P2P-Zone  

Go Back   P2P-Zone > Peer to Peer
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Peer to Peer The 3rd millenium technology!

Reply
 
Thread Tools Search this Thread Display Modes
Old 31-07-19, 06:22 AM   #1
JackSpratts
 
JackSpratts's Avatar
 
Join Date: May 2001
Location: New England
Posts: 10,013
Default Peer-To-Peer News - The Week In Review - August 3rd, ’19

Since 2002


































"We are going to figure out how to communicate with other people and live complete and wholesome lives. Yes, I’m concerned, but if you think about all the other distractions — somehow humanity has managed to survive. When the TV first came out, I spent hours watching wrestling." – Martin Cooper






































August 3rd, 2019



Google Chrome 76 Now Available, Makes it Easier to Get Around Paywalls

Chrome 76 is now out for Android, Mac, Windows, and Linux users, and is coming to Chrome OS on August 6.
Babu Mohan

• Chrome 76 is now available for Android, Mac, Windows, and Linux users.
• The latest version of Chrome browser blocks Flash by default and makes it easier to bypass paywalls.
• There are multiple Progressive Web Apps improvements as well.

Google has finally released the stable version of Chrome 76 for Android, Windows, Mac, Linux, and iOS platforms. The latest version of Chrome comes with several major improvements and new features. Adobe Flash is now blocked by default, which means you will need to head over to settings to use it. The other major highlight is that Chrome 76 makes it impossible for websites to tell if a user is in Incognito Mode.

Websites were previously able to detect if someone was using Incognito Mode thanks to the way Chrome implemented the FileSystem API, with the help of "detect private mode" scripts. Since Chrome 76 fixes the flaw, websites will no longer be able to force readers to sign up for a subscription after viewing a fixed number of free articles. Needless to say, this is likely to affect major news publications that put their content behind a paywall.

After you update to Chrome 76, you will notice that Adobe Flash is now turned off by default. If you wish to use Flash, you will need to manually enable to feature by going to chrome://settings/content/flash. Once you enable it, you will see the familiar "Ask first" option pop up when you visit a website with Flash content.

Additionally, the Dark Mode feature has been improved with the addition of prefers-color-scheme media query, which will allow websites to enable dark mode automatically to match the user's preferred mode. It is also going to be easier to install Progressive Web Apps (PWAs) on desktop, thanks to the new install button added to the address bar. On Android, Chrome will now check if a web app manifest has changed every day instead of every three days.
https://www.androidcentral.com/chrom...incognito-mode





Major Broadcasters Sue TV Streaming Nonprofit Locast
Janko Roettgers

The four major broadcast networks have filed a lawsuit against Locast, a New York-based nonprofit that streams local broadcast programming over the internet. In their lawsuit, ABC, CBS, NBC Universal and Fox allege that Locast violates their copyrights by retransmitting their programming without permission and compensation, likening it to Aereo, the TV retransmission startup that shut down in 2014 as the result of a similar lawsuit.

The Wall Street Journal was first to report about the lawsuit Wednesday morning,

“Locast is simply Aereo 2.0, a business built on illegally using broadcaster content,” the lawsuit reads in part. “While it pretends to be a public service without any commercial purpose, Locast’s marketing and deep connections to AT&T and Dish make clear that it exists to serve its pay-TV patrons.”

Locast responded to the lawsuit Wednesday morning with the following statement:

“Locast is an independent, non-profit organization that provides a public service retransmitting free over-the-air broadcasts. Its activities are expressly permitted under the Copyright Act. The fact that no broadcasters have previously filed suit for more than a year and a half suggests that they recognize this. We look forward to defending the claims — and the public’s right to receive transmissions broadcast over the airwaves — in the litigation.”

Locast launched in early 2018, and is being operated by the Sports Fan Coalition New York. The upstart has been arguing that it doesn’t need to pay retransmission fees to compensate broadcasters for their programming due to the fact that it doesn’t operate as a for-profit entity. The argument is based on a clause in the copyright act that allows retransmissions made by “a governmental body, or other nonprofit organization, without any purpose of direct or indirect commercial advantage” without licenses or retransmission payments.

Locast can be accessed in 13 metropolitan areas, including New York, Boston, Los Angeles, San Francisco and Washington, D.C. The service is available via mobile apps as well as on streaming devices like Roku and Fire TV. It frequently asks viewers for donations to cover its operating costs.

In addition to these individual donations, Locast has also gotten substantial support from some of the TV operators, including AT&T. The telco recently donated $500,000 to Locast, and also integrated Locast’s app into its set-top box.

The lawsuit alleges that operators like AT&T effectively use Locast as a pawn in their retransmission negotiations, and points out that the head of the Sports Fan Coalition David R. Goodfriend is a former Dish executive who went on to lobby for Dish on retransmission consent issues. The lawsuit also alleges that Locast was funded in part through a loan from an internet provider run by a former Dish executive.

“Locast not only is securing important commercial advantages for itself, (…) but it is also operating in collaboration with, and for the commercial benefit of, two companies that are among the largest pay-TV distributors in the country,” the lawsuit alleges.

A Dish spokesperson responded to these allegations by sending Variety the following statement:

“Dish has no more links to Locast than we do with over-the-air antennas, but we continue to believe consumers deserve a choice when it comes to how they receive their local broadcast channels, whether through satellite retransmission, over-the-air antennas or through other legal means.”

The broadcasters are asking the court to shut down Locast, but the nonprofit is expected to fight back.

Aereo tried to justify its service by renting personal antennas to each and every subscriber, arguing that it was just facilitating personal space shifting of TV programming. The Aereo lawsuit went all the way to the U.S. Supreme Court, which sided with the broadcasters, leading to the shut-down of the service in June of 2014. Aereo’s assets were later bought by TiVo.
https://variety.com/2019/digital/new...st-1203286487/





Content is the King that Turned Tyrant
Nick Wood

• Consumers are the ultimate losers in the battle over exclusive shows
• Price rises and a proliferation of services means fewer loyal customers
• Illegal file-sharing offers the only proper à la carte content service, and it's free

Price rises, the clamour for exclusive must-see shows, and a growing number of services means that end users face more barriers between them and their favourite content. So much so that piracy likely remains the most consumer-friendly way of watching exactly what you want to watch.

