Monday, March 24, 2014

GOOGLE REFUSES TO TAKE DOWN PIRATE-MOVIES-ON-YOUTUBE SITES


Following today's copyright settlement between Google and Viacom, it's interesting to note that YouTube still has plenty of illicit Hollywood content online. The MPAA has certainly noticed, with an effort last week to have several Popcorn Time-style dedicated web interfaces de-listed by Google, a request that was declined.
youtubeEarlier today news broke that Viacom and Google/YouTube have settled their billion dollar copyright infringement dispute, in which the former had accused the latter of hosting its video content without permission.
The precise terms of the settlement have not been disclosed, but the fact that YouTube has been trying hard to combat piracy in recent years can hardly have gone unnoticed. It invests large sums into Content ID, but this anti-piracy / monetization system can’t ever hope to solve the problem completely.
So, while the world is worrying about The Pirate Bay and other so-called ‘rogue sites’, through no fault of its own YouTube continues to be a pretty decent place to watch unauthorized content, not least hundreds if not thousands of Hollywood movies.
Finding that content is fairly easy too, via a title search (sometimes followed by “full movie”) and the activation of the “Duration Long” feature which only returns videos in excess of 20 minutes. However, spammers have been doing their best to pollute these results for some time, with fake video uploads of around two hours which claim to be the movie but are actually ploys to generate traffic to other sites.
If only there was a pre-moderated YouTube-movie-indexing site with a great Popcorn Time-style interface complete with reviewer ratings. Maybe looking something like this?
FullMoviesOnYouTube
Actually there are already quite a few of these kinds of sites but MovieFork attracted our attention after it appeared in a complaint to Google penned by Paramount Pictures, Sony Pictures, Twentieth Century Fox, Universal, Warner and Disney – together the MPAA.
The complaint features three sites – MovieFork, FullMovies.cc and Otakhang.com, each dedicated to indexing Hollywood movies already available on YouTube. While many of the titles indexed by these sites are older classics, there’s no shortage of newer titles from the past year. Quality is half decent too, hardly the peer-through-a-letterbox experience of years gone by.
In its complaint the MPAA asks Google to take down specific URLs, including theMovieFork homepage. In another it asks for the FullMovies.cc domain to be delisted along with that of fellow YouTube movie indexing site Uflix.net.
Uflix
But despite the nature of the sites, Google refused to comply with the MPAA’s requests. Google’s own Transparency Report shows it took “no action” in respect of the takedown notices and searching for the precise URLs with Google search reveals they are still indexed, with none of the sites’ homepages being delisted either.
Quite why Google is refusing to respond is unclear, but there are some interesting pointers. For example, similar requests to take down URLs that point to movies hosted on sites other than YouTube have been successful, such as the one for Man of Steel listed in this complaint.
It’s certainly possible that Google expects rightsholders to send their takedowns directly to YouTube, rather than shooting endless links and leaving the original content intact. Indeed, there are plenty of signs they are doing just that as some links are no longer available.
The scale of the free-full-movies problem is evident when one looks at Zero Dollar Movies, a site that claims to index 15,000 movies, all available for free from YouTube. It appears to use the YouTube Search API and even has its own ‘Instant’ feature for suggesting content that searchers may be interested in.
Other indexes, such as /FullMoviesonYoutube, a section of Reddit dedicated to just that, are pretty basic but show that not much infrastructure is needed in order to create a decent selection.
The movies-on-YouTube problem isn’t new in the same way that the torrents issue isn’t, but like Popcorn Time showed, it’s certainly got an awful lot prettier.

