MPAA Hires Law Firm to Tackle Streaming Piracy Threat


At the turn of the century, downloading movies and TV shows from the Internet wasn’t a particularly attractive proposition. The process was cumbersome and content availability was poor.

Early peer-to-peer file-sharing applications gave the activity increased exposure, with multi-source downloading improving speeds for a growing audience. However, when BitTorrent came along and gained traction around 2003, the phenomenon exploded.

While tens of millions of torrent users are still active on a daily basis today, another type of unauthorized content delivery is grabbing most of the headlines. Video streaming, which has been going from strength to strength over the past eight years and more, is now perceived as the greatest threat to Hollywood.

Torrents have a relatively steep learning curve but streaming does not. If a person can operate Netflix, he can also use a pirate streaming website. The process is made even more simple with the latest desktop and mobile applications, which are so intuitive a child can use them – and many do.

Lobbying registration documents recently filed with Congress indicate that the MPAA is taking the threat very seriously. First reported by O’Dwyer PR, they reveal that the Hollywood group has hired Fort Lauderdale-based law firm Becker & Poliakoff to take the battle against piracy to Capitol Hill.

Filed as required under the Lobbying Disclosure Act of 1995, the documents reveal a two-person team representing the MPAA’s interests.

They are Senior Corporate & Government Relations Director Bert Gómez, who opened TV broadcaster Univision’s Washington government relations office and has 25 years of lobbying under his belt. And Omar Franco, the Managing Director of Becker’s Washington, D.C. office, who previously acted as Chief of Staff for Congressman Mario Diaz-Balart.

The disclosure sums up the MPAA’s aims in a short paragraph. The lobbyists will tackle copyright policy on Capitol Hill, with an emphasis on “streaming piracy devices and applications” and the “economic impact of film industry production.”

Taking the piracy fight to Capitol Hill

Today’s buzzing ‘market’ for online streaming devices and applications will give Gómez and Franco plenty to discuss. In addition to the now ubiquitous Kodi and the swarm of third-party addons flooding its ecosystem, mainly Android-based applications are causing headaches for all of the studios.

Tools such as Terrarium TV and Showbox are becoming household names, with these and similar tools often pre-loaded onto set-top boxes to provide an accessible and entirely free Netflix-like experience to everyday consumers.

Unlike Netflix, however, these types of applications grant access to all content – no matter how new – meaning that first-run movies are regularly available during week one, something which famously causes a red mist to descend upon studios bosses everywhere.

As the leading force behind the Alliance for Creativity and Entertainment (ACE), the MPAA has already shown it has illegal streaming firmly in its sights.

The thirty-company global coalition, which also features Amazon, Netflix, CBS, HBO, BBC, Sky, Bell Canada, CBS, Hulu, Lionsgate, Foxtel, and Village Roadshow, is currently engaged in legal action against various players in the illicit streaming sector.

Set-top box sellers such as SET TV and Tickbox have already found themselves in court, while various Kodi addon developers have quit following legal threats. However, this is just the tip of a massive iceberg that will take years to melt, even if the MPAA massively turns up the heat.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

The Sci-Hub Effect? Prominent Research Councils Push Open Access


Little more than three years ago Elsevier, one of the world’s largest academic publishers, took Sci-Hub to court.

It was an unfair battle from the start. With a net income of more than $1 billion per year, the publisher could fund a proper case, while its nemesis relied on donations.

Elsevier won the case, including millions of dollars in damages. However, the site remained online and grew bigger. Looking back today, Sci-Hub and its founder Alexandra Elbakyan may very well be the moral winner.

This week a group of eleven prestigious European research councils announced that they have agreed to give Open Access a massive push.

“By 2020 scientific publications that result from research funded by public grants provided by participating national and European research councils and funding bodies, must be published in compliant Open Access Journals or on compliant Open Access Platforms,” they note.

In other words, this publicly funded research can no longer be locked away behind expensive paywalls, which mostly benefits wealthy publishers. It should be as open as…Sci-Hub.

This is a massive deal in academic circles. Traditionally, many researchers preferred “high impact” journals as these provide more prestige. However, many of these are not open. This new agreement changes this dynamic. More high-quality research will appear in Open Access journals, which increases their impact and appeal.

It’s a major achievement that can be credited to a steadily increasing group of researchers who have promoted Open Access and pushed against copyright’s stranglehold on science.