AT&T this week revealed that its DirecTV Now streaming service is being rebranded as AT&T TV Now, to bring it into line with its upcoming new, other streaming service, AT&T TV.

"Both the AT&T TV and AT&T TV NOW experiences will be accessed through the same AT&T TV app either on mobile or the big screen. Customer login credentials will determine what content appears," said AT&T, in a statement.

How AT&T's upcoming other, other new streaming service, HBO Max, fits into this picture is anyone's guess. Will it still be possible to add HBO content to an AT&T TV or AT&T TV Now subscription, or will it be a standalone service?

Let's not forget that in addition to streaming, AT&T still offers the satellite-based DirecTV service, and its U-verse IPTV service.

This complete casserole of nonsense is symptomatic of a broader sickness sweeping through the content industry, as players increasingly focus on holding exclusive rights to the hottest shows and bank on consumers being prepared to cough up in order to watch them.

Could it be any more annoying?

Much has been made of Netflix's push into original and exclusive programming. It was always somewhat amusing then that it's top two most-streamed shows were consistently Friends and the US version of The Office, shows to which Netflix held exclusive streaming rights.

As we now know, those two shows are shipping off next year to separate services. Friends will become an HBO Max exclusive, while The Office is going to be exclusively available from NBCUniversal's upcoming streaming service.

Where once upon a time, a customer paid one subscription and could stream Friends, The Office, and original Netflix shows, now they must pay three times to access the same content. If you're more in the mood for a proper classic, like Seinfeld, you can only stream that from Hulu, and if you're a Tom Clancy fan, Amazon Prime is your only option for Jack Ryan.

Of course, the customer gets access to most, if not the entire content library of these respective services when they sign up, but that still doesn't help with the bank balance.

In essence, firm fan favourites like Friends, The Office and Seinfeld are being used as hostages by service providers, and end users must pay a ransom to each hostage-taker if they ever want to stream their beloved shows again.

Show me the money!

You would think that all this competition would put downward pressure on prices, and lead to all kinds of special offers.

Sadly not.

In July 2018, AT&T raised the monthly price of DirecTV Now by $5. In April this year, it hiked it again by a further $10 per month.

At the beginning of 2019, Netflix announced prices would increase by 13-18 percent, the biggest rate rise in the company's history.

Hulu actually lowered the price of its basic streaming service in January. But at the same time, it raised the price of its live TV streaming services.

Last year, Amazon maintained the same monthly rate for its Prime Video service, but increased the price of Amazon Prime in the US by 20 percent. Not a video-specific price hike, but it's not like it lowered prices in the face of all this competition either.

It hasn't gone unnoticed by customers. AT&T continues to lose video subscribers. According to its most recent financials, the telco lost 168,000 DirecTV Now subscribers. Earlier this month, Netflix reported a decline in US subscribers for the first time in eight years.

In both cases, the losses were attributed to price hikes.

A pirate's life for me

With the same content locked behind different paywalls, and prices going up, it's almost as if the industry is goading consumers to have another crack at piracy.

That's exactly what appears to be happening.

Towards the end of last year, network intelligence provider Sandvine revealed in a report that BitTorrent traffic had reversed its years-long decline in Europe and the US and is once again on the rise.

In terms of uplink bandwidth consumption, BitTorrent occupies first place in Europe and APAC, and second place in the Americas.

Sandvine's VP of global marketing, Cam Cullen, said in a blog post at the time that the cost of watching exclusive content from multiple streaming services is partly to blame.

"It gets very expensive for a consumer, so they subscribe to one or two and pirate the rest," he wrote.

In addition, some US-produced shows are not widely distributed, encouraging consumers in other countries to resort to piracy.

Indeed, a quick browse through The Pirate Bay – yes, it still exists – shows people are still pirating the latest big-budget shows, like Game of Thrones, The Handmaid's Tale, and The Office, despite their availability on streaming services.

It's almost as if consumers don't appreciate being treated with outright disdain.
https://www.telecomtv.com/content/vi...-tyrant-35911/





Jury to Decide Damages Owed by Katy Perry for 'Dark Horse'

• Marcus Gray and two co-authors first sued in 2014, alleging "Dark Horse" stole from "Joyful Noise," a song Gray released under the stage name Flame.
• The penalty phase is scheduled begin Tuesday with opening arguments, and will ultimately determine how much Perry and other defendants owe for copyright infringement.

A jury's verdict that Katy Perry's 2013 hit "Dark Horse" improperly copied a 2009 Christian rap song represents a rare takedown of a pop superstar and her elite producer by a relatively unknown artist, and sets up a battle over damages that will begin Tuesday.

Monday's unanimous verdict by a nine-member federal jury in a Los Angeles courtroom came five years after Marcus Gray and two co-authors, first sued in 2014 alleging "Dark Horse" stole from "Joyful Noise," a song Gray released under the stage name Flame.

The penalty phase is scheduled begin Tuesday with opening arguments, and will ultimately determine how much Perry and other defendants owe for copyright infringement. Testimony will give jurors a peek into the finances behind "Dark Horse," a hit single that earned Perry a Grammy nomination and was the second song in her elaborate 2015 Super Bowl halftime performance.

Questions from the jury during two days of deliberations had suggested that they might find only some of the defendants liable for copyright infringement. The case focused on the notes and beats of the song, not its lyrics or recording, and the questions suggested that Perry might be off the hook.

But in a decision that left many in the courtroom surprised, jurors found all six songwriters and all four corporations that released and distributed the songs were liable, including Perry and Sarah Hudson, who wrote only the song's words, and Juicy J, who only wrote the rap he provided for the song. Perry was not present when the verdict was read.

Other defendants found liable were Capitol Records as well as Perry's producers: Dr. Luke, Max Martin and Cirkut, who came up with the song's beat.

Gray's attorneys argued that the beat and instrumental line featured through nearly half of "Dark Horse" are substantially similar to those of "Joyful Noise." Gray wrote the song with his co-plaintiffs Emanuel Lambert and Chike Ojukwu.

