Bahnhof has suffered a major defeat against publisher Elsevier after a court ordered the Swedish ISP to block a series of domain names, including Sci-Hub. The decision goes against everything the company stands for but it can’t ignore the blocking order. Instead, the ISP has gone on the offensive by blocking Elsevier’s own website and barring the court from visiting Bahnhof.se.
A game studio that admitted to uploading a rigged copy of its own game to torrent sites informs TF that the positive feedback has been ‘overwhelming’. NoodleCake’s special version of Shooting Stars! features an unbeatable boss as a marketing stunt, a move that’s a million miles better than the anti-piracy schemes of yesteryear.
Senate Minority Leader Harry Reid, D-Nev., on Monday used last week’s appellate court ruling that NSA bulk collection of call records is illegal to bash his Republican counterpart for wanting to keep it going through 2020.
“My friend, the Majority Leader, keeps talking about extending the program for five and a half years,” Reid said from the floor of the Senate, referencing Sen. Mitch McConnell, R-Ky. “How can you reauthorize something that’s illegal?” Reid asked. “You can’t. You shouldn’t.”
“Extending an illegal program for five and a half years? That is not sensible,” he said. “What should happen is that we should move forward and do something that is needed here — and that is, do it all over again.”
On Sunday at a speech in Boston, McConnell called the bulk phone call metadata collection program “an important tool to prevent the next terrorist attack,” and said that the U.S. “is better off with an extension of the Patriot Act than not.” Three provisions of the Patriot Act are set to expire on June 1, including one that the NSA has claimed justifies the program.
Reid offered an alternative Monday, saying that McConnell should seek to advance the USA Freedom Act, a bill that would end the bulk collection of metadata from domestic phone companies. He pointed out that a version of the bill passed out of the House Judiciary Committee in April by a 25 – 2 vote, and predicted that the legislation would be advanced by a full House vote this week.
Reid also painted the bill as an escape hatch for McConnell — and said he would back a revolt that’s being openly planned, should the Senate Majority Leader attempt to move for a clean extension of the Patriot Act. Sens. Ron Wyden, D-Ore., and Rand Paul, R-Ky., have already threatened filibusters.
“This is the only bipartisan, bicameral solution we have today that will end the illegal bulk collection and reform and reauthorize key provisions of FISA,” Reid said.
“Otherwise … I’m not the only one, Mr. President,” he added. “I’m told, walking over here, that the junior senator from Kentucky is not going to let an extension … take place. So why don’t we just go ahead and get it done now.”
Early March, US-based company TCYK LLC began demanding cash from customers of the UK’s second largest ISP, Sky Broadband. In 2014 TCYK monitored BitTorrent swarms for individuals sharing their movies without permission and eventually forced Sky to hand over the alleged file-sharers’ personal details.
Virgin Media customers were targeted by an almost identical wave of letters shortly after, this time sent by well-known copyright troll outfit Mircom. Representing several overseas porn companies, Mircom also want cash to make supposed lawsuits go away.
This week the latter case provided a sinister twist. After TF revealed that Mircom was trying to hide its identity from its domain WHOIS, a reader reported the company to domain registry Nominet. Soon after Mircom.co.uk revealed its true operator to be GoldenEye International, another copyright troll outfit that had featured in previous UK cases. Emails currently being sent to letter recipients also confirm that GoldenEye are handling their claims.
The apparent murkiness of these cases only adds to the anxiety of letter recipients, but today they have some good news. Michael Coyle of Southampton-based Lawdit Solicitors informs TorrentFreak he will give his time for free to defend those accused.
Coyle is one of the most experienced UK-based solicitors in the file-sharing arena. Since 2008 he has spoken with or acted for more than 700 individuals who have received so-called Letters of Claim, including those involved in the infamous ACS:Law case that ended with solicitor Andrew Crossley being severely disciplined.
Coyle says he expected that affair to signal the end of ‘trolling’ in the UK but recent events have sadly proven him wrong.
The FREAK (Factoring RSA Export Keys) flaw allows bad men to exploit those secret intimate moments shared between certain web browsers and HTTPS websites. Just when your copy of Safari begins rubbing the website’s knee and mumbling “you know you want it” in its ear, FREAK allows the hooligan element of the online world to tip-toe unnoticed into the room. By the time Safari has finished sweet-talking the website and is fumbling with its zip before establishing a “safe connection”, the rascals have stolen its johnnies.