While there is no concrete proof, there is reason to believe that Sci-Hub played a major role too. Not least since its open nature is widely embraced by researchers and authors around the world.

That brings us back to Sci-Hub’s founder, who recently published a detailed biography.

When the Elsevier lawsuit was first announced TorrentFreak was the first English publication to get an interview with Elbakyan, who made it clear that she wouldn’t cave in to the pressure.

“Everyone should have access to knowledge regardless of their income or affiliation. And that’s absolutely legal. Also the idea that knowledge can be a private property of some commercial company sounds absolutely weird to me,” she said at the time.

While Elbakyan is often portrayed as a pirate, many sympathize with her ideas. It certainly doesn’t seem fair to punish researchers by denying them access to knowledge, simply because their University can’t pay the subscription.

In fact, copyright in some cases prevents researchers from accessing their own publications, because these are also locked behind a paywall.

“The funniest thing I was told multiple times by researchers is that they have to download their own published articles from Sci-Hub. Even authors do not have access to their own work,” Alexandra previously said.

This may sound bizarre, but it’s true. For years it has been standard practice to have researchers sign an agreement to transfer their copyrights to the publisher. Without earning a penny, they were ordered to sign away the rights to their work, only to see it disappear behind a paywall.

It’s this practice that Sci-Hub and Elbakyan are revolting against. And as this week’s news shows, that hasn’t been without success. While publishers won’t like it, we would argue that there certainly is a Sci-Hub effect on academic publishing.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

Dish is Hiring an Investigator to Research and Monitor Pirates


With $15 billion in annual revenue, American satellite and broadcast provider Dish Network is a force to be reckoned with.

The company has been on a pirate crusade in recent years, filing several lawsuits against alleged pirate sources, including the popular Kodi-addon repository TVAddons.

TVAddons previously announced that it had reached a confidential settlement and this week the case was indeed dismissed (pdf). Dish, however, maintains dedicated to the piracy problem on other fronts.

In a new job listing the Fortune 200 company is looking for a fraud investigator with a special focus on researching and monitoring online piracy activities.

“DISH in Englewood, Colorado, is looking for an Investigator II to work on multiple projects with topics ranging from satellite piracy, IPTV violations, Intellectual Property violations, forum monitoring, Internet monitoring, and end-user cases,” the posting reads.

One of the primary responsibilities of this position is to keep an eye on businesses and individuals that offer Dish content illegally. This covers streaming sites, IPTV services, and also Kodi-addons.

In addition, the job also requires daily monitoring of specific “targeted websites” and forums, and a summary of the activity on these platforms in daily reports.

Dish’s vacancy

Dish stresses that prospective candidates should be able to handle confidential information with discretion. They must also work with outside counsel, likely because their research could be used as the basis for future lawsuits.

Finally, the position demands that candidates help implement various takedown procedures, with Dish specifically highlighting eBay, Craigslist, and YouTube as services of interest.

While the job application reveals no groundbreaking details or plans, it’s clear that Dish is taking piracy rather seriously. The company’s efforts are clearly not limited to the occasional lawsuit.

And for those who like spending time trawling through piracy forums, it’s good to know that Dish, and likely others, are reading along.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

Italy Wants to Upgrade Movie “Camming” Piracy to a Criminal Offense


When the vast majority of movies are released to the public, viewings take place exclusively in cinemas. The industry is extremely protective of this initial window, which is seen as both lucrative and protective of the theater industry.

This strict and exclusive window also causes problems, however. While huge marketing budgets are mostly successful in luring large numbers of people to the big screen, millions sit at home waiting for a cable, DVD, or VOD release. Or, alternatively, a pirate copy to appear either online or through physical piracy channels.

These illicit copies are obtained by people taking camcorders or similar devices into cinemas and recording the screen. Quality is notoriously suspect but for large numbers of impatient movie fans, a ‘cammed’ copy with blurry video and unwanted audio interruptions is still desirable.

Some countries have legislation to deal with the problem. In the US, for example, ‘camming’ is a serious offense, one that can see offenders hauled off to prison. In other regions, however, the activity isn’t viewed so seriously, something which movie companies are keen to change.

In Italy, ‘camming’ is currently considered an administrative wrongdoing, i.e something which is technically wrong to be handled in ways other than prison. It’s a position the movie industry hopes will change if new legislation under consideration is placed on the books.