"Dark Horse," a hybrid of pop, trap and hip-hop sounds that was the third single of Perry's 2013 album "Prism," spent four weeks atop the Billboard Hot 100 in early 2014.

Her attorneys argued that the song sections in question represent the kind of simple musical elements that if found to be subject to copyright would hurt music and all songwriters.

"They're trying to own basic building blocks of music, the alphabet of music that should be available to everyone," Perry's lawyer Christine Lepera said during closing arguments Thursday.

The defendants' musical expert testified that the musical patterns in dispute were as simple as "Mary Had a Little Lamb."

But the jury of six women and three men disagreed, finding that the bumping beat and riff at the center of "Joyful Noise" were original enough to be copyrighted.

Perry and the song's co-authors testified during the seven-day trial that none of them had heard the song or heard of Gray before the lawsuit, nor did they listen to Christian music.

Gray's attorneys had only to demonstrate, however, that "Joyful Noise" had wide dissemination and could have been heard by Perry and her co-authors. They provided as evidence that it had millions of plays on YouTube and Spotify, and that the album it's included on was nominated for a Grammy.

"They're trying to shove Mr. Gray into some gospel music alleyway that no one ever visits," said plaintiffs' attorney Michael A. Kahn during closing arguments, when he also pointed out that Perry had begun her career as a Christian artist.

Jurors agreed, finding that the song was distributed widely enough that the "Dark Horse" writers may well have heard it.

Kahn and Gray declined comment but smiled as they left the courtroom after the verdict.

Lepera and other defense attorneys also declined comment outside court. Perry's publicist did not immediately return an email message seeking comment Monday evening.

Perry, a 34-year-old pop superstar and "American Idol" judge, brought laughs to the proceedings when she testified during its second day when her lawyers were having technical troubles getting "Dark Horse" to play in the courtroom.

"I could perform it live," Perry said.

No performance was necessary after the audio issues were fixed. Jurors heard both songs played back-to-back in their entirety at the end of closing arguments last week.
https://www.cnbc.com/2019/07/30/jury...ark-horse.html





These are the Minor Crimes You're Most Likely to Commit

Have Netflix? Cross the street without abandon? Odds are you're breaking the law and don't even know it.
Becca Glasser-Baker

A recent study sheds light on just how many Americans break the law, and don't even realize it.

Lawsuit.org found that 81 percent of 1,071 people in a focus group committed a minor offense within the past year, and the vast majority of those people — 96 percent — consider themselves “law-abiding” citizens.

The study shows that the most common infraction was jaywalking. According to findlaw.com, jaywalking is considered a misdemeanor carrying with it the possibility of a citation from police, which can result in a fine.

Secondly, the most popular offense was sharing your Netflix password, which 27 percent of study participants have done. Sharing your password with someone who is not paying for the account is technically illegal. This study showed that 45 percent of people were unaware that it was illegal to share their Netflix password.

The law with Netflix is a little bit more complicated, as sharing a Netflix password with someone outside of the family is technically a violation of the U.S. Computer Fraud and Abuse Act, CBS reported. Although companies aren’t cracking down on this yet, its something to note for the future.

Coming in at third place is pirating music or video content. The study shows that 24 percent of folks have done it. If you pirate video or music content, it is possible to be fined up $250,000 or one could face five years of jail time, according to RIAA.com. Nine percent of people had no clue that pirating music or video content was actually illegal.

And ever use a pseudonym? Forty-two percent of people were unaware that using a fake name online is technically illegal. It is also illegal to connect unsecured wi-fi, and about 40 percent of survey participants were also unaware of this.
https://www.metro.us/news/americans-...-minor-offense





Privacy Groups Aghast Over Warrant Tied to Link Click
Brad Kutner

A Fourth Circuit ruling that backs the search of a house for child porn based solely on evidence that its inhabitant clicked a single link in the dark reaches of the web is stirring outrage.

“Links can be created and propagated throughout the internet, and we may not know their origin,” Electronic Frontier Foundation staff attorney Aaron Mackey said in a phone interview. “They might be shared with you; they could be used for pranks or criminality. That is a problem.”

The foundation spoke out Friday on the heels of a 2-1 ruling from the federal appeals court in Richmond that upholds the warrant police used to search the Purcellville, Virginia, home of Nikolai Bosyk.

Investigators did find child porn — thousands of images and videos on multiple digital devices — but Boysk fought to suppress the evidence against him on the basis that the government lacked probable cause for its warrant.

While the appeal has been underway, Boysk is serving five years in prison as part of a plea deal.

William Ashwell, an attorney for Boysk with the Warrenton law firm Mark B. Williams & Associates, noted that their fight is not over.

“The importance of the issues raised in this appeal cannot be overstated and will constitutionally impact countless individuals now and in the future,” Ashwell said, vowing to seek a rehearing en banc and Supreme Court relief if that fails.

“The digital age will continue to raise complicated and diverse issues for our justice system to consider,” Ashwell continued. “It is our hope that everyone recognizes the importance of safeguarding individual civil liberties in the internet age.”

Prosecutors got the warrant to search Boysk’s house as part of a federal investigation of an online message board that the government has said was “dedicated to the advertisement, distribution and production of child pornography.”

After subpoenaing a separate file-sharing site that one member used to post four videos of underage girls engaged in sex acts, investigators found the IP address that another subpoena traced to Bosyk.

Writing for the court majority Thursday, U.S. Circuit Judge Albert Diaz emphasized that the URL that Bosyk clicked cannot be separated from the rest of the post.

“Accompanying the link was a message describing its contents unmistakably as child pornography, as well as numerous thumbnail images depicting sexual molestation of a female toddler,” wrote Diaz, who was appointed to the bench by President Barack Obama. “And if you clicked the link, it took you, as promised, to multiple videos of child pornography.”

Later Diaz said: “This context provides evidence about the probable knowledge and intent of the user that is otherwise lacking from the face of the URL.”

What concerns internet-privacy groups, however, is the precedent that the case sets.

