Early last year The Court of The Hague handed down its decision in a long running case which had previously forced two Dutch ISPs, Ziggo and XS4ALL, to block The Pirate Bay.

The Court ruled against local anti-piracy outfit BREIN, concluding that the blockade was ineffective and restricted the ISPs’ entrepreneurial freedoms.

Responding to the verdict the two ISPs quickly unblocked the site and various other Dutch ISPs followed suit.

Meanwhile, the Hollywood-backed group took its case all the way to the Supreme Court and today Advocate General Van Peursem published his conclusion after a careful review.

The Advocate General advises the Supreme Court to stay the proceedings between BREIN and the Internet providers in order to seek clarification from the EU Court of Justice on several matters.

The first question that requires a European review is whether The Pirate Bay is actually communicating illegal content to the public. If this isn’t the case then the EU Court should rule whether ISPs can be ordered to block the site on other grounds.

A decision at the European level will be important, as it may also affect court orders in other countries, such as the UK, Italy and Belgium.

When the questions are resolved at the EU Court, the Advocate General advises to redo the entire trial noting that The Court of The Hague was too strict when it concluded that the blockade was ineffective and disproportional.

The Advocate General’s advice is not binding so it’s not yet certain whether the case will be referred to the EU Court of Justice. However, Tweakers notes in most cases the recommendations are followed by the Supreme Court.

The Supreme Court is expected to release its verdict on October 9th.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

For the past several years and particularly in the wake of the Edward Snowden revelations, interest in encrypted and anonymous communications has spread to a much wider audience.

More than ever before the ability to send and receive information both privately and anonymously is viewed as crucial in the digital age, enabling all corners of society – especially those most persecuted – to exercise their right to freedom of opinion and expression.

On the other hand, however, there are those who abuse those freedoms and the rights of others. And then, rightly or wrongly, there are those who communicate privately in order to undermine their governments. This leads some nations to restrict or even ban encryption, while others seek to introduce laws which allow law enforcement to tap into citzens’ communications.

A new report from David Kaye, a UN special rapporteur on freedom of expression, seeks to shine light on these complex issues by asking two questions:

– Do the rights to privacy and freedom of opinion and expression protect secure online communication, specifically by encryption or anonymity?
– Assuming an affirmative answer, to what extent may Governments, in accordance with human rights law, impose restrictions on encryption and anonymity?

Acknowledging that some states impose draconian measures to restrict citizens’ abilities to send and impart knowledge without fear, Kaye says that journalists and activists often need specialist tools to make their voices heard.

“A VPN connection, or use of Tor or a proxy server, combined with encryption, may be the only way in which an individual is able to access or share information in such environments,” Kaye says.

Noting that individuals should be able to send and receive information beyond their borders, the rapporteur states that some member states act to deny those freedoms by restricting communications using aggressive filtering.

“Encryption enables an individual to avoid such filtering, allowing information to flow across borders. Moreover, individuals do not control — and are usually unaware of — how or if their communications cross borders. Encryption and anonymity may protect information of all individuals as it transits through servers located in third countries that filter content,” Kaye writes.

Of course, in the online environment encryption and anonymity are often spoken of in the same breath, and just as encryption can often beat the censors, in some cases staying anonymous is vital to continued freedom of expression.

“Anonymity has been recognized for the important role it plays in safeguarding and advancing privacy, free expression, political accountability, public participation and debate,” Kaye writes.

“Some States exert significant pressure against anonymity, offline and online. Yet because anonymity facilitates opinion and expression in significant ways online, States should protect it and generally not restrict the technologies that provide it.”

Kaye notes that several states have attempted to combat anonymity tools such as TOR, VPNs and proxies, with Russia even offering significant cash bounties for techniques which would enable it to unmask TOR users. However, due to their human rights value, use of such tools should actually be encouraged.

“Because such tools may be the only mechanisms for individuals to exercise freedom of opinion and expression securely, access to them should be protected and promoted,” Kaye advises.

