Den zugrunde liegenden Fehler für die schwere Sicherheitslücke von Facetime in der vergangenen Woche hat Apple zwar gefixt, doch das System bleibt erst einmal offline. Medienberichten zufolge müssen die Endgeräte gepatcht werden. (Apple, Sicherheitslüc…
Den zugrunde liegenden Fehler für die schwere Sicherheitslücke von Facetime in der vergangenen Woche hat Apple zwar gefixt, doch das System bleibt erst einmal offline. Medienberichten zufolge müssen die Endgeräte gepatcht werden. (Apple, Sicherheitslücke)
Deezloader Remix is a tool that allows users of streaming service Deezer to download and keep audio files obtained from the platform. Deezer has filed a takedown notice to have the project removed but cites no specific legislation. This has piqued the interest of the NotABug code collaboration platform where Deezloader Remix is hosted.
While Spotify grabs most of the headlines when it comes to premium streaming services, French firm Deezer is a smaller but serious competitor in the space.
With tens of millions of tracks on offer for a reasonable monthly subscription, Deezer has in excess of 12 million users, the majority of whom pay for a premium account. What Deezer also has is an interesting loophole.
Using third-party tools, users are able to download songs from the service and archive them on their own machines, something which has proven attractive to large numbers of subscribers but completely unpalatable to Deezer.
Over the past couple of years, Deezer has been fighting a somewhat losing battle against the creators of various tools including several connected with the Deezloader, Deezloader Reborn, and Deezloader Remix apps.
Deezloader Remix
Previously the company has filed what loosely appear to be DMCA-style complaints with platforms including Github and Gitlab, complaining that these third-party tools infringe their rights. Just this week, Deezer targeted the Deezloader Remix repo on NotABug, demanding that the site take the software down. (Excerpt from notice below)
Amongst other things, security is set so as to prohibit any other use than those stipulated in our Terms and Conditions (http://www.deezer.com/legal/cgu). Is prohibited notably the unauthorised download of music tracks.
The following link makes available an application which uses illegal methods to bypass Deezer's security measures to unlawfully download its music catalogue, in total violation of our rights and those of our music licensors (phonographic producers, performing artists, songwriters and composers):
https://notabug.org/RemixDevs/DeezloaderRemix
I therefore ask that you immediately take down the application made available via the URL above.
Similar notices were previously sent to Github and Gitlab who immediately disabled access to tools with the same functionality under the DMCA. However, NotaBug doesn’t appear so willing to take the project down without additional clarification.
After receiving the takedown notice from Deezer, NotABug admin Hein-Pieter van Braam-Stewart wrote to the developer of Deezloader Remix in an attempt to discover which laws the software might breach.
“I have received [an email] from Deezer, it would be helpful if someone from the project could respond to me on the details of the program,” he wrote on the Deezloader Remix repo.
“A cursory look at the sources reveals no Deezer owned materials nor any way in which the application defeats any type of encryption or any such things.
“I have responded with a request on what laws Deezer believes this repository breaks but it would be helpful if someone could give me a little background on the application.”
That Deezer should write such a lengthy and detailed takedown notice to the site without citing any specific legislation is quite interesting in itself but by not citing the DMCA, for example, there doesn’t appear to be any official process to follow in case the developer wants to object.
That being said, he does have some thoughts of his own.
“This project uses a publicly available API from Deezer to get Tracks information and create a download link to their official servers,” he wrote in response.
“The tracks on their servers are encrypted by ‘extremely high level encryption’ that has been cracked many years ago and they don’t bother fixing.
“The only thing that could be seen as copyrighted material in this project could be the encryption key, as no tracks and no Deezer Code is directly inside this project,” he added.
It seems unlikely that an encryption key in itself could be copyrighted since it’s not the classic definition of a creative work. However, circumventing Deezer’s DRM (which protects access to copyrighted content) opens up a different can of worms on the circumvention of technological measures front.
TorrentFreak contacted NotABug to find out whether Deezer had elaborated on which legislation the streaming service feels should apply to Deezloader Remix but at the time of writing, we were yet to hear back. A request to Deezer’s international PR department also went unanswered.
What doesn’t seem to be in doubt is that using Deezer’s API for downloading tracks to a user’s machine is against Deezer’s Terms of Service. Any developer using the company’s API must agree not to do certain things, including;
[N]ot use the Services in any way or on any website that is associated or promotes in whatever manner the illegal or unauthorized use, streaming, download, or sharing of music and associated elements content, including but not limited to the Content provided by DEEZER
[B]ypass, by any means, these measures, for the purpose of downloading the Content, or more broadly using the Content in violation of the present Terms.
In this respect, the developer of Deezloader Remix does indeed appear to be in breach of Deezer’s Terms of Service but it remains unclear why the company hasn’t taken steps to prevent his software from grabbing music from its service. After all, the takedown notice itself claims they are able to do this.