“The court made some leaps about the temporal connection between law enforcement finding this link and when the IP address associated with Mr. Boysk’s internet access accessed it,” said Mackey with the EFF.

U.S. Circuit Judge James Wynn, another Obama appointee, dissented from the court’s holding.

“I believe the majority opinion displays a troubling incomprehension of the technology at issue in this matter,” Wynn wrote before noting the affidavit included no information about Bosyk’s membership to the targeted message board or his attempt to download the offending files connected to the URL.

“The majority opinion’s finding of probable cause, therefore, rests entirely on the premise that the affidavit established a fair probability that someone using Defendant’s IP address ‘clicked the link having encountered it on [Bulletin Board A],’” Wynn wrote. “The government’s failure to establish that sequence of events fatally undermines its effort to rely on temporal proximity as a circumstantial basis for proving that someone using Defendant’s IP address navigated to the URL through Bulletin Board A.”

Mackey, who said they got involved in the case to specifically address concerns around the technological understanding of the issue like Wynn suggested, said he hopes law enforcement is more aware of how IP address and actual access intersect with civil rights when they use similar investigation techniques in the future.

“They should include [additional] information so it’s more than just a link, but we’re still worried about what this means for internet users,” he said. “We’ll continue to push for what we think is the correct view, that the single click of a link is insufficient to establish probable cause.”

Representatives for the Department of Justice did not return a request for comment. U.S. Circuit Judge Julius Richardson, a Trump appointee, joined Diaz in the majority.
https://www.courthousenews.com/priva...ed-link-click/





Canada Invests C$85 Million in Satellite Company to Narrow Broadband Gap for Remote Areas

The Canadian government said on Wednesday it is investing C$85 million ($64.70 million) in an Ottawa-based satellite company as part of an effort to provide better broadband internet access to rural and remote communities.

Innovation, Science and Economic Development Minister Navdeep Bains said the funding would be used by Telesat to build and test technologies that use low-earth-orbit (LEO) satellites to boost connectivity.

“This new, space-based system will provide a dramatic and disruptive improvement over existing satellites,” Telesat Chief Executive Officer Dan Goldberg said, adding that the technology will be affordable and reliable.

LEO satellites operate 36 times closer to the earth than traditional telecommunications satellites. This means they take less time to send and receive information, leading to better and faster broadband service, even in rural, remote and northern areas.

Bains said Canada has also entered a preliminary agreement with Telesat that would address “connectivity gaps in rural and remote communities by bringing fiber-like internet to Canadians no matter where they live.”

A memorandum of understanding foresees the Canadian government committing up to C$600 million over 10 years for “privileged access” to the satellite network and to help deliver C$1.2 billion in affordable high-speed internet.

The privileged access will not be limited to isolated or rural communities, Bains said.

“This will benefit the Canadian government as a whole, and of course our military will benefit,” he said.

Prime Minister Justin Trudeau’s Liberal government promised to make high-speed internet available to all Canadians by 2030. The government has committed up to C$1.7 billion, which included funding for LEO satellites, to achieve this target.

In 2018, the Canadian government promised to invest C$100 million over five years in projects designed to boost broadband connectivity via the use of LEO satellites.

Reporting by Steve Scherer; writing by Kelsey Johnson; editing by Paul Simao and Bill Berkrot
https://www.reuters.com/article/us-c...-idUSKCN1UJ2L0





No More Ransom Project has Prevented Ransomware Profits of at Least $108 Million

No More Ransom project is celebrating its three-year birthday today.
Catalin Cimpanu

On the three-year anniversary of the No More Ransom project, Europol announced today that users who downloaded and decrypted files using free tools made available through the No More Ransom portal have prevented ransomware gangs from making profits estimated at at least $108 million.

Just the free decryption tools for the GandCrab ransomware alone offered on the No More Ransom website have prevented ransom payments of nearly $50 million alone, Europol said.

Decryption tools for 109 ransomware strains

The project, which launched in July 2016, now hosts 82 tools that can be used to decrypt 109 different types of ransomware.

Most of these have been created and shared by antivirus makers like Emsisoft, Avast, and Bitdefender, and others; national police agencies; CERTs; or online communities like Bleeping Computer.

By far the most proficient member has been antivirus maker Emsisoft, which released 32 decryption tools for 32 different ransomware strains.

"We're pretty proud of releasing the decryptor for MegaLocker, as not only did it help thousands of victims, but it really riled up the malware author," Michael Gillespie, researcher at Emsisoft, told ZDNet.

"We also have a couple of decryption tools in the pipeline for strains that have claimed a huge number of victims and, in one of those cases, we'll be doing the decryption in a way that's never been done before," Gillespie said.

All in all, Europol said that more than three million users visited the site and more than 200,000 users downloaded tools from the No More Ransom portal since its launch.

Site visitors came from 188 countries all over the world, showing that despite the project starting in Europe, its reach is now global.

Per statistics Europol shared today, most of the site's visitors came from South Korea, the US, the Netherlands, Russia, and Brazil.

No More Ransom started out with three founding partners -- Dutch Police, Kaspersky, and McAfee -- but now has more than 150 partners across the world.

The only oddity in No More Ransom's make-up is the lack of any US-based law enforcement agency. Other than that, everyone else is represented.

Partners come from all fields of activity, ranging from law enforcement, to public organizations, and privately-held companies.

"We've always had a good working relationship with European LEAs [law enforcement agencies] and sharing data with them has always been very straightforward," Fabian Wosar, CTO at Emsisoft, told ZDNet.

"Europol doesn't request that we create specific decryption tools, we simply provide them with access to the tools we've created," Wosar added. "We have, however, been asked to provide custom decryption solutions for a number of companies."

$108 million is a gross underestimate

However, an Emsisoft spokesperson told ZDNet that the $108 million estimate that Europol shared today is "actually a huge underestimate."

"They're based on the number of successful decryptions confirmed by telemetry - in other words, when the tools phone home to confirm they've done their job," Emsisoft told ZDNet.

"None of our tools phone home. They've been downloaded more 1.6 million times, so it'd be more accurate to say they've helped folk avoid north of $800 million in ransom demands."