AT&T DEVELOPS CREDITS SYSTEM TO LIMIT FILE-SHARING BANDWIDTH


A patent application by telecoms giant AT&T details a traffic management system set to add a little more heat to the net neutrality debate. Rather than customers using their Internet connections to freely access any kind of data, the telecoms giant envisions a system in which subscribers engaged in "non-permissible" transfers, such as file-sharing and movie downloading, can be sanctioned or marked for increased billing.
When a consumer subscribes to an Internet package, either at home or on a cellphone, it’s generally accepted that he can use it for whatever applications he likes, whether that’s web browsing, sending or receiving emails, watching video, or listening to music.
Of course, bandwidth is a finite resource so it is fairly common for service providers to put a cap on data transfers in order to manage their services. For example, a user with a 3GB per month limit on a cellphone contract might use it all in the first couple of weeks watching YouTube, and as a result might need to consider upgrading to a more spacious package.
Fair enough, but what if a service provider started to dictate what types of data could be accessed each month on a particular package? What if emails and web browsing were acceptable kinds of traffic but others, such as video downloading and file-sharing, resulted in subscribers being subjected to penalties? A new system developed at telecoms giant AT&T appears to envision just that kind of scenario.
The system is revealed in a patent filed by AT&T Mobility in September 2013 and published this month. Its stated aim is to stop customers from “abusing a telecommunications system” by consuming too much bandwidth.
Titled “Prevention Of Bandwidth Abuse Of A Communications System”, the patent is likely to get net neutrality advocates hot under the collar as rather than targeting bandwidth consumption overall, it seeks to penalize the transfer of certain kinds of data linked to “excessive” consumption.
“When a user communicates over a channel, the type of communication is checked to determine if it is of a type that will use an excessive amount of bandwidth,” the patent reads.
The system works by awarding the subscriber with “credits” and subtracting from those when monitored traffic is deemed to have been consumed in potentially bandwidth-hungry fashion.
“The user is provided an initial number of credits. As the user consumes the credits, the data being downloaded is checked to determine if it is permissible or non-permissible. Non-permissible data includes file-sharing files and movie downloads if user subscription does not permit such activity,” the patent application reads.
“If the data is permissible, the user is provided another allotment of credits equal to the initial allotment. If the data is non-permissible, the user is provided an allotment of credits less than the initial allotment,” it continues.
By marking some traffic type usages as acceptable and others not, the system described by the patent application can develop in a couple of directions. The subscriber can remain in “credit” and continue about his Internet activity as usual, or find that his “credits” are diminishing towards zero. At this point he can be asked to pay more money, be subjected to sanctions that affect his ability to communicate (such as by blocking movie downloading), or be incentivized to maintain preferred consumption habits.
“Various restriction policies also can be applied, such as levying additional fees and/or terminating the user’s access to the channel. Also, incentives can be provided to entice the user [to] curb the misuse,” the patent filed by AT&T Mobility Ii Llc adds.
Earlier this month a federal appeals court in Washington struck down the Federal Communications Commission’s net neutrality rules. Shortly after AT&T CEO Randall Stephenson offered reassurances that his company was committed to an open Internet.
Where legitimate traffic management ends and the open Internet begins will become apparent in the months and years to come.

Technology to Find Missing Plane Does Exist

Apparently, the technology assuming that planes can’t just “drop off the radar” like Malaysia Airlines Flight 370 does exist. However, the airlines decided it was too expensive for them. Media reports confirm that technology needed to stream crucial flight data to the ground legally exists on the market, but its price is $100,000.

M_Id_464109_MH370.jpg

The matter is that commercial airliners do actually transmit some data. Radio transponders identify them while scanning by radar, and most of them are fitted with an Aircraft Communications Addressing and Reporting System (ACARS).

The latter periodically relays text-message like snippets of data about the aircraft’s status. Those transponders seem to have stopped transmitting data about Flight MH370, and the airline refused to provide any comments about ACARS signals while the incident is being investigated.

According to the computer scientist Krishna Kavi, this data can be streamed to cloud storage, in a system called the "glass box". However, transmitting information via satellites is not cheap, especially and if such a system operates continuously.

Apparently, it would cost billions to implement flight data streaming across the airline industry.

However, most of the information is based on the maker of the existing black box technology L-3. The latter spun a false premise that all flight information would need to be streamed, all of the time. According to a safety and insurance director of an aviation consultancy, systems could be designed to be triggered by unusual flight events, and only after this start streaming flight information.

These devices already exist on the market, fitted to about 350 aircrafts run by 40 operators and they transmit information helping airlines plan maintenance and minimize fuel consumption.

The company producing the system revealed that it transmits information via Iridium satellites and can be programmed to start streaming flight data after a plane deviated from its flight plan, or there are suspicions something is going wrong.