“States should revise or establish, as appropriate, national laws and regulations to promote and protect the rights to privacy and freedom of opinion and expression.”

In respect of encryption and anonymity, Kaye says that member states should adopt policies of “non-restriction or comprehensive protection”, and only introduce restrictions on a proportional, court-order supported, case-by-case basis.

Adding that states and companies alike should actively promote strong encryption and anonymity, Kaye says that measures that weaken individual’s online security, such as backdoors, weak encryption standards and key escrows, should be avoided.

Finally, Kaye advises member states to not only encourage the use of encryption, but also make it the norm.

“The Special Rapporteur, recognizing that the value of encryption and anonymity tools depends on their widespread adoption, encourages States, civil society organizations and corporations to engage in a campaign to bring encryption by design and default to users around the world and, where necessary, to ensure that users at risk be provided the tools to exercise their right to freedom of opinion and expression securely,” the report concludes.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Faced with increasing local website censorship and Internet services that restrict access depending on where a user is based, more and more people are turning to specialist services designed to overcome such limitations.

With prices plummeting to just a few dollars a month in recent years, VPNs are now within the budgets of most people. However, there are always those who prefer to get such services for free, without giving much consideration to how that might be economically viable.

One of the most popular free VPN/geo-unblocking solutions on the planet is operated by Israel-based Hola. It can be added to most popular browsers in seconds and has an impressive seven million users on Chrome alone. Overall the company boasts 46 million users of its service.

Now, however, the company is facing accusations from 8chan message board operator Fredrick Brennan. He claims that Hola users’ computers were used to attack his website without their knowledge, and that was made possible by the way Hola is setup.

“When a user installs Hola, he becomes a VPN endpoint, and other users of the Hola network may exit through his internet connection and take on his IP. This is what makes it free: Hola does not pay for the bandwidth that its VPN uses at all, and there is no user opt out for this,” Brennan says.

This means that rather than having their IP addresses cloaked behind a private server, free Hola users are regularly exposing their IP addresses to the world but associated with other people’s traffic – no matter what that might contain.

While this will come as a surprise to many, Hola says it has never tried to hide the methods it employs to offer a free service.

Speaking with TorrentFreak, Hola founder Ofer Vilenski says that his company offers two tiers of service – the free option (which sees traffic routed between Hola users) and a premium service, which operates like a traditional VPN.

However, Brennan says that Hola goes a step further, by selling Hola users’ bandwidth to another company.

“Hola has gotten greedy. They recently (late 2014) realized that they basically have a 9 million IP strong botnet on their hands, and they began selling access to this botnet (right now, for HTTP requests only) at https://luminati.io,” the 8chan owner says.

TorrentFreak asked Vilenski about Brennan’s claims. Again, there was no denial.

“We have always made it clear that Hola is built for the user and with the user in mind. We’ve explained the technical aspects of it in our FAQ and have always advertised in our FAQ the ability to pay for non-commercial use,” Vilenski says.

And this is how it works.

Hola generates revenue by selling a premium service to customers through its Luminati brand. The resources and bandwidth for the Luminati product are provided by Hola users’ computers when they are sitting idle. In basic terms, Hola users get their service for free as long as they’re prepared to let Hola hand their resources to Luminati for resale. Any users who don’t want this to happen can buy Hola for $5 per month.

Fair enough perhaps – but how does Luminati feature in Brennan’s problems? It appears his interest in the service was piqued after 8chan was hit by multiple denial of service attacks this week which originated from the Luminati / Hola network.

“An attacker used the Luminati network to send thousands of legitimate-looking POST requests to 8chan’s post.php in 30 seconds, representing a 100x spike over peak traffic and crashing PHP-FPM,” Brennan says.

Again, TorrentFreak asked Vilenski for his input. Again, there was no denial.