According to an Adnkronos report, a new bill has just been presented by the Forza Italia party which proposes upgrading the offense significantly.

The proposal, signed by Member of Parliament Marzia Ferraioli, would transform camcording from a “mere administrative wrongdoing” to a “criminal offense punishable like other illegal acts of piracy.”

“The law proposal by Mrs. Ferraioli, whom we thank for the attention given to the issue of piracy, represents an important signal at a time, like the current one, in which the protection of audiovisual works is severely tested,” Federico Bagnoli Rossi of anti-piracy group FAPAV told Key4Biz.

“Specifically, the problem of camcording has often been underestimated or considered to be in decline but it still represents the apex of the illicit supply chain of pirated content.

“This aspect is also aggravated by the fact that these recordings are made in the very first days of the presence of films in cinemas, when the works are in their initial phase of exploitation, creating significant economic damage to the exhibitors and to the entire audiovisual industry,” Rossi said.

In common with opponents of camming around the world, Italian authorities believe that illegally-recorded first-run titles not only undermine the investment made in films and the livelihoods of those who make them, but also serve as a profit center for criminals involved in other crime.

“The profits of the illegal activity of camcording finances criminal organizations, they create huge damage to the entire chain of film, and undermine the work of the workers and professionals involved in making a film,” the legislative proposals read.

To combat the threat, it’s also envisioned that cinema owners will be able to install video surveillance systems to “monitor the introduction, installation or other abusive use of devices with camcorder functionality.”

A report published by FAPAV in July, which revealed a two percent fall in piracy overall, stated that dealing with illicit camcording was one of the anti-piracy group’s most pressing goals.

“Our priorities, at the moment, are represented by a tightening of the regulation that regulates camcording, that is the illicit video or audio recording of a film in the theater, and overcoming the problems arising from those services that hide the real owners of the websites and hosting providers that host them,” FAPAV wrote.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

OpenPGP Keyservers Now Store ‘Irremovable’ Torrent Magnet Links


BitTorrent is often praised for its decentralized nature. The file-transfers take place between users and there’s no central service required.

That’s also one of the main reasons why pirates embraced it.

There is a weak spot though. In order to download something, you need a torrent or magnet link. These are available through torrent sites which, as history has shown, can disappear overnight.

While it’s unlikely that all torrent sites will be eradicated at once, we recently spotted a rather novel approach to this ‘problem.’ A few weeks ago OpenPGP keys with magnet links were added to SKS keyservers.

These keyservers are computers which store and index OpenPGP keys over the Internet. This helps users who rely on encrypted email, for example. The servers generally share the keys amongst each other in a pool and uploaded keys generally can’t be removed.

The permanent storage of keys generally isn’t an issue. However, when the system is used as a stealth resource to store magnet links to pirated content, this resilience is put in a different light.

This is exactly what happened.

A few weeks ago a series of rather odd, but valid, PGP keys were uploaded to SKS keyservers. These keys were not meant to encrypt email though, but as a safe storage for torrent magnet links.

As a result, popular keyservers, including the ones hosted by research university MIT and Surfnet, have transformed into pirate sites.

The magnet links, most of which point to pirated content, were added in the UID field. In examples we’ve seen, sometimes there were a hundred magnet links added to a single key entry. And with the search functionality of the keyservers, these are easy to find.

Magnet links..

While there are over a thousand magnet links on these keyservers now, there are a lot of duplicate entries. That makes it more of a gimmick than a usable tool for pirates, but still.

While keyservers are not really an alternative to pirate sites yet, these magnet links have not gone unnoticed. We received the first tip weeks ago and others spotted it too. The irremovable nature of these links is particularly intriguing.

MIT, for example, clearly states in its FAQ that it is impossible to remove keys once they’re up.

TorrentFreak spoke about the issue with Kristian Fiskerstrand, who operates the sks-keyservers website. He notes that removing keys is not possible due to the nature of these servers.

“The keyserver network is intended as an add-by-anyone key store, and structurally these are valid OpenPGP keyblocks,” Fiskerstrand says.

Only the owner of a private key can remove an entry. Keyservers are designed to keep their data online and share it with other servers. Similar to the blockchain, nothing is removed.

Fiskerstrand confirms that if copyright holders want these keys removed, they’re out of luck.

