the system will Auto purge them. i have made an example in PHP for AR Seedboxes, i will post other users script here if they wish, but i ask all examples use AR Seedbox path so users can read/change easily. crontab: Show queue.php: Show
  13. Six years ago this week, Russia introduced new copyright amendments which would allow rightsholders to have pirate sites blocked by local ISPs. To mark the anniversary, telecoms watch Roscomnadzor has revealed that its currently blocking 9,500 copyright-infringing sites, almost double the amount revealed last year. On August 1, 2013, Russia implemented new legislation which allowed rightsholders to block video content that had been posted online illegally. Following amendments, a year later the same protections were extended to other kinds of intellectual property, excluding photographic works. On May 1, 2015, yet more new rules made it possible for sites to be permanently blocked if they are considered to repeat or persistent infringers. Authorities revealed that around 3,400 sites were affected. Last year, telecoms watchdog Roscomnadzor revealed that around 5,000 were being blocked by local ISPs on copyright grounds. This put the country at the forefront of pirate site blocking worldwide. But the blocking efforts were to continue at an accelerated pace. This week, to mark six years since the introduction of the original law and five since the amendments that allow most rightsholders to request a blocking order, Roscomnadzor told TASS that the total of blocked sites has rocketed. “To date, Roskomnadzor has processed about 6 thousand complaints at the Moscow City Court on taking interim [blocking] measures,” a spokesperson from the watchdog told the publication. This means that more than 9,500 ‘pirate’ sites are now blocked in Russia, almost double the amount reported last year. For reference, the United States, Russia’s fiercest critic when it comes to intellectual property issues, currently blocks zero sites on copyright grounds. Just last week, Roscomnadzor revealed that it had taken drastic measures in order to protect the new series of Game of Thrones from piracy. “Based on the claims of the right holders received by Roskomnadzor, response measures are being taken to restrict access to illegal copies of the foreign series Game of Thrones,” it said in a statement. The watchdog revealed that the complaints led it to take action against 327 sites providing access to the infringing content. While blocking pirate sites is an option in Russia, taking that kind of action against big legal sites such as social networking giant vKontakte isn’t practical. That’s why after almost six years of blocking, Eksmo – one of Russia’s largest publishers – sued vKontakte last month for the fourth time. A preliminary hearing is scheduled for May 24. Source:TorrentFreak
  14. Several major labels including Universal, Warner Bros, and Sony, say that there is no need to travel to Russia to sue the operator of the steam-ripping sites FLVTO.biz and 2conv.com. Responding to a recent defense brief at the Court of Appeals, the music companies argue that the Russian site operator should defend himself and his site in a US court.Last year, a group of prominent record labels filed a piracy lawsuit against the Russian operator of YouTube-ripping sites FLVTO.biz and 2conv.com. The labels hoped to shut the sites down, but this effort backfired. In January, US District Court Judge Claude M. Hilton dismissed the case due to a lack of jurisdiction. The Court carefully reviewed how the sites operate and found no evidence that they purposefully targeted either Virginia or the United States. Many copyright cases against foreign operators result in default judgments. However, this lawsuit transformed into a landmark case that will determine when such operators can be sued in the United States. As such, the record labels swiftly appealed the District Court’s dismissal. Tofig Kurbanov, the Russian operator of the stream-ripping sites, is not backing off though. With help from his US-based legal team, he maintained that US courts have no jurisdiction over the matter. If the record labels want a legal battle, they should come to Russia instead. In a reply brief filed at the Court of Appeals for the Fourth Circuit this week, the record labels counter the defense’s arguments. The operator of the stream-ripping sites argued that his contacts with the U.S. were “random, fortuitous, or attenuated,” but the music companies state that the opposite is true. The labels note that the site operator knows exactly where all users are located. Millions are in the U.S., and together these people ripped close to 100 million streams last year. Many of these ripped streams were of copyrighted content, the music companies argue. “Appellee knows down to the person the geographic location of the 32 million U.S. users and more than half-a-million Virginian users who visited the Flvto.biz and 2conv.com websites in 2018. Those users engaged in almost one hundred million stream-ripping sessions,” the reply brief reads. “During a substantial number of those sessions, the websites transmitted illegal copies of appellants’ sound recordings to users’ home computers in the U.S. and Virginia. Indeed, the United States is appellee’s third largest market globally, both by number of users and number of stream-ripping sessions conducted.” The United States is the third largest market for the stream ripping websites, the labels argue. Not just that, but it’s also a market that’s specifically targeted with geo-located advertisements. In his defense, Kurbanov stressed that the advertisements are outsourced to third-party advertising brokers. However, the labels counter that the website owner willingly hired these and that he, therefore, bears responsibility. “Moreover, appellee earns huge revenues from the advertisements his U.S. users view while conducting their stream-ripping sessions—advertisements specifically targeted to users’ geographic location in the U.S. because of the geotargeting technology that appellee uses. Appellee knows full well this geo-targeting is occurring,” the reply brief reads. The record labels also point out that the site operator cited various contacts with the U.S. to then argue that, in isolation, these are not sufficient to warrant jurisdiction. However, the rightsholders say that a different picture emerges when all elements are taken together. Looking at the big picture, a US Court should be allowed to take on this case, the record labels conclude. The alternative would be to sue the site operator in Russia. This is what the defense has suggested, admitting that this would be somewhat burdensome for the U.S. companies. The record labels, however, believe that would be absurd. “In short, nothing in the Constitution requires that U.S. copyright holders travel to Rostov-on-Don, Russia to sue for violations of U.S. law that occur in the United States and that generate huge profits for appellee from ads targeted at U.S. users. “The decision of the district court should be reversed,” the labels add. It is clear that both sides have a completely different take on the matter and with various rightsholder groups and EFF jumping in as well, the gravity of this case is obvious. It is now up to the Court of Appeals to weigh the arguments from both sides and come to a conclusion. Source:TorrentFreak
