Month: November 2020

Unmask 25 Pirate Site Owners: ACE/MPA Piles Pressure On Tonic Registry

This week the MPA and RIAA reported the Tonic domain registry to the USTR as a notorious pirate market. As pressure mounts, two DMCA subpoenas obtained by the Alliance For Creativity and Entertainment on behalf of the MPA and dozens of other companies now order the company to hand over all information it holds on more than two dozen ‘pirate’ sites.

From: TF, for the latest news on copyright battles, piracy and more.

ACE logoEvery year the MPA and RIAA respond to a request from the Office of the US Trade Representative to submit their recommendations for the annual “notorious markets” list.

In many cases, the industry groups choose to nominate the world’s most popular pirate sites and services for a mention, including but not limited to The Pirate Bay, YTS, RarBG, 1337x, and Popcorn Time, for example.

More recently, however, the MPA and RIAA have begun mentioning ancillary companies that in their judgment are not necessarily pirate services in themselves but due to their provision of systems and infrastructure, are in a position to act affirmatively to reduce the effectiveness of pirate sites.

As reported this week, the MPA and RIAA has now chosen to nominate domain name companies and services including the Njalla privacy service associated with Pirate Bay co-founder Peter Sunde and the Tonic domain registry that is often favored by pirate services.

Pressure Has Been Building on Tonic Domain Registry

In September, the Alliance for Creativity and Entertainment (ACE), the global anti-piracy coalition made up of the major Hollywood studios, Netflix, Amazon, and dozens of other companies, obtained a DMCA subpoena compelling Tonic to hand over information held on major pirate sites including The Pirate Bay, YTS, 1337x, EZTV, Seasonvar, Tamilrockers, Lordfilms, and many others.

A month later, ACE was back in court again, this time obtaining a DMCA subpoena requiring Tonic to hand over information held on massive Germany-focused streaming site S.to.

The dust had barely settled when ACE returned to court once again, obtaining another subpoena forcing Tonic to give up the identities of the people behind torrent giant 1337x.to (again), streaming site BS.to, Kimcartoon.to, Vumoo.to, Ololo.to, Seriesflix.to, Kinox.to, Movie4k.to plus many more.

Back Once Again With Yet Another Demand For Information

It’s unclear exactly how many pirate sites utilize .to domains for their operations but ACE clearly sees the registry’s involvement as part of their infrastructure as a problem when it comes to its enforcement actions. As a result, a DMCA subpoena ACE obtained in recent days from a California court lists two dozen problematic platforms for which it seeks additional information.

The majority of the domains are focused on streaming movies and TV shows, with sites including Lordfilm, Ymovies, Pelis24, Series24, HDGo, HDSS, Flixtor, Soap2Day and Solarmovie all getting a prominent mention.

Also present in the demand for information is a selection of popular torrent indexes such as TorrentGalaxy, Monova, and Glodls. These make an appearance alongside sites operating in different niches such as popular Germany-focused piracy forum Boerse and proxy-centric platform Unblocked. DDL-Warez is also featured in the subpoena but at the time of writing appears to be down.

Sites Infringe Copyrights in Popular Movies and TV Shows

Along with each site is a claim that they infringed rights in a specific movie or TV show. These include the movies Frozen II, Dolittle, Wonder Woman, Harry Potter and the Chamber of Secrets, Beautiful Boy, Bird Box, Triple Frontier, and Scoob! In the cases of Series 24 and Flixtor, both stand accused of illegally offering the first episode in the TV series Watchmen.

The application was filed by Jan van Voorn, Executive Vice President and Chief of Global Content Protection for the Motion Picture Association.

“The ACE Members (via the Motion Picture Association, Inc.) are requesting issuance of the attached proposed subpoena that would order Tonic Domains Corporation to disclose the identities, including names, physical addresses, IP addresses, telephone numbers, e-mail addresses, payment information, account updates and account histories of the users operating the websites [listed below],” it reads.

A letter to Tonic Domains attached to the subpoena repeats a similar message.

ACE DMCA to Tonic

At the same time, ACE also obtained a second DMCA subpoena claiming that the linking site Huho.to infringed its members’ copyrights in the movies Beauty and the Beast and It Chapter Two. The claim is that Huhu.to connects users of the popular ‘Watched‘ mobile application to cyberlockers containing infringing content so, as a result, its operator’s details should be handed over.

The anti-piracy coalition lists a number of sites where the movies were hosted including Clipboard.cc, GoUnlimited.to, Mixdrop.to, Upstream.to, Vivo.sx, Vidlox.me, and Clipwatching.com, but these sites don’t appear to be direct targets in the subpoena.

