Over the past several days more than a dozen high quality screeners of Hollywood films have appeared online, including The Hateful Eight, The Revenant and Steve Jobs.

Screeners are advance copies of recent movies, which are generally sent out to critics and awards voters. These high quality releases are subject to intense security precautions by the studios, as they are highly sought after by online pirates.

This year there appears to be a serious breach in the security process and Hollywood has involved the FBI to uncover where.

THR now reports that a watermark on the leaked copy of Tarantino’s The Hateful Eight points to Andrew Kosove, the co-CEO of production-finance company Alcon Entertainment.

The screener that was intended for Kosove was reportedly signed off by an office assistant at the company. The Hollywood executive, however, says he never received the copy.

“I’ve never seen this DVD. It’s never touched my hands. We’re going to do more than cooperate with the FBI. We’re going to conduct our own investigation to find out what happened,” Kosove told THR.

The screener eventually ended up online where it was released by the P2P-group Hive-CM8. The copy of The Hateful Eight is not the only leak to originate from this group, but it’s unknown whether any of the other releases are also linked to Alcon Entertainment’s co-CEO.

The Hollywood company is cooperating with the FBI and the film’s distributor The Weinstein Company to find out what exactly happened. Kosove hopes that the feds can help to get to the bottom of the matter.

“At the moment, nobody knows anything, but I promise we will find out. And I am praying that it had nothing to do with anyone at our beloved company,” he told Deadline.

Every year more than a dozen screeners leak online, often with direct ties to entertainment industry insiders.

Last year a pirated copy of The Secret Life of Walter Mitty was linked to Ellen DeGeneres, and Howard Stern’s name was also connected to a Super 8 screener.

At the time of writing The Hateful Eight has been shared more than a million times through various unauthorized channels. The film is set to premiere in the U.S. on Christmas day.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

After expending hundreds of hours of legal resources since the momentous raid on Megaupload in 2012, the U.S. authorities left no stone unturned in their efforts to have Kim Dotcom and colleagues Mathias Ortmann, Finn Batato and Bram van der Kolk extradited from New Zealand to face justice in the United States.

Those efforts culminated in an extradition hearing that began in September and was scheduled to last just four weeks. In the event the process lasted more than two and half months and was punctuated by several moments of drama.

At the end of the hearing in November, Judge Nevin Dawson retired to consider his decision and a few moments ago released his much anticipated ruling.

In a blow to the Megaupload founder and his former colleagues, Judge Dawson ruled that the quartet can indeed be sent to the United States to face charges of copyright infringement, conspiracy, money laundering and racketeering.

Judge Dawson did not determine guilt or otherwise but found that the US Department of Justice (DOJ) had presented enough evidence for New Zealand to grant a request from the the United States to extradite. Dawson said that Dotcom and his colleagues had not done enough to undermine the case.

However, while Judge Dawson has rendered his decision, that does not mark the end of the battle. Speaking with TorrentFreak earlier today, Kim Dotcom said that whatever the outcome, win or lose, appeals from both sides were likely.

“The appeal route is High Court, Court of Appeal, Supreme Court. If I lose, [it goes to a] decision by Minister of Justice, then to a High Court judicial review of the Minister’s decision. [Then it’s the ] end of the road,” he said.

Ira Rothkin, head of Dotcom’s legal team, reiterated this on Twitter moments after the verdict was announced.

The @KimDotcom team looks forward to having the US request for extradition reviewed in the High Court. We have no other comments at this time

— Ira Rothken (@rothken) December 23, 2015

We believe the dist ct was wrong. Today’s decision rendered the NZ ISP criminal copyright safe harbor illusory. Justice was not served today

— Ira Rothken (@rothken) December 23, 2015

<script src="//platform.twitter.com/widgets.js" async="" charset="utf-8">

In any event (and pending an appeal) the decision by Judge Dawson does not mean that Dotcom and his former colleagues will be forced to leave the country. That decision is left to Justice Minister Amy Adams who under New Zealand’s Extradition Act decides whether extraditions can go ahead.

In the meantime Dotcom, Mathias Ortmann, Finn Batato and Bram van der Kolk will continue to get bail, despite Judge Dawson noting that there was now a heightened flight risk. They must report twice a week to a police station.

Breaking news, updates to follow

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

A few weeks ago we covered a security flaw which allowed attackers to uncover the real IP-addresses of VPN users, if their providers allow forwarding on their network.

The news was picked up widely as it affected millions of users. However, it is just one of the many possible exploits VPN users are facing.

This week another issue was highlighted by ProstoVPN. This “vulnerability” affects both users with a direct connection and those with routers that have UPnP port forwarding enabled.

The issue boils down to a rather basic network routing feature where UDP listening software (e.g. torrent clients) respond to packets that are sent to the user’s ISP IP-address, through the VPN interface.

This means that a potential attacker can link a VPN IP-address to a user’s ISP IP-address.

The problem

The issue affects users on all operating systems and is not always easy to fix on the user end. VPN providers with custom software can address it, but with the standard OpenVPN software users have to take action themselves.