“[E}ven if the copyright holders were having issues with it they should focus on removing the underlying data not any pointer that is far off the original data,” Fiskerstrand notes.

That, however, brings us back to the beginning of this article.

Since BitTorrent transfers are decentralized there is no single source to go after. Copyright holders will have to go after each and every pirating torrent user individually…

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

YouTube Chief Says Article 13 “Undermines Creative Economy”


Next week, MEPs will again vote on the controversial copyright proposals of Article 13.

Critics say the proposed legislation would see platforms such as YouTube compelled to introduce strict upload filters, to prevent unlicensed content being offered to the public. These systems, they say, would stifle creativity and lack the ability to differentiate in situations of fair use.

Those in favor say that YouTube has enjoyed the free ride long enough and must now play fair with other people’s content.

The theory in the music industry is that the enhanced liability regime of Article 13 will force YouTube, their main target, to properly license the music it hosts, at rates more in line with those being charged elsewhere in the industry. Removing safe harbors, insiders say, is the only way YouTube can be forced to compensate artists fairly.

The debate has raged for months – years even – with the music industry on one side and tech companies and proponents of Internet freedom on the other. However, YouTube and owners Google have remained relatively quiet, a little unusual given that they’re the prime targets of the legislation.

Now, however, YouTube Chief Business Officer Robert Kyncl has weighed in on the proposals, warning of a new, more restrictive creative environment should Article 13 pass into law.

“The open internet eliminated the barriers of traditional media gatekeepers and ignited a new global creative economy for creators and artists. It has given anyone with an idea the ability to share their passion, find fans all over the world and build a business,” Kyncl writes on the YouTube Creator Blog.

“Despite best intentions, I believe this may now be at risk as European policymakers prepare to vote on a new European Copyright Directive on September 12. In fact, some parts of the proposal under consideration – and in particular the part known as ‘Article 13’ — potentially undermine this creative economy, discouraging or even prohibiting platforms from hosting user-generated content.”

Kyncl warns that passing the controversial proposal would lead to a stifling of creativity and a negative effect on YouTube users of all kinds.

YouTube creators, in particular, could find their revenues at risk, if the platform is held to higher standards of liability. Critics have long warned that erring on the side of caution would become the standard for sites like YouTube, potentially leading to censorship (filtering) of difficult or questionable content.

YouTube’s Chief Business Officer reiterates once again that his platform has invested in several technologies designed to assist copyright owners. Its Content ID and more recent Content Match systems can identify content for monetization purposes or remove it, at copyright holders’ request.

“Copyright holders have control over their content: they can use our tools to block or remove their works, or they can keep them on YouTube and earn advertising revenue. In over 90% of cases, they choose to leave the content up,” he writes.

“Enabling this new form of creativity and engagement with fans can lead to mass global promotion and even more revenue for the artist. For instance, a growing list of global artists have seen their songs go viral in fan-made dance videos, such as Drake’s ‘In My Feelings’ and Maître Gims’ Sapés Comme Jamais. Dua Lipa got her start singing covers and Alan Walker allowed his track Fade to be used in user generated content and video games, which helped him build a massive global fanbase.”

In informal discussions with music industry insiders this week, TF also questioned why tools like Content ID and Content Match aren’t able to solve the problem of infringing music content being made available on YouTube. We were told that while these systems have their uses, only the enhanced liabilities offered by Article 13 can address the undervaluation of content and ensure that YouTube pays a fair licensing rate for the content it offers.

But while the music industry seeks to render YouTube ineligible for safe harbor protections under the e-Commerce Directive, YouTube is warning that the effects of Article 13 will be felt far beyond the Internet’s most popular video site.

“The Copyright Directive won’t just affect creators and artists on YouTube. It will also apply to many forms of user generated content across the Internet. And that’s why so many other people are raising concerns too,” Kyncl writes.

“Individuals, organizations (like European Digital Rights and the Internet Archive), companies (like Patreon, WordPress, and Medium), the Internet’s original architects and pioneers (like Sir Tim Berners Lee), and the UN Special Rapporteur for free expression have spoken out. Creators across the Internet are standing up for their right to create and express themselves, including Phil DeFranco, LeFloid, and TO JUZ Jutro.”