“8chan was hit with an attack from a hacker with the handle of BUI. This person then wrote about how he used the Luminati commercial VPN network to hack 8chan. He could have used any commercial VPN network, but chose to do so with ours,” Vilenski explains.

“If 8chan was harmed, then a reasonable course of action would be to obtain a court order for information and we can release the contact information of this user so that they can further pursue the damages with him.”

Vilenski says that Hola screens users of its “commercial network” (Luminati) prior to them being allowed to use it but in this case “BUI” slipped through the net. “Adjustments” have been made, Hola’s founder says.

“We have communicated directly with the founder of 8Chan to make sure that once we terminated BUI’s account they’ve had no further problems, and it seems that this is the case,” Vilenski says.

It is likely the majority of Hola’s users have no idea how the company’s business model operates, even though it is made fairly clear in its extensive FAQ/ToS [see note below]. Installing a browser extension takes seconds and if it works as advertised, most people will be happy.

Whether this episode will affect Hola’s business moving forward is open to question but for those with a few dollars to spend there are plenty of options in the market. Until then, however, those looking for free options should read the small print before clicking install.

Update: It appears that Hola only recently changed/edited their FAQ to add in the details about Luminati. We have asked the company to tell us exactly when those changes were made. Updates when they arrive.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Well over three years have passed since Megaupload was shutdown, but there is still little progress in the criminal proceedings against the operation.

The United States hopes that New Zealand will extradite Kim Dotcom and his colleagues, but the hearings have been delayed several times already.

Meanwhile, several domain names including the popular Megaupload.com and Megavideo.com remain under the control of the U.S. Government. At least, that should be the case. In reality, however, they’re now being exploited by ‘cyber criminals.’

Instead of a banner announcing that the domains names have been seized as part of a criminal investigation they now direct people to a Zero-Click adverting feed. This feed often links to malware installers and other malicious ads.

One of the many malicious “ads” the Megaupload and Megavideo domain names are serving links to a fake BBC article, suggesting people can get an iPhone 6 for only £1.

And here is another example of a malicious ad prompting visitors to update their browser.

The question that immediately comes to mind is this: How can it be that the Department of Justice is allowing the domains to be used for such nefarious purposes?

Looking at the Whois records everything seems to be in order. The domain name still lists Megaupload Limited as registrant, which is as it was before. Nothing out of the ordinary.

The nameserver PLEASEDROPTHISHOST15525.CIRFU.BIZ, on the other hand, triggers several alarm bells.

CIRFU refers to the FBI’s Cyber Initiative and Resource Fusion Unit, a specialized tech team tasked with handling online crime and scams. The unit used the CIRFU.NET domain name as nameserver for various seized domains, including the Mega ones.

Interestingly, the CIRFU.NET domain now lists “Syndk8 Media Limited” as registrant, which doesn’t appear to have any connections with the FBI. Similarly, CIRFU.BIZ is not an official CIRFU domain either and points to a server in the Netherlands hosted by LeaseWeb.

It appears that the domain which the Department of Justice (DoJ) used as nameserver is no longer in control of the Government. Perhaps it expired, or was taken over via other means.

As a result, Megaupload and Megavideo are now serving malicious ads, run by the third party that controls the nameserver.

This is quite a mistake for one of the country’s top cybercrime units, to say the least. It’s also one that affects tends of thousands of people, as the Megaupload.com domain remains frequently visited.

Commenting on the rogue domains, Megaupload founder Kim Dotcom notes that the people who are responsible should have known better.

“With U.S. Assistant Attorney Jay Prabhu the DOJ in Virginia employs a guy who doesn’t know the difference between civil & criminal law. And after this recent abuse of our seized Mega domains I wonder how this guy was appointed Chief of the Cybercrime Unit when he can’t even do the basics like safeguard the domains he has seized,” he tells TF.

“Jay Prabhu keeps embarrassing the U.S. government. I would send him back to law school and give him a crash course in ‘how the Internet works’,” Dotcom adds.