While the scope of the issue is large, as many users and providers have yet to address the issue, it requires quite a bit of effort to carry out an attack. It basically requires the attacker to send UDP packets to the entire Internet.

In addition, there’s the possibility of false positives which means that it’s harder to pinpoint the exact ISP IP-address. With this in mind, it seems unlikely that monitoring companies will attempt to expose every BitTorrent user with a VPN.

ProstoVPN informs TorrentFreak that they alerted 11 providers, and two confirmed that they have fixed the issue with a software update.

“Information about this ‘feature’ was sent to 11 VPN providers and only five of them replied: Private Internet Access and Perfect Privacy have released updated software which blocks incoming connections.”

Not all providers were equally responsive and one suggested that the issue should be addressed by the users. There is some truth to that, but the same provider does protect its users against similar problems on the user-side, such as DNS, IPv6 and WebRTC leaks.

While there’s no need for outright panic, it is a good development that these type of problems are being highlighted. It prompts VPN providers to take action and users to remain vigilant.

That said, it also shows that 100% anonymity is pretty much impossible.

More details on the routing “feature” and its consequences are available in ProstoVPN’s article and in the statement published by Perfect Privacy.

Update: TorGuard informs TF that they were one of the notified VPN providers and that they’ve addressed the issue.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

When it comes to music-focused anti-piracy activity in the UK, the British Recorded Music Industry (BPI) is the absolute market leader. Acting on behalf of many hundreds of recording industry members, there’s little doubt that the BPI has its finger on the pulse of local infringement.

While the effects of its work can at times be very public, the group’s anti-piracy activities are mostly carried out behind closed doors, from the removing of hundreds millions of links from Google’s search results to the wholesale blocking of hundreds of ‘pirate’ websites.

But despite these powerful moves, the BPI feels that it can do better. Previously the group operated its Copyright Protection Unit (CPU) and Internet Investigations unit as separate entities but will now restructure so that the former effectively absorbs the latter.

Speaking with Music Week the BPI confirmed that there will be at least two high-profile casualties following the reshuffle.

David Wood, Director of the Copyright Protection Unit, was responsible for tackling copyright infringement both on and offline. He was also responsible for managing the BPI’s Regional Investigators and its in-house Internet Investigations Team. He will now move on.

Also stepping aside is John Hodge, the BPI’s Head of Internet Investigations. A former police officer working in Internet Child Protection, Hodge had maintained his role at the BPI since July 2011 while liaising with Europol and Interpol, among others.

The BPI said that while it values the contributions of Wood and Hodge, the restructuring will allow its Copyright Protection Unit to focus on removing illegal content and blocking websites. It will also continue its “Follow the Money” approach by targeting advertisers, payment processors and web hosting services.

An as-yet-unnamed individual will become the new head of the BPI’s reshuffled Copyright Protection Unit (CPU) and will continue the organization’s work with the police and Trading Standards while investigating piracy both on and offline.

“The way people discover and consume music has changed beyond recognition since the early days of our anti-piracy work,” said BPI chief executive Geoff Taylor.

“Copyright infringement remains a challenge but we have made substantial progress against it in the UK, removing hundreds of millions of links to illegal copies and blocking access to the most damaging illegal sites, while continuing to remove physical counterfeit discs and hard drives from sale and prosecute those who seek to make money from distributing music illegally.”

But while the BPI has often focused on the stick, Taylor says that the BPI will also seek to encourage consumers “to value music and understand why they should choose to source it legally.”

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.

Domain name blocking has become one of the entertainment industries’ go-to methods for reducing online copyright infringement.

Blocking requests from both the music and movie sector are widespread around Europe, with The Pirate Bay has being one of the main targets.

At the moment all ISPs use different notifications to show that a website is blocked. In the UK for example, Virgin, BT and Sky all have a custom message, some being more descriptive than others.

This issue prompted Tim Bray to suggest a special HTTP status code for legal blockades. He noticed that some ISPs were using the “403 Forbidden” code for a Pirate Bay block, which is not what it was intended for.

After a long review process the Internet Engineering Task Force (IETF) has now approved this new HTTP status code.

There is no obligation for ISPs or other parties to use the new status. The 451 Unavailable project suggests that ideally it should be used to provide the public with additional details including a copy of the court order.

“A really good Error 451 message would tell their customers how to challenge a block, how long the block’s expected to last, where the relevant legal documents are and which legal authority imposed the blocking order,” they write.

The 451 Unavailable group says it will encourage ISPs to show 451 errors for legal blockades and it eventually hopes to reduce the scope of widespread blocking.

Interestingly, the most recent 451 draft already gives people some suggestions how to bypass court ordered blockades on their own, mentioning VPNs and Tor as possible workarounds.

“Note that in many cases clients can still access the denied resource by using technical countermeasures such as a VPN or the Tor network.”

While some HTTP errors numbers were arbitrarily chosen, 451 refers to Ray Bradbury’s dystopian novel Fahrenheit 451 which is about censorship and suppression of information.

In general, more openness about court ordered blockades is welcome, especially because the process is too often shrouded in secrecy. That said, the day that the web gets a special HTTP status code for censorship is hardly something to celebrate.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and ANONYMOUS VPN services.