With that, Kyncl signs off by urging opponents of Article 13 to air their opinions on social media (#SaveYourInternet) and with policymakers via ChangeCopyright.org. The all-important EU vote is set to take place September 12, so expect a crescendo of often acidic debate over the next few days.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

Court: Dutch Government is Liable For Controversial Piracy Claims


pirate-cardThe Netherlands has long been a relaive safe haven for pirating consumers.

Downloading movies without permission, regardless of the source, was not punishable by law according to Government officials.

This eventually changed in 2014 when the European Court of Justice spoke out against the tolerant stance.

As a result, the Dutch Government quickly outlawed unauthorized downloading. However, breaking the habits of a large section of the population proved difficult and until this day, local piracy rates have remained high.

In 2015, this prompted Dutch filmmakers’ association SEKAM to hold the Government responsible, demanding compensation for the piracy losses they suffered. This week, Court of The Hague ruled on the matter, partially agreeing with the filmmakers.

In its verdict, the Court reviewed statements made by several Government officials made prior to the downloading ban, including those from former State Secretary for Security and Justice Fred Teeven.

In these statements, the Government made it clear that downloading pirated content was allowed, something that runs contrary to EU law. The Court specifically highlights a press release from 2011 where this was made apparent.

Looking ahead at future policy, the press release noted that “downloading of copyright-protected works from evidently illegal sources will become unlawful, but not punishable.”

This clearly suggests that it was fine until then, according to the Court.

“The unmistakable message that is sent is that, at that moment, downloading from illegal sources in the Netherlands is absolutely allowed,” the Court writes in its verdict.

This is particularly problematic since these and other statements were made in the public domain with the goal to inform the public.

“Based on this message, expressed by the responsible Government official in the public domain and in the media, there will have been downloaders who assumed that downloading from illegal sources was permitted, whereas this was generally known to be forbidden in other EU member states,” the verdict reads.

As a result, the Government is liable for the statements, which opens the door to a damages claim.

While the Court sides with the filmmakers on this issue, Tweakers highlights that the Court doesn’t rule on whether the Government can also be held responsible for its lack of enforcement after the download ban in 2014. That would have to be determined in a civil case.

The filmmakers’ organization Sekam sees the verdict as a “strong signal,” NOS reports. The group now plans to enter into negotiations with the Government about possible compensation.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

Neo Cryptocurrency Bid $170 Million for BitTorrent


In May, TF broke the news that Justin Sun, the entrepreneur behind the popular cryptocurrency Tron, was in the process of acquiring BitTorrent Inc.

The San-Francisco based file-sharing company confirmed the interest from Sun, but it took until July before the deal was officially confirmed.

While no formal figures have been publicly released, the deal was reportedly worth $140 million. This figure was later corrected to roughly $120 million by BitTorrent co-founder Ashwin Navin.

While that is still a substantial amount, Tron was not the only company bidding. In fact, there was another cryptocurrency with a desire to take over BitTorrent. The startup Neo, often referred to as the Ethereum of China, put in a higher bid as well.

New details revealed by Coindesk show that Neo Global Capital (NGC), the cryptocurrency’s venture capital firm, was willing to pay $170 million for BitTorrent. This was made up of $115 million for all preferred stock and $55 million of common stock.

This revelation was shared by Neo Blockchain’s head of investment, Weiyu “Wayne” Zhu. Neo planned to use BitTorrent to create a decentralized file-storage system which could be used for blockchain related projects. Despite the higher offer, however, no deal was made.

According to BitTorrent and venture capital firm DCM, which owned most of the preferred stock, Neo’s bid was seen as less favorable. It involved more risk and included a clause that would nullify the entire agreement if the acquisition was not completed in six months.

Documents, seen by Coindesk, state that “the risk of the transaction not being consummated due to the projected closing of such proposed transaction being late in 2018 and [NGC’s] primary assets being cryptocurrency holdings, which required an additional foreign currency conversion prior to the closing of the proposed transaction.”

Neo, for its part, was concerned about the Committee on Foreign Investment in the United States (CFIUS), which could interfere with the acquisition.

In addition, BitTorrent inventor Bram Cohen’s plans to leave the company probably didn’t help, as Neo wasn’t sure whether BitTorrent could deliver what it envisioned without him. As first reported here last month, Cohen moved away from BitTorrent, which means that the company lost its original technical visionary.

“We were not so sure that BitTorrent is technically advanced enough to become the decentralized file project we had hoped it would be,” Zhu said.