In case an aircraft is blown out of the sky by a bomb, or if it suffers a sudden catastrophic structural failure at cruising altitude, such devices won’t be much help. However, in those rare cases, conventional black boxes are viable technology.

OS Developers Found Backdoor to Android

Developers working on the Replicant OS, a free and open-source spin of Google’s Android, have discovered a backdoor into the device’s filesystem.The backdoor is question works on a number of Samsung Galaxy mobile devices with the stock Android image, but the official announcement claimed that it was present in "most proprietary Android systems running on the affected Samsung Galaxy devices, including the ones that were shipped with the devices".

replicant_small.png

In other words, Samsung Galaxy devices which run proprietary Android versions have a backdoor allowing for remote access to the information stored on the mobile device.It was found in the proprietary software responsible for handling the communications with the modem. The security experts confirmed that via the Samsung IPC protocol, it implemented a class of requests called RFS commands. They allow the modem to perform remote I/O operations on the device’s storage.

Apparently, when the modem is running proprietary software, it offers over-the-air remote control, which could later be used to issue the incriminated RFS messages and obtain access to the file system of the affected device. In other words, anyone aware of the backdoor is able to walk directly into the Nexus S, Galaxy S, Galaxy S2, Galaxy S3, Galaxy Note,Galaxy Note 2, and Galaxy Tab 2. Actually, the Galaxy S appeared to be the most insecure, because the backdoor software is running there as root.

Replicant developers believe that the vulnerable software could possibly be added for legitimate purposes, without the intent of doing harm by providing a backdoor. The most interesting fact is that the problem in security was reported on the Replicant Wiki page weeks ago, but none of the software developers appear to have noticed it. 

Android WhatsApp Liable to Theft

Security researchers have just discovered security flaw in Android version of WhatsApp, which stores user database on SD card with poorly secured encryption keys and thus can allow another app to upload your entire database of chats to a 3rd-party server, without your consent.
d6b11c54-c005-406b-848f-44049c075cb4-460x276.jpeg

The flaw in question stems from the Android OS’s handling of external storage coupled with lax security standards of the app. Security experts point out that the flaw allows any Android app with access to the phone’s SD card to read and upload WhatsApp’s database. Taking into account that the majority of users allow everything on their Android device, it isn’t much of a problem.

Android’s fault isthat the OS only allows all-or-nothing access to the SD card. This means that any app able to read and write to the external storage can also access data other apps store there. Aside from the fact that WhatsApp uses that external storage to hold its database, on its earlier versions it does so without any encryption at all. As for its later versions, which encrypt the database, they do so with a key which can be easily extracted from the app. As a result, any app can read the WhatsApp database and the chats from the encrypted databases.

So, what’s the way out? To avoid the risk of having your chats stolen, be wary of granting suspicious apps access to your SD card. It is still unclear whether WhatsApp or Android itself is more to blame for the vulnerability. Android’s policy of allowing total access to the external storage differs from Apple’s far more controlled security on iOS devices. Apple “sandboxes” each app in a way that prevents others from accessing its data.

In the meantime, Android openness allows developers to create apps which can’t be run on an iOS device, but opens up the risk of flaws like this one. This isn’t the only security hole at WhatsApp, by the way. A few months ago, security researchers proved it was possible to decrypt messages sent thanks to data gained through eavesdropping on the WhatsApp connection.

Moreover, one of the flaws which enabled this latest attack has been known about for at least a year, because tool used to decrypted the database was released back in 2012. Probably, this is why Germany’s privacy regulators recommended all WhatsApp users to switch to a more secure service this past February.

NSA Is Going to BuildSpy Botnets

The National Security Agencyis going to set up botnets and use their victims to spy on people, according to new leaksfrom Edward Snowden. Apparently, the NSA is rapidly expanding its ability to hack into PCs on a mass scale through automated systems that almost don’t require human oversight in the process.
trojanhorse.jpg

In short words, the American spooks may be going to infect millions of machines all over the world with kinds of malware "implants" able to break into targeted PCs and to extract information from foreign Internet and phone networks.