In addition, decryption tools provided by Bleeping Computer also don't phone home, which means victims saved even more money, and crooks lost more.
https://www.zdnet.com/article/no-mor...t-108-million/





GermanWiper Ransomware Hits Germany Hard, Destroys Files, Asks for Ransom

Users advised not to pay the ransom under any circumstances!
Catalin Cimpanu

For the past week, a new ransomware strain has been wreaking havoc across Germany. Named GermanWiper, this ransomware doesn't encrypt files but instead it rewrites their content with zeroes, permanently destroying users' data.

As a result, any users who get infected by this ransomware should be aware that paying the ransom demand will not help them recover their files.

Unless users had created offline backups of their data, their files are most likely gone for good.

For now, the only good news is that this ransomware appears to be limited to spreading in German-speaking countries only, and with a focus on Germany primarily.

Pretty big distribution campaign

First signs of GermanWiper were reported earlier this week when victims started asking for help on the Bleeping Computer forums, a popular place where internet users congregate to get advice in dealing with ransomware infections.

The first report came on Tuesday, July 30, and they kept piling on through the following days.

Michael Gillespie, the creator of ID-Ransomware, a website where ransomware victims can upload samples and identify the type of ransomware that has infected their systems, told ZDNet that currently GermanWiper is one of the top five most active ransomware strains on his platform.

The four ransomware strains with more detections on ID-Ransomware are all strains that are distributed globally. Taking this detail into account, it's safe to say that German-speaking users are currently under assault from GermanWiper's operators.

Distributed via malspam

According to German security researcher Marius Genheimer and CERT-Bund, Germany's Computer Emergency Response Team, the GermanWiper ransomware is currently being distributed via malicious email spam (malspam) campaigns.

⚠️ Angreifer versenden aktuell gefälschte Bewerbungen im Namen von "Lena Kretschmer" zur Verbreitung der #Ransomware #GermanWiper. Nicht die Anhänge der Mail öffnen! ⚠️ pic.twitter.com/rpDBReqQYX
— CERT-Bund (@certbund) August 2, 2019

These emails claim to be job applications from a person named "Lena Kretschmer." A CV is attached as a ZIP file to these emails, and contains a LNK shortcut file. The LNK file is boobytrapped and will install the GermanWiper ransomware.

When users run this file, the ransomware will rewrite the content of various local files with the 0x00 (zero character), and append a new extension to all files. This extension has a format of five random alpha-numerical characters, such as .08kJA, .AVco3, .OQn1B, .rjzR8, etc..

After it "encrypts" all targeted files, GermanWiper will open the ransom note (an HTML file) inside the user's default browser. The ransom note looks like the one below. A video of the infection process is also available here.

Victims are given seven days to pay the ransom demand. It is important to remember that paying the ransom note won't help users recover their files.

Second ransomware-wiper combo to hit Germany

Curiously, this is not the first ransomware with wiper tendencies that targets German-speaking users. In November 2017, Germany was targeted by a similar ransomware strain named Ordinypt (or HSDFSDCrypt).

Coincidentally, or not, Ordinypt also used malspam for distribution and CVs of beautiful women to get victims to infect themselves. In addition, the Ordinypt ransom note is also nearly identical with the one used by GermanWiper.

ZDNet would like to thank security researcher @James_inthe_box for his help with this report.
https://www.zdnet.com/article/german...ks-for-ransom/





Capital One Breach Also Hit Other Major Companies, Say Researchers
Zack Whittaker

The data breach at Capital One may be the “tip of the iceberg” and may affect other major companies, according to security researchers.

Israeli security firm CyberInt said Vodafone, Ford, Michigan State University and the Ohio Department of Transportation may have also fallen victim to the same data breach that saw more than 106 million credit applications and files stolen from a cloud server run by Capital One by an alleged hacker, Paige Thompson, a Seattle resident, who was taken into FBI custody earlier this week.

It follows earlier reports from Forbes and security reporter Brian Krebs indicating that Capital One may not have been the only company affected, pointing to “one of the world’s biggest telecom providers, an Ohio government body, and a major U.S. university,” according to Slack messages sent by the alleged hacker.

The same messages were published in a CyberInt report published Wednesday. “Other victims may be inferred from filenames,” said the report, including Apperian, Infoblox and Wakoopa.

The Justice Department said Thompson may face additional charges — suggesting other companies may have been involved.

We reached out to several of those named by CyberInt with mixed results. Ohio’s Department of Transportation said it was working with the FBI to try to “determine what, if anything, was accessed,” said spokesperson Erica Hawkins. “At this point, however, we can confirm that the information in the referenced file contained only publicly available data and no private information was stored there,” she said.

Ford spokesperson Monique Brentley told TechCrunch that it’s “investigating the situation to determine if Ford information is involved.”

Meanwhile, Vodafone spokesperson Adam Liversage said the telecom giant was “not aware” of its data stolen in the Capital One breach.

And a spokesperson for Michigan State University said it receives “hundreds of threats and attacks on our system” and said it was “hard to know if one recently was the alleged hacker from the Capital One situation.”

“Our teams are looking into but at this point we have no information to share,” said spokesperson Emily Guerrant.

Amazon told TechCrunch: “At this point, we do not have proof that the perpetrator in the Capital One incident found similar application flaws in a few other customers. We’ve reached out to the customers mentioned in online forums by the perpetrator to help them assess their own logs for any evidence of an issue.”

The hack of Capital One is the most significant data breach this year. Data was taken from an Amazon Web Services (AWS) storage bucket, which included more than 140,000 Social Security numbers and over a million Canadian Social Insurance numbers, as well as other personal information.

A spokesperson for Amazon said AWS was not itself compromised.

Capital One said it learned of the breach through a third-party who reportedly saw the alleged hacker’s claims and boasts about the thefts.

Security researcher John Wethington told TechCrunch that based on public information — including the Slack channel of which the alleged hacker was a member — likely other companies had data stolen.