  15. Vader: Large ‘Pirate’ IPTV Provider Shuts Down, Promises to Protect Customers Vader, one of the leading providers of pirate IPTV services, has shut down. One of the most visible brands in the industry, Vader (or Vaders) reached many of its customers through a network of re-sellers. The service insists that no customer information will fall into the wrong hands but as things stand, nothing seems certain. Over the past several years, third-party Kodi add-ons have given many Internet users a new enthusiasm for streaming live TV. For many, the next logical step was to upgrade to a premium provider of IPTV services. For a relatively small fee, these platforms grant access to hundreds and often thousands of live channels at a fraction of the official cost. Needless to say, few – if any – of these providers have the necessary licensing in place to conduct their business legally. While a few prominent names have risen to the top of the pile, without doubt one of the most well-known brands is Vader. Notable for its Darth Vader logo (of which dozens of variants exist online), Vader has long been the go-to choice for IPTV fans. Now, however, the ride appears to be over. For the past couple of days, online chatter has suggested that Vader might be about to throw in the towel. A few hours ago, that was confirmed on the service’s Telegram channel with an official announcement that Vader would be shutting down. “We have no choice but to close down Vader. We can’t reveal much publically, but by now some of you should know through the other means what happened,” the notice begins. “We tried everything in our power to avoid this, to avoid any outage, but enough people worked against us.” Being a customer of a service like Vader is not like dealing with HBO or Netflix, so those expecting a clear and definitive explanation for why the service has disappeared will be disappointed. The fact that something “happened” isn’t really up for dispute but precisely what that was remains open to speculation. TorrentFreak has received as-yet unconfirmed reports that Vader is currently the subject of an anti-piracy investigation, complicated by the departure of a member of staff a while back. We’ll seek comment from the anti-piracy group implicated before elaborating further. The notion that Vader is on the radar of content companies will come as a surprise to absolutely no one. In addition to its live TV offering, Vader also offered catchup and many movies on demand, which was understandably problematic for the provider from a Hollywood perspective. It’s fairly obvious that Vader was under pressure and that they feared negative consequences from continuing. However, the service has taken the time to reassure customers of all kinds that they will do their best to protect them. “We’re going to make sure, no Email, IP, account + reseller name goes to the wrong hands. Everything will be wiped clean and that’s all,” the service’s statement adds, without further detail. Anyone Googling the name Vader and IPTV will find themselves confronted with a dazzling array of sites that claim to be Vader. However, many of these sites are operated by “re-sellers”. These people generally have access to a ‘panel’ operated by the official Vader service which provides tools for them to offer the product to the public, while earning a profit. Several sources indicate that these panels are no longer available. This claim is supported when accessing many of the sites that act as Vader re-sellers, whose pages dedicated to the product now invariably return 404 “Not Found” errors or divert to offerings from other providers. This in itself is a big issue for those re-sellers. First of all, paying up front for Vader services probably means that they will lose money. Quite how much will depend on the scale of the re-seller but Vader is appealing for them not to pursue their losses. “I understand a lot of clients will be pissed and will dispute [try to claim the money back from the source from which it was paid]. We would appreciate if everyone would take the financial losses we are all going to take, as resellers and direct sellers. But we will also understand people who will want [their] money back,” Vader adds. The fact that Vader has shut down will send decent-sized ripples across much of the IPTV space. Of course, those behind the service and their re-sellers will take a hit, but everyone who subscribed to the platform faces losing their money too. Former customers could try claiming the money back from their re-seller but there are already signs that some are seeking to shift their clients to alternative providers. Some are making noises about doing this for free but it’s possible that other re-sellers will head for the hills. This is the downside of dealing with IPTV providers and/or re-sellers. The product is essentially a bargain but is subject to termination at any moment. It’s therefore often accepted that anyone who signs up should make peace with losing their money right from the start but be grateful when any service works as planned. Signing off, the operators of Vader wish their former customers and re-sellers well. “May you find a new and welcoming home!” they conclude. The big question now is how prepared other providers are for the influx of new subscribers. It’s not clear how close to capacity the current wave of big providers are operating, or have many subscribers Vaders had, so there could be service issues moving forward. Source: TorrentFreak