GCHQ, the UK intelligence agency, seems to have also played an integral role in helping to develop this tactic. Actually, this is getting annoying – apparently, what the US can't invent on its own, it relies on someone else to do for it.

In one case, the NSA pretended a fake Facebook server, thus using the social network as a launching pad to infect people’s computers and exfiltrate files from a hard drive. In another case, it has sent out spam emails laced with the malware. The latter could be tailored to covertly record audio from a device’s microphone along with taking snapshots with its webcam. Finally, the hacking systems have also allowed the agency to carry out cyber attacks by corrupting and disrupting file downloads or denying access to Internet sites.

Snowden leaks also mention an automated system dubbed TURBINE, which allowed the current implant network to scale to millions of implants by creating an automated system controlling them by groups rather than individually.

The idea of the NSA is to create a botnet operating“like the brain”. In other words, the system should manage the applications and functions of the implants and be able to decide what tools they need to siphon out information from people’s computers.

America Rewarded Corporations for Hiding Money

The American government seems to be rewarding tech giants, including Microsoft and Apple, who are known for avoiding paying tax by funnelling cash viatax havens like Ireland.The British Bureau of Investigative Journalism (BIJ) revealed that 4 of the biggest American technology groups collectively hold about $124 billion in US Treasury debt (much of it offshore), earning them tax-free interest.

revenueSUM_1708977c.jpg

In other words, Google,Microsoft, Apple, and Cisco Systems hold a large proportion of the $255 billion held in their foreign subsidiaries in US Treasuries. The tech giants can’t bring cash home and use it to help the government pay its debts – because this money would trigger a tax bill. As a result, the corporations prefer to keep it offshore.

American companies say that a "territorial" type of tax system could avoid double taxation and make sure all businesses compete on equal terms. Undoubtedly, this would also encourage companies to shift their revenues overseas. However, the status quo looks equally strange in that the government of the United States appears to reward tech giants for their tax avoidance.

According to a senior international tax policymaker, the American taxpayers paying interest to digital giants investing in American bonds was clearly “a bizarre situation”. Today there’s growing concern that the huge cash mountains held by the largest businesses worldwide may threaten global financial stability.

More than a thousand of the largest US non-financial companies hold $1.48 trillion in cash, according to Moody's, the credit rating agency. In the meantime, more than 20% of the US corporate cash pile is held by Google, Microsoft, Apple, and Cisco. 

CIA Spied on Its US Investigators

Aside from spying on foreign politicians, it looks like the CIA was also snooping on members of the Senate Intelligence Committee who had been sent to investigate its own antics. As a result, the Committee Chairman Dianne Feinstein became furious and accused the CIA of breaking laws and breaching constitutional principles. She claimed the CIA undermined her multi-year investigation of a controversial torture program.

0.jpg

Dianne Feinstein claimed that the agency secretly removed documents, searched PCs used by the committee and tried to intimidate congressional investigators by forcing the FBI to arrest them.All this is happening after the Senate Intelligence Committee nears completion of a 6,000-page report expected to become a scathing historical record of the CIA use of waterboarding and other brutal interrogation methods on terrorism suspects after the 9/11.

Dianne Feinstein promised to soon deliver the report to the White House and push for declassification of a document which would lay bare the horrible details of the CIA program. In the meantime, the agency and the Committee are at odds over the conclusions about the effectiveness of the program and the way the investigation was handled.

So, the CIA set up a secret facility with computers where Committee investigators were offered unhampered access to operational cables, executive memos and other data on the interrogation program.But there was a row over whether CIA or Committee sabotaged the latter’s efforts from the outset, loading a massive amount of files on PCs with no index, structure or ability to search.

It took years for investigators to pore over 6.2 million classified records furnished by the CIA, but the agency suddenly claimed the Committee somehow gained access to data that the CIA never intended to share – in other words, they managed to hack the CIA.

In response, the Committee was careful not to say precisely how those documents were obtained – by the CIA or by a whistle-blower. As a result, the CIA seems very upset that its plan to hamper the investigation by dumping lots of paperwork on the Committee failed thank to some whistle-blower,who simply revealed important information. So, the CIA referred the matter to the Department of Justice and accused the Committee of spying on the US. Surveillance is all around.