“Based on the information gathered from publicly available information on the alleged hackers GitHub and GitLab accounts, as well as public information from the Slack channel, it’s clear that organizations including Ford, Vodafone and others are possible victims of what appears to be a massive sensitive data hacking spree,” he said.

As of the time of writing, Thompson faces five years in prison and a fine of up to $250,000.
https://techcrunch.com/2019/07/31/ca...d-researchers/





UK High Court Rejects Human Rights Challenge to Bulk Snooping Powers
Natasha Lomas

Civil liberties campaign group Liberty has lost its latest challenge to controversial U.K. surveillance powers that allow state agencies to intercept and retain data in bulk.

The challenge fixed on the presence of so-called “bulk” powers in the 2016 Investigatory Powers Act (IPA): A controversial capability that allows intelligence agencies to legally collect and retain large amounts of data, instead of having to operate via targeted intercepts.

The law even allows for state agents to hack into devices en masse, without per-device grounds for individual suspicion.

Liberty, which was supported in the legal action by the National Union of Journalists, argued that bulk powers are incompatible with European human rights law on the grounds that the IPA contains insufficient safeguards against abuse of these powers.

Two months ago it published examples of what it described as shocking failures by U.K. state agencies — such as not observing the timely destruction of material; and data being discovered to have been copied and stored in “ungoverned spaces” without the necessary controls — which it said showed MI5 had failed to comply with safeguards requirements since the IPA came into effect.

However the judges disagreed that the examples of serious flaws in spy agency MI5’s “handling procedures” — which the documents also show triggering intervention by the Investigatory Powers Commissioner — sum to a conclusion that the Act itself is incompatible with human rights law.

Rejecting the argument in their July 29 ruling, they found that oversight mechanisms the government baked into the legislation (such as the creation of the office of the Investigatory Powers Commissioner to conduct independent oversight of spy agencies’ use of the powers) provide sufficient checks on the risk of abuse, dubbing the regime as “a suite of inter-locking safeguards.”

Liberty expressed disappointment with the ruling — and has said it will appeal.

In a statement the group told the BBC: “This disappointing judgment allows the government to continue to spy on every one of us, violating our rights to privacy and free expression.

“We will challenge this judgment in the courts, and keep fighting for a targeted surveillance regime that respects our rights. These bulk surveillance powers allow the state to Hoover up the messages, calls and web history of hordes of ordinary people who are not suspected of any wrongdoing.”

This is just one of several challenges brought against the IPA.

A separate challenge to bulk collection was lodged by Liberty, Big Brother Watch and others with the European Court of Human Rights (ECHR).

A hearing took place two years ago and the court subsequently found that the U.K.’s historical regime of bulk interception had violated human rights law. However, it did not rule against bulk surveillance powers in principle — which the U.K. judges note in their judgement, writing that consequently: “There is no requirement for there to be reasonable grounds for suspicion in the case of any individual.”

Earlier this year Liberty et al were granted leave to appeal their case to the ECHR’s highest court. That case is still pending before the Grand Chamber.
https://techcrunch.com/2019/07/29/uk...ooping-powers/





Amazon Told Police It Has Partnered With 200 Law Enforcement Agencies

Ring’s partnerships with law enforcement could be far more more widespread than previously reported.
Caroline Haskins

At least 200 law enforcement agencies around the country have entered into partnerships with Amazon’s home surveillance company Ring, according to an email obtained by Motherboard via public record request.

Ring has never disclosed the exact number of partnerships that it maintains with law enforcement. However, the company has partnered with at least 200 law enforcement agencies, according to notes taken by a police officer during a Ring webinar, which he emailed to himself in April. It’s possible that the number of partnerships has changed since the day the email was sent.

The officer who sent the email told Motherboard that the email was a transcribed version of handwritten notes that he took during a team webinar with a Ring representative on April 9. Additional emails obtained by Motherboard indicate that this webinar trained officers on how to use the "Law Enforcement Neighborhood Portal." This portal allows local police to see a map with the approximate locations of all Ring cameras in a neighborhood, and request footage directly from camera owners. Owners need to consent, but police do not need a warrant to ask for footage.

The email obtained by Motherboard was sent from the Waynesboro, Virginia Chief of Police to himself in an email with the subject line “Neighbors by RING notes.” The email ends with the name and phone number of a Ring Neighborhood’s Training Manager, responsible for communicating with police and training them on the use of Ring products. The email is dated April 16.

Ring did not respond to Motherboard’s requests for comment.

Partnerships between Ring and law enforcement agencies, like local and county police departments, typically involve the company donating free doorbell cameras to police and providing them with a Law Enforcement Neighborhood Portal.

Motherboard has reported that some of these partnerships require police to promote Ring to their local communities, with police earning credit toward free Ring cameras for each resident who downloads Ring's app as a result of the partnership.

Motherboard has also reported that Neighbors, Ring’s free “neighborhood watch” app, has an issue with racial profiling. The app allows people to post about “Suspicious” people or “Strangers” in their community. When Motherboard documented every post on the app for three months in a 5-mile radius from our Williamsburg office, Motherboard found that the targets of these posts are usually people of color. Unlike the Law Enforcement Neighborhood Portal, which is available only to police, Neighbors is available to the general public.

Motherboard also obtained a memorandum of understanding between Ring and the Waynesboro Police Department dated February 25 of this year. The document requires Ring to make the already-free Neighbors app available to residents for free, and make the Law Enforcement Neighborhood Portal available to police for free.

A confidential memorandum of understanding published by Motherboard last week requires the Lakeland Florida police department to, “Engage the Lakeland community with outreach efforts on the platform to encourage adoption of the platform/app.” It also stipulates that police “keep the terms of this program confidential.”

The Waynesboro Police Department received 15 free doorbell cameras from Ring. Ring also gave police an incentive program: For every resident that downloaded the Ring “neighborhood watch” app Neighbors due to the partnership, the police department would get credit toward getting more free cameras for residents: “Each qualifying download will count as $10 towards these free Ring cameras.” A Ring doorbell camera currently costs $130 on Amazon.

Previous reporting by Motherboard has suggested that there are several dozen partnerships around the country between Ring and law enforcement agencies. A map published last week by digital rights advocacy group Fight for the Future identified 31 law enforcement agencies that have partnered with Ring.