The weakness in the connection security at this stage was the result of a governmental directive some 20 years ago that good encryption should not be exported to that dark and dangerous place outside the US known as “the rest of the world” (AKA “terrorists”).
In many cases, security flaws are loopholes left behind due to the complexity of the digital antagonism between trying to enable a thing while preventing that thing. FREAK, on the other hand, was created as a deliberate act of self-sabotage, determined by the Powers That Be in full knowledge of the potential consequences.
Blame politicians for their lack of long-term vision if you like, but this is hardly the point. Politicians come and go and fill their pockets and die: this is what we expect politicians to do and we vote them into office so that they can do it. If there’s any lack of forward-thinking involved, it starts at the ballot box.
But in this instance, lots of people at the time said that relaxing encryption was A Stupid Idea. So the politicians and their advisers knew it was daft and still went ahead.
Consider the Y2K bug or the 2038 bug or whatever. The very fact that these things have names suggests that someone somewhere had the foresight to think about them in advance. They began as oversights and go on to be exploited, and then go on to be fixed.
It strikes me that the IT industry enjoys watching security go titsup time and time again, simply so that it can fix it.
Despite what we already know, not least what we have learnt this FREAK week, someone somewhere is probably still advising the British prime minister that message encryption was invented by Osama bin Laden and should be zero-dark-thirtied at the first opportunity. National security, he is being advised, can only be achieved by criminalising er… security. Duh.
I blame these same advisors for the reckless re-emergence of biometric checks as a form of authentication. Surely it’s obvious to everyone that the fingerprint login on iPhones 6 and iPad Air devices is just a bit of fun, not a serious stab at effective security. Yet RBS and NatWest banks are introducing fingerprint access for accounts via mobile devices, and the scary bit is that they’re not laughing.
Biometrics are bollocks. Some El Reg readers may recollect Steve Jobs years ago demonstrating VoicePrint verification in Mac OS 9: “My name is my password”. It was just a little joke, though: a laugh, a trick to delight the kids. It certainly wasn’t secure.
By the way, if you do remember this short-lived feature, well done: most long-time Mac users have already forgotten this turd of biometric nonsense.
In sci-fi action films, when a retina scan or a fingerprint is required to gain access to the high-security lab of an evil genius, the hero plucks out or hacks off that item from an unsuspecting minion in a lab coat and simply waves the relevant bloodied body part in front of the clichéd scanner thingy. For voice-activation, I wouldn’t be surprised to see a cinematic hero trying to blow though the vocal cords he’d ripped out of the chief scientist’s neck.
Of course, for voice activation, all you’d need to do is to hire a voice actor for your crack team, or invite that bloke down the pub who can do impersonations. Just imagine if James Earl Jones had voice activation on his bank account: you could break into it using a Darth Vader voice-changer from a toy shop.
VPN services have become an important tool to counter the growing threat of Internet surveillance, but unfortunately not all VPNs are as anonymous as one might hope. In fact, some VPN services log users’ IP-addresses and other private info for months. To find out how anonymous VPNs really are, TF asked the leading providers about their logging practices and other privacy sensitive policies.
spyBy now most Internet users are well aware of the fact that pretty much every step they take on the Internet is logged or monitored.
To prevent their IP-addresses from being visible to the rest of the Internet, millions of people have signed up to a VPN service. Using a VPN allows users to use the Internet anonymously and prevent snooping.
Unfortunately, not all VPN services are as anonymous as they claim, as several incidents have shown in the past.
By popular demand we now present the fourth iteration of our VPN services “logging” review. In addition to questions about logging practices, we also asked VPN providers about other privacy sensitive policies, so prospective users can make an informed decision.
You should all read Wil Wheatons memorial of Leonard Nimoy here.
Due to complicated licensing agreements Netflix is only available in a few dozen countries, all of which have a different content library.
The same is true for many other media services such as BBC iPlayer, Amazon Instant Video, and even YouTube.
These regional blockades are a thorn in the side of Andrus Ansip, Vice-President for the Digital Single Market in the European Commission. In a speech this week he explained why these roadblocks should be abolished.
“Far too often, consumers find themselves redirected to a national website, or blocked. I know this from my own experience. You probably do as well,” Ansip said.
“This is one of many barriers that needs to be removed so that everyone can enjoy the best Europe has to offer online. It is a serious and common barrier, as well as extremely frustrating,” he added.