Wednesday, July 27, 2011

Teenager held in hacking inquiry

A 19-year-old man has been arrested in the Shetland Islands as part of an investigation into hacking groups, Anonymous and LulzSec.

The man is suspected of using the online nickname Topiary and presenting himself as a spokesman for the groups.

Both high-profile hacker groups are known for stealing and releasing private information from websites.

Police are also searching a house in Lincolnshire and interviewing a 