In the end, BitTorrent and Tron reached an agreement in February where the latter would pay $90 million for the preferred stock and $30 million for the stock. After finalizing the paperwork, the deal was eventually made public a few weeks ago.

It remains to be seen whether current BitTorrent users will notice any change following the shift in ownership. While the BitTorrent protocol will remain free and open to anyone, Tron now controls the popular uTorrent clients, including the new web version.

The company previously announced that nothing will significantly change in the short term. However, Tron’s founder Justin Sun also said that he plans to add financial incentives for those who seed content, which could, in theory, come to uTorrent as well.

Whatever direction Tron will go in, the core BitTorrent protocol remains open and cryptocurrency free.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

Rogue MEGA Chrome Extension Stole Passwords and Crypto Keys


Founded by Kim Dotcom in 2013, the MEGA file-hosting site was an overnight success, attracting hundreds of thousands of users in a matter of hours.

The platform launched on a wave of concerns over Internet snooping so with tight encryption and privacy as a policy, it went on to become a roaring success. Now, however, it’s reporting a serious breach that affects a currently unknown number of users.

“On 4 September 2018 at 14:30 UTC, an unknown attacker uploaded a trojaned version of MEGA’s Chrome extension, version 3.39.4, to the Google Chrome webstore,” the company reports.

MEGA says that whenever a user installed or auto-updated to the rogue extension, it sought permissions that the official extension does not. That included the ability to read and change ALL data on websites the user visits. While for experienced users that should’ve set alarm bells ringing, many people would not have understood the risks. As it turns out, they were huge.

The rogue extension was programmed to steal user credentials for a range of sites including Amazon, Live (Microsoft), Github, and Google’s webstore, meaning that anyone with accounts on these sites could’ve had their usernames and passwords stolen. Things got worse, however.

According to a user posting on Reddit, the extension also has the ability to steal private keys to cryptocurrency wallets affecting MyEtherWallet, MyMonero, and Idex.market utilizing the following code.:

“content_scripts”: [ {
“js”: [ “mega/jquery.js”, “mega/content.js” ],
“matches”: [ “file:///*”, “https://www.myetherwallet.com/*”, “https://mymonero.com/*”, “https://idex.market/*” ],
“run_at”: “document_end”
} ]

In a security update, MEGA confirmed the findings, noting that the extension had been sending credentials to a server located in Ukraine, previously identified by Monero developer SerHack as www.megaopac.host.

https://platform.twitter.com/widgets.js

MEGA says it is currently investigating how its Chrome webstore account was compromised to allow the attacker to upload the malicious code. However, as soon as it became aware of the problems, the company took immediate action.

“Four hours after the breach occurred, the trojaned extension was updated by MEGA with a clean version (3.39.5), autoupdating affected installations. Google removed the extension from the Chrome webstore five hours after the breach,” the company reports.

This serious breach affects two sets of people; those who had the MEGA Chrome extension installed at the time of the incident, had auto-update enabled (and accepted the new elevated permissions), plus anyone who freshly installed version 3.39.4 of the extension.

While credentials for the sites detailed above were specifically targeted, MEGA says that these could be the tip of the iceberg due to the extension attempting to capture information destined for other platforms.

“Please note that if you visited any site or made use of another extension that sends plain-text credentials through POST requests, either by direct form submission or through a background XMLHttpRequest process (MEGA is not one of them) while the trojaned extension was active, consider that your credentials were compromised on these sites and/or applications,” the company warns. (see note below)

TorrentFreak contacted MEGA for comment and company chairman Stephen Hall pointed us to technical advice and an apology from the company. MEGA says it has strict release procedures with multi-party code review. However, limitations in place at Google means that security isn’t as tight as it could be.

“Google decided to disallow publisher signatures on Chrome extensions and is now relying solely on signing them automatically after upload to the Chrome webstore, which removes an important barrier to external compromise,” the company notes.

Since MEGAsync and MEGA’s Firefox extension are both signed and hosted by the company, they are unaffected by this attack. MEGA’s mobile apps, which are hosted by Apple, Google, and Microsoft are also unaffected.

Also in the clear is MEGA itself. The extension didn’t have the ability to steal users’ MEGA credentials and any users accessing MEGA without the Chrome extension remain unaffected.