While sending a takedown notice might be considerably easier than a technical fix, it seems fairly clear that the loophole being exploited today is the same one that’s been exploited on Deezer for years.
Maybe there’s some reason why it cannot be patched but until then, additional vague and apparently ineffective notices seem to be the only solution to the persistent ‘Deezer downloading’ problem.
All that being said, Deezloader Remix will soon be put into retirement. The developer says he’s had enough of maintaining the project so there will be no more updates, a decision that was reportedly taken before the complaint from Deezer was received, not in response to it.
Das deutsche Internet ist angeblich bedroht, bei Facebook bricht das Chaos aus, Kundendatenbanken verschwinden und Umsätze sinken. (Golem-Wochenrückblick, Internet)
Das deutsche Internet ist angeblich bedroht, bei Facebook bricht das Chaos aus, Kundendatenbanken verschwinden und Umsätze sinken. (Golem-Wochenrückblick, Internet)
BitTorrent tokens (BTT) went up for sale this week and within 15 minutes were completely sold out. This brought in a healthy $7 million from interested investors. While there is plenty of talk about the plans in the “cryptosphere,” prospective users are quiet.
When there are any major newsworthy developments in the file-sharing world, our ‘tips’ mailbox usually fills up pretty quickly.
That’s particularly true for topics many people care about.
This week there was a pretty historic event in the file-sharing ecosystem. To our surprise, however, several days have gone by and we have yet to receive the first tip in our inbox.
We’re referring to the token sale of BitTorrent’s new BTT token. In just a few minutes the company, which struggled financially for years, raised $7 million from investors. A pretty impressive result to say the least.
Clearly, there is a massive interest in BTT. The token is part of BitTorrent and Tron’s plan to add “paid” sharing to their torrent clients through a new and open standard called “BitTorrent Speed.”
Later this year BitTorrent and uTorrent users will be able to earn tokens by seeding or spend them to speed up downloads. With well over 100 million users, the potential market is huge.
That said, it’s unlikely that much of the $60 million that was raised came from actual users. As with many cryptocurrency related project, most investors are ultimately in it to make a profit from trading.
Sold out
Those who search social media for BitTorrent-related mentions are now immersed in trading-related stats and graphs, with specialized news sites analyzing BTT’s ‘movements’ from day to day, something we’re not particularly interested in.
Instead, we decided to take a look at a place where the potential BTT users reside – in the BitTorrent and uTorrent forums, for example. Interestingly, there is not even a single mention of the new token, Tron, or the “BitTorrent Speed” project in general.
BitTorrent used to announce and discuss new uTorrent plans in their forums, but that’s not the case anymore.
This doesn’t mean that there’s no interest all, but it looks like most of the outreach is targeted at crypto investors instead of uTorrent and BitTorrent users. Perhaps that will change later, but it certainly seems odd.
After all, these uTorrent users are the ones who are expected to actually use BTT as “currency.”
Aside from this observation, we don’t want to speculate too much. BitTorrent Speed has been praised and criticized but, for now, we will follow the developments from the sidelines.
That said, we’re very interested in seeing how “BitTorrent Speed” will be received once it’s live. There is little doubt that there will be plenty of torrent users who want to be “paid” to seed, but how many will pay to speed up their downloads remains a question.
Multiple outlets, citing unnamed sources, reported on Friday that Spotify is in the "advanced stages" of acquiring a leading podcast production company. The rumored deal is no slouch: $230 million to acquire Gimlet Media, the company responsible for highly trafficked podcasts such as Reply All, Science Vs., and StartUp.
Recodeand the Wall Street Journal each reported a Gimlet bid from Spotify in the neighborhood of "over $200 million." That number was later clarified by Hot Pod newsletter author Nick Quah to be closer to $230 million. All three reports point out that the deal has not been completed.
The reports include a reminder that Gimlet's last public valuation, based on venture capital funding, hovered somewhere around $70 million in August 2017. Spotify has previously acquired smaller music- and streaming-related companies, including the music-rights data firm Loudr.fm and the virtual studio service Soundtrap., but neither acquisition's cost has been publicly announced (nor have either of those been rumored to be anywhere near $230 million). More importantly, those acquisitions have revolved around platforms and technologies, not potentially exclusive series and content.
No longer limited to Store apps, so you can now run Excel in VR.
Enlarge/ Any desktop app can now be launched in VR as a "Classic app." (credit: Microsoft)
Just in time for the weekend, Microsoft has released a new Insider preview build of Windows 10. Build 18329 should be available now to most people who have opted into the fast preview ring. Though it's not available to everyone because, for some reason, the new build isn't available in all the languages it'd normally be shipped in.
The strangest new feature is that you can now launch and run regular Win32 apps—2D apps built for the desktop—in the Windows Mixed Reality environment that's used for both virtual reality headsets and the HoloLens augmented reality headset. Previously, it was only possible to run apps built using the modern UWP API. Now, it seems that any Windows application will work. If you want to use Photoshop or Visual Studio with a headset on, you can.