Making matters worse for the Government, Megaupload.com and Megavideo.com are not the only domain names affected. Various poker domains that were previously seized, including absolutepoker.com and ultimatebet.com, also link to malicious content now.

While the Government appears to have lost control of the old nameservers, it can still correct the problem through a nameserver update at their end. However, that doesn’t save those people who had their systems compromised during recent days, and it certainly won’t repair the PR damage.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.

Earlier this month the long running lawsuit between the RIAA and Grooveshark came to an end.

Facing hundreds of millions in damages, the music streaming service settled the dispute for $50 million while offering an apology for the mistakes that had been made in the past.

The RIAA heralded the outcome as a major victory, but the joy didn’t last long. A few days after Grooveshark shut down unknown persons launched a new music service using the familiar Grooveshark brand.

Recognizing the new Grooveshark.io service as a considerable threat, the RIAA didn’t waste any time taking countermeasures. The group filed a sealed application for temporary restraining and seizure orders, targeting the site’s domain name and hosting services.

The court granted the RIAA’s request earlier this month and this week the documents were unsealed. They reveal how the music group intends to drag both Cloudflare and hosting provider LeaseWeb into the fight.

In his declaration, RIAA’s VP Online Anti-Piracy Mark McDevitt describes the new Grooveshark as a “blatantly illegal” site that hides its true location behind CloudFlare’s service.

“Because of the presence of CloudFlare’s servers, it is impossible to identify the location of the actual server supporting those aspects of the website absent the disclosure of this information by CloudFlare,” McDevitt writes (pdf).

While CloudFlare doesn’t host any of the infringing files, it’s accused of helping Grooveshark to evade detection. The RIAA alerted CloudFlare of this role early May and asked the company to take action, without the desired result.

“In response to this notice, CloudFlare informed the RIAA that it had notified the operator of the Grooveshark.io website of the RIAA’s complaint, but did not discontinue providing its services to the website,” McDevitt writes.

In an email seen by TF, CloudFlare informs the RIAA that it’s merely a pass-through provider, and that they’re not offering any hosting services.

“Please be aware CloudFlare is a network provider offering a reverse proxy, pass-through security service. We are not a hosting provider. CloudFlare does not control the content of our customers,” the company replied.

Even today, the new Grooveshark remains active on the Grooveshark.li domain name, and it’s still hiding behind CloudFlare. The site did lose its original domain name, which Namecheap seized after receiving the court order, but new domains are easily registered.

It’s unclear at this point whether CloudFlare is actively refusing to comply with the restraining order that’s targeted at Grooveshark’s Internet service providers, but the company’s counsel did attend a court hearing yesterday to discuss the matter.

Besides CloudFlare, the RIAA also names web company LeaseWeb, which they suspect of offering hosting services to the new Grooveshark. In its presentations to the court the RIAA lashes out hard against the Dutch company.

“LeaseWeb has a long history of hosting major pirate sites. For example, LeaseWeb once hosted the notorious (and now shuttered) pirate website ‘MegaUpload,’ which was the subject of the largest criminal copyright law enforcement action ever undertaken,” McDevitt writes.

“Other examples of LeaseWeb’s involvement with pirate sites are also well known in the antipiracy community,” he adds, after summing up several other examples.

Neither CloudFlare nor LeaseWeb are named as defendants, but the language used makes clear that the RIAA isn’t happy with how they respond to copyright complaints.

While Grooveshark.li is a relatively small fish, the case may set a crucial precedent for future anti-piracy efforts. With relative ease the Court has issued temporary restraining and seizure orders. If these hold up, more sites may be targeted in a similar fashion.

This outlook may also be the reason for CloudFlare to have their say in the matter. As a service provider to some of the largest piracy havens, including The Pirate Bay, there’s a lot at stake.

Source: TorrentFreak, for the latest info on copyright, file-sharing, torrent sites and anonymous VPN services.