“This doesn't surprise me at all, and it's the perfect example of how corporate surveillance and government surveillance are inextricably linked,” Evan Greer, deputy director of Fight for the Future, told Motherboard. “Amazon is building a for-profit surveillance dragnet and partnering with local law enforcement agencies in ways that avoid any form of oversight or accountability that police departments might normally be required to adhere to.”

Ring has also collaborated with law enforcement on a series of package theft “sting operations” around the country. These operations—which have occurred in Hayward, CA; Aurora, CO; Albuquerque, NM; Green Bay, WI; and Jersey City, NJ—are designed with the explicit goal of catching someone stealing a package on a Ring doorbell camera and apprehending them. In Albuquerque, NM, Amazon even provided package loss heat maps to police in order to plan the operation.

“It's time to come to grips with the fact that the 1984 dystopian future we all fear isn't something a future authoritarian government might impose,” Greer told Motherboard, “it's something that's being built right now, in plain sight, through partnerships between private companies and government agencies.”

The documents that informed this article are now public and viewable on Document Cloud.
https://www.vice.com/en_us/article/j...ement-agencies





The Hottest Phones for the Next Billion Users Aren’t Smartphones

First-time internet consumers are connecting to the web on a new breed of device costing about $25
Newley Purnell

The hottest phones for the world’s next billion users aren’t made by smartphone leaders Samsung Electronics Co. or Apple Inc. In fact, they aren’t even smartphones.

Millions of first-time internet consumers from the Ivory Coast to India and Indonesia are connecting to the web on a new breed of device that only costs about $25. The gadgets look like the inexpensive Nokia Corp. phones that were big about two decades ago. But these hybrid phones, fueled by inexpensive mobile data, provide some basic apps and internet access in addition to calling and texting.

Smart feature phones, as they are known, are one of the mobile-phone industry’s fastest-growing and least-known segments, providing a simple way for some of the world’s poorest people to enter the internet economy.

While global smartphone sales began sliding last year as markets became saturated, smart feature phone shipments tripled to around 75 million from 2017, according to research firm Counterpoint. Some 84 million are likely to be shipped this year.

Even as rich nations start to roll out 5G technologies, some 3.4 billion people around the world remain cut off from the internet, according to We Are Social, another research firm. Most of them already use traditional, unconnected mobile phones, meaning they can easily make the transition to similarly shaped devices capable of high-speed web connections.

Take the case of Kamlesh Kumar, who makes about $80 a month selling mangoes, avocados and lychees off the sidewalk in New Delhi.

Kamlesh Kumar, a fruit vendor in New Delhi, paid about $20 for his smart feature phone, the JioPhone, which he uses to stream music on the job and watch movies with his family at home. Illustration: Newley Purnell/The Wall Street Journal

Two years ago the 35-year-old decided to replace his inexpensive mobile phone that lacked web access. He couldn't afford even the cheapest, bare-bones smartphones that cost around $100. So he paid about $20 for a smart feature phone, called the JioPhone, from Indian mobile operator Reliance Jio Infocomm Ltd.

Now he listens to Bollywood music on the job, using Google’s built in voice assistant to search for Hindi-language tunes on YouTube. At night his family crowds around the device to watch movies.

“I couldn’t do anything on my old phone,” he said. Mr. Kumar pays less than $2.50 a month for all the mobile data he needs.

Smart feature phones aren’t only inexpensive, but they also have physical keypads that are less intimidating than touch screens for those new to the technology. Meanwhile, their batteries last for days, a bonus in places where electricity is unreliable.

There is a trade-off for the low price. The devices typically have slower and less powerful components, only basic cameras and their screens are usually just a few inches in size, factors that contribute to their longer battery life. There also are fewer apps available for smart feature phones.

“The demand for reliable and affordable technology continues to rise” around the world, said Caesar Sengupta, vice president of Google’s Next Billion Users initiative. “Smart feature phones provide a gateway for the next billion users to more advanced, affordable technology.”

The category was popularized by Reliance Jio, the telecom company backed by India’s richest man, Mukesh Ambani. When its service started in 2016, executives realized millions of people who could afford its dirt-cheap data weren’t signing up because they couldn’t afford a smartphone.

So the company developed the JioPhone, teaming up with Hong Kong-based KaiOS Technologies Inc., which makes the most widely used operating system powering smart feature phones globally. The software is designed for devices with limited memory and physical keypads.

Reliance Jio has sold more than 60 million of its devices so far in India, the only market where they are available.

Recognizing smart feature phones’ potential to connect the next billion users, global tech companies including Facebook Inc. and its WhatsApp service, Alphabet Inc. ’s Google and Twitter Inc. have tweaked their apps so they can be used on the devices. Last year Google invested $22 million in KaiOS.

Roughly 370 million smart feature phones will be sold in the next three years, a $28 billion opportunity for hardware, software and services companies, Counterpoint says.

That is dwarfed by the market for smartphones, of which 1.5 billion units were sold last year alone. But average smartphone prices continue to hover at over $300 globally, so they remain out of reach for many.

French mobile operator Orange SA in recent months has launched an inexpensive smart feature phone bundled with inexpensive mobile data plans in the Ivory Coast, Mali, Burkina Faso and Cameroon and has plans to bring it to other markets in Africa and the Middle East.

A limited number of smart feature phones are available in Indonesia and Indonesian manufacturer WizPhone will in a few weeks begin offering a smart feature phone that can be purchased for around $7. KaiOS is also working with Brazilian smartphone manufacturers to roll out models there.

While populous developing markets offer the most potential for the devices’ growth since that is where most of the world’s next billion users are located, some companies are pitching similar gadgets to niche audiences in richer countries.

Finland’s HMD Global Oy, which sells Nokia phones, is offering revamped versions of its popular candy bar-shaped phones, but with added web access. With price tags nearing $100, their target audience is enthusiasts of the original devices.

Swedish firm Doro AB launched two KaiOS-powered mobile phones designed for older people in the U.S. and Europe last year. The flip phones with large buttons cost between $50 and $150.