Documents supporting the DMCA subpoenas can be found here 1,2,3,4 (pdf)

List of Domains and Main Use (Both Subpoenas)

lordfilm.to – streaming
ddl-warez.to – down
boerse.to – piracy forum
pepecine.to – streaming
ymovies.to – streaming
pelis24.to – streaming
kinoz.to – streaming (kinox.to alternate)
monova.to – torrents
unblocked.to – proxy site
glodls.to – torrents
byte.to – DDL/streaming
enstream.to – streaming
series24.to – streaming
hdgo.to – streaming
ilgeniodellostreaming.to – streaming
movie-blog.to – DDL index
torrentgalaxy.to – torrents
goojara.to – streaming
supernova.to – streaming
levidia.to – streaming
flixtor.to – streaming
hdss.to – streaming
solarmovie.to – streaming
soap2day.to – streaming
huhu.to (subpoena 2)

From: TF, for the latest news on copyright battles, piracy and more.

Graues Überstehen

Kunst und Kultur unter Corona: Ja bitte! – oder kann das weg? – Nachdenken über Wirklichkeitssinn, Möglichkeitssinn und “Systemrelevanz”

Kunst und Kultur unter Corona: Ja bitte! - oder kann das weg? - Nachdenken über Wirklichkeitssinn, Möglichkeitssinn und "Systemrelevanz"

Überwachung: EU-Innenminister wollen Verschlüsselung umgehen

Die Polizei soll an alle Informationen kommen, die sie benötigt – auch wenn sie verschlüsselt sind. Damit würde allerdings die E2E-Verschlüsselung abgeschafft. (Ende-zu-Ende-Verschlüsselung, Vorratsdatenspeicherung)

Die Polizei soll an alle Informationen kommen, die sie benötigt - auch wenn sie verschlüsselt sind. Damit würde allerdings die E2E-Verschlüsselung abgeschafft. (Ende-zu-Ende-Verschlüsselung, Vorratsdatenspeicherung)

This farmer’s field was once a powerful stronghold in Iron Age Norway

We know about it all because a farmer wanted to dig a drainage ditch.

In June, archaeologists began unearthing a Viking ship from a farmer’s field in eastern Norway. The 1,000- to 1,200-year-old ship was probably the grave of a local king or jarl, and it once lay beneath a monumental burial mound. A 2018 ground-penetrating radar survey of a site called Gjellestad, on the fertile coastal plain of Vikiletta, revealed the buried ship.

The Norwegian Institute for Cultural Heritage Research, or NIKU, announced the ship find in 2018, and it announced earlier in 2020 that excavations would begin over the summer to save the vessel from wood-eating fungus. NIKU archaeologist Lars Gustavsen and his colleagues’ recent study is the first academic publication of the survey results, and it includes the previously announced Gjellestad ship burial as well as the other ancient tombs and buildings. In the recently published paper, the radar images reveal the ghosts of an ancient landscape surrounding the royal tomb: farmhouses, a feasting hall, and centuries of burial mounds.

Altogether, the buried structures suggest that over several centuries, from at least 500 BCE to 1000 CE, an ordinary coastal farming settlement somehow grew into an important seat of power on the cusp of the Viking Age.

Read 16 remaining paragraphs | Comments

Hackers can use just-fixed Intel bugs to install malicious firmware on PCs

Computer makers are in the process of patching Boot Guard. Have you installed it yet?

Hackers can use just-fixed Intel bugs to install malicious firmware on PCs

Enlarge (credit: Getty Images)

As the amount of sensitive data stored on computers has exploded over the past decade, hardware and software makers have invested increasing amounts of resources into securing devices against physical attacks in the event that they’re lost, stolen, or confiscated. Earlier this week, Intel fixed a series of bugs that made it possible for attackers to install malicious firmware on millions of computers that use its CPUs.

The vulnerabilities allowed hackers with physical access to override a protection Intel built into modern CPUs that prevents unauthorized firmware from running during the boot process. Known as Boot Guard, the measure is designed to anchor a chain of trust directly into the silicon to ensure that all firmware that loads is digitally signed by the computer manufacturer. Boot Guard protects against the possibility of someone tampering with the SPI-connected flash chip that stores the UEFI, which is a complex piece of firmware that bridges a PC’s device firmware with its operating system.

Hardware-enforced security

These types of hacks typically happen when attackers attach hardware to the insides of a computer and use Dediprog or similar chip programming tools to replace authorized firmware with malicious firmware.

Read 9 remaining paragraphs | Comments