The new build also adds a couple of new scripts to support the writing of languages that until recently had no adequate written form. There's the Osage language spoken by the Osage Nation in Oklahoma (which prior to 2006 used the Latin alphabet with various diacritics) and the ADLaM script used to write Pular, the language of the Fulani people in West Africa (which, similarly, used the Roman alphabet with diacritics prior to the development of the new alphabet in the 1980s). ADLaM and Osage were both added to Unicode in 2016.
Skeptical judges question FCC’s justification of net neutrality repeal.
Enlarge/ A protester holds a sign outside FCC headquarters on Dec. 14, 2017 before the vote to repeal net neutrality rules. (credit: Getty Images | Bloomberg)
A Federal Communications Commission lawyer faced a skeptical panel of judges today as the FCC defended its repeal of net neutrality rules and deregulation of the broadband industry.
FCC General Counsel Thomas Johnson struggled to explain why broadband shouldn't be considered a telecommunications service, and struggled to explain the FCC's failure to protect public safety agencies from Internet providers blocking or slowing down content.
Oral arguments were held today in the case, which is being decided by a three-judge panel of the US Court of Appeals for the District of Columbia Circuit. (Audio of the four-hour-plus oral arguments is available here.) Throttling of firefighters' data plans played a major role in today's oral arguments.
A lead mineral called plumbonacrite was used to create a thick, paste-like paint.
Enlarge/ Detail from Rembrandt van Rijn's Susanna (1636), one of the paintings analyzed by Dutch and French scientists using X-ray synchrotron radiation to determine paint composition. (credit: Public domain)
The 17th century Dutch master Rembrandt van Rijn is justly considered one of the greatest artists of all time. He's particularly praised for his masterful depiction of light and shadow in his oil paintings, an almost three-dimensional effect achieved with his signature "impasto" technique. The recipes he used to mix his paints were believed to be lost to history. But now a team of Dutch and French scientists has used high-energy X-rays to unlock Rembrandt's secret recipe, according to a new paper in the journal Angewandte Chemie.
Impasto (translated as "dough" or "mixture") involves applying paint to the canvas in very thick layers. It's usually done with oil paint because of the thick consistency and slow drying time, although it's possible to add acrylic gels as a thickening agent to get a similar effect with acrylics. Rembrandt used it to represent folds in clothing or jewels, among other objects, in his paintings. As David Bressan notes at Forbes, "The layer causes light to reflect in certain ways, giving the painting interesting dark and light contrasts and a three-dimensional effect."
Like most artists of his era, Rembrandt mixed his own paints, experimenting with different recipes to get different desired effects. Common materials then included lead white pigment (produced via the corrosion of metallic lead) and organic substances like linseed oil. But nobody knew the precise recipe the master used to create the impasto effect.
Pine64 plans to showcase prototypes of its upcoming Linux laptop, tablet, and smartphone at FOSDEM this weekend. But that’s not all the company is working on. Pine64 will also release upgrades to two of its Raspberry Pi-like single-board computer…
Pine64 plans to showcase prototypes of its upcoming Linux laptop, tablet, and smartphone at FOSDEM this weekend. But that’s not all the company is working on. Pine64 will also release upgrades to two of its Raspberry Pi-like single-board computers this year. The Rock64 Revision 3 is the latest version of the company’s mini PC with […]
The 29 apps concealed their malice and were hard for many infected users to uninstall.
Enlarge/ Screenshots of the pop-up ads displayed by malicious apps that were available in Google's Play Store. (credit: Trend Micro)
Google has banned dozens of Android apps downloaded millions of times from the official Play Store after researchers discovered they were being used to display phishing and scam ads or perform other malicious acts.
A blog post published by security firm Trend Micro listed 29 camera- or photo-related apps, with the top 11 of them fetching 100,000 to 1 million downloads each. One crop of apps caused browsers to display full-screen ads when users unlocked their devices. Clicking the pop-up ads in some cases caused a paid online pornography player to be downloaded, although it was incapable of playing content. The apps were carefully designed to conceal their malicious capabilities.
“None of these apps give any indication that they are the ones behind the ads, thus users might find it difficult to determine where they’re coming from,” Trend Micro Mobile Threats Analyst Lorin Wu wrote. “Some of these apps redirect to phishing websites that ask the user for personal information, such as addresses and phone numbers.”
Den zugrunde liegenden Fehler für die schwere Sicherheitslücke von Facetime in der vergangenen Woche hat Apple zwar gefixt, doch das System bleibt erst einmal offline. Medienberichten zufolge müssen die Endgeräte gepatcht werden. (Apple, Sicherheitslücke) 
Das deutsche Internet ist angeblich bedroht, bei Facebook bricht das Chaos aus, Kundendatenbanken verschwinden und Umsätze sinken. (
When there are any major newsworthy developments in the file-sharing world, our ‘tips’ mailbox usually fills up pretty quickly.
You must be logged in to post a comment.