“A smartphone can be complex and some people get scared,” said Sebastien Codeville, KaiOS’s chief executive.
https://www.wsj.com/articles/the-hot...es-11563879608





How Phones Made the World Your Office, Like It or Not

From desk to car to pocket.
Jeff Giles

Misplacing your car keys is worrisome, but it’s nothing like the free-fall panic of losing your phone. Hollywood could make a horror movie about somebody just looking for their iPhone XR and going slowly insane.

The telephone began to pervade our lives at the end of the 19th century, and then — as you can see in these photos from The New York Times’s archives — it became our lives. Cellphones were a significant inflection point. They made it possible for us to be available at virtually any moment, which was so extraordinary that most of us tacitly accepted that we should be available at virtually any moment.

History’s first call on a hand-held wireless phone was made on April 3, 1973, by a Motorola executive named Martin Cooper. Mr. Cooper had developed the phone himself and, having a cheeky streak, decided to step out onto Sixth Avenue, in Midtown Manhattan, and call his rival at Bell Laboratories to gloat a little. Can you hear me now?

Told recently that his call was a great P.R. stunt, Mr. Cooper, who turned 90 last year, said: “Remember, this was the first public call ever made and I only cared about one thing: Was the phone going to work? This thing was a handmade prototype — thousands of parts carefully wired together by an engineer, not a production guy — and there were only two in existence.”

What did Mr. Cooper say back in the day when critics predicted that availability would be a curse?

“My first response was, ‘Well, we do have an on/off switch on every phone. You don’t have to answer it,’” he said. “But my more profound response is that the cellphone is still really new in society. I have an overweening belief in the intelligence of people. We are going to figure out how to communicate with other people and live complete and wholesome lives. Yes, I’m concerned, but if you think about all the other distractions — somehow humanity has managed to survive. When the TV first came out, I spent hours watching wrestling.”

Walter S. Gifford, the president of the American Telephone and Telegraph Company, placing the first trans-Atlantic phone call, from his office in New York to the London office of Sir Evelyn Murray, the secretary of the British General Post Office. Such long-distance calls initially cost $1,500 per hour, or $25 a minute, according to the United Press.CreditThe New York Times

Mr. Cooper believes the good that cell technology can do — spark productivity, enfranchise the poor — far outstrips any downsides. He always buys the latest iPhone, though he gives the phones mixed reviews: extraordinary in terms of tech, but needlessly complicated from a consumer point of view.

Reminded that even his own DynaTAC “Brick” had drawbacks, Mr. Cooper laughed. He said he always tells people it was never a problem that the battery lasted only around 20 minutes — the phone was so heavy that nobody could hold it up longer than that anyway.
https://www.nytimes.com/2019/07/31/b...it-or-not.html





New Bill would Ban Autoplay Videos and Endless Scrolling

Taking aim at ‘features that are designed to be addictive’
Makena Kelly

Snapstreaks, YouTube autoplay, and endless scrolling are all coming under fire from a new bill, which is sponsored by Sen. Josh Hawley (R-MO), targeting the tech industry’s “addictive” design.

Hawley’s Social Media Addiction Reduction Technology Act, or the SMART Act, would ban these features that work to keep users on platforms longer, along with others, like Snapstreaks, that incentivize the continued use of these products. If approved, the Federal Trade Commission and Health and Human Services could create similar rules that would expire after three years unless Congress codified them into law.

“Big tech has embraced a business model of addiction,” Hawley said. “Too much of the ‘innovation’ in this space is designed not to create better products, but to capture more attention by using psychological tricks that make it difficult to look away.”

Deceptive design played an enormous part in last week’s FTC settlement with Facebook, and Hawley’s bill would make it unlawful for tech companies to use dark patterns to manipulate users into opting into services. For example, “accept” and “decline” checkboxes would need to be the same font, format, and size to help users make better, more informed choices.

“Social media companies deploy a host of tactics designed to manipulate users in ways that undermines their wellbeing,” Josh Golin, executive director of campaign for a Commercial Free Childhood, said.

At a hearing late last month, senators heard from a panel of experts on persuasive tech. Tristan Harris, a former Google design ethicist, explained how platforms create products to increase the amount of time users spend on a site. “If I take the bottom out of this glass and I keep refilling the water or the wine, you won’t know when to stop drinking,” Harris told the committee. “That’s what happens with infinitely scrolling feeds.”

Some companies, like Apple, already have tools that help users track how much time they’re spending on different apps and websites. If this bill were to become law, social media companies would be required to implement similar tools that track use across all of the devices a user owns.
https://www.theverge.com/2019/7/30/2...treaks-illegal

















Until next week,

- js.



















Current Week In Review





Recent WiRs -

July 27th, July 20th, July 13th, July 6th

Jack Spratts' Week In Review is published every Friday. Submit letters, articles, press releases, comments, questions etc. in plain text English to jackspratts (at) lycos (dot) com. Submission deadlines are Thursdays @ 1400 UTC. Please include contact info. The right to publish all remarks is reserved.


"The First Amendment rests on the assumption that the widest possible dissemination of information from diverse and antagonistic sources is essential to the welfare of the public."
- Hugo Black
__________________
Thanks For Sharing
JackSpratts is offline   Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Peer-To-Peer News - The Week In Review - July 16th, '11 JackSpratts Peer to Peer 0 13-07-11 06:43 AM
Peer-To-Peer News - The Week In Review - July 9th, '11 JackSpratts Peer to Peer 0 06-07-11 05:36 AM
Peer-To-Peer News - The Week In Review - January 30th, '10 JackSpratts Peer to Peer 0 27-01-10 07:49 AM
Peer-To-Peer News - The Week In Review - January 16th, '10 JackSpratts Peer to Peer 0 13-01-10 09:02 AM
Peer-To-Peer News - The Week In Review - December 5th, '09 JackSpratts Peer to Peer 0 02-12-09 08:32 AM






All times are GMT -6. The time now is 02:24 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
© www.p2p-zone.com - Napsterites - 2000 - 2024 (Contact grm1@iinet.net.au for all admin enquiries)