Note: TorrentFreak has asked MEGA for additional clarification on the “plain-text credentials through POST requests” statement and details on why MEGA itself isn’t at risk. We’ll update when we receive a response.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by

Movie Outfits Are ‘Quietly’ Targeting Canadian File-Sharers in Court


For more than a decade, alleged file-sharers around the world have been pressured to pay significant settlement fees.

These so-called copyright trolling efforts are pretty straightforward. Copyright holders obtain a list of ‘pirating’ IP-addresses and then request a subpoena from the court, compelling ISPs to hand over the associated customer data.

In recent years several news reports have appeared on these cases in the US, Sweden, Denmark and elsewhere. In Canada, things have remained quiet, but that doesn’t mean that these cases don’t exist there.

While the volume of lawsuits is relatively modest, thousands of Canadians have been targeted since 2016. The lawsuits in question are filed by the rightsholders of films such as The Hitman’s Bodyguard, Mechanic: Resurrection, Criminal, London Has Fallen, and Dallas Buyers Club,

These outfits are also active in other countries and many have a connection to Voltage Pictures, another familiar name. Voltage sued over 50,000 Canadian John Does in a reverse class action in 2011. This ‘Hurt Locker‘ case is still ongoing.

After the initial lawsuit, things went quiet, however. In the courts at least.

Initially, the movie companies focused their efforts on the so-called “notice-and-notice” scheme. This allows rightsholders to send settlement requests to alleged pirates through their ISPs. However, no personal details would be exposed. That meant that these could be easily ignored by the accused.

In recent years more than 300,000 of these “notice-and-notice” warnings were sent out by just one law firm, but the total could be over a million. This even grabbed the attention of lawmakers and legal experts.

What’s less known, however, is that in 2016 these movie companies and other rightsholders started taking cases to court again. Court records reveal that at least 16 separate lawsuits were filed since, with some targeting hundreds of people at once.

These cases are similar to the “copyright troll” efforts we see in other countries. They are litigated by the law firm Aird & Berlis and have fewer defendants than the initial Hurt Locker suit. Perhaps that’s why they remained largely under the radar.

The fallout is very real though. While none of the cases have gone to trial yet, some defendants have settled their cases for thousands of dollars.

TorrentFreak reached out to James Plotkin of law firm CazaSaikaley, who represented two defendants. He warns that from a consumer protection standpoint, the biggest problem is ignorance.

For example, many defendants may not realize that these cases are filed against John Does. This means that they are technically not being sued yet unless their name is added to the suit, which rarely happens. But it gets worse.

“I have also seen a number of consent judgments for $5,000. This is the maximum liability under the Copyright Act for non-commercial infringement. I am therefore puzzled as to why individuals would agree to settle for their likely maximum liability at trial,” Plotkin adds.

The latter is a particularly worrisome issue. It means that accused file-sharers admit guilt and agree to pay $5,000, which is the maximum damages amount they could get in court.

“I see no rational basis for paying that amount,” Plotkin notes, suggesting that some defendants are not represented by attorneys who know the ins and outs of IP law.

In most other countries the legal pressure is used to get Internet subscribers to pay a settlement fee. The matter rarely goes to trial. According to Plotkin, the same is likely to happen in Canada.

“It is difficult to say for certain, but I do not think any of these cases will go all the way,” Plotkin tells us.

“The business model so far seems to have been lifting off as many claims and letters as possible in the hopes of scaring out settlements. It has worked. I don’t see why the plaintiffs would jeopardize that by actually litigating one of these claims.”

Thus far the cases have been ongoing for years, without much resistance. Those who are unfortunate enough to get caught up in this should carefully research their options. Unlike the “notice-and-notice” emails, ignoring the legal paperwork is not a good option.

According to Plotkin, it would be wise to consult an attorney instead.

“Get competent legal advice. It is important to understand the legal playing field. Defendants are not helpless in these actions, so ignoring the claim and allowing the plaintiff to proceed in obtaining a default judgment is probably not the best option for most people,” Plotkin notes.

That is the type of advice one would expect from an attorney of course. However, in this case, it is certainly warranted. And the outcome could be positive as well, as Plotkin has already helped one defendant to get rid of the claim, without a settlement.

TorrentFreak also reached out to attorney Ken Clark of the law firm Aird & Berlis, which represents the movie outfits. He couldn’t provide any further details on how many people have been sued thus far and preferred not to disclose any further information.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and more. We also have VPN reviews, discounts, offers and coupons.





Source link

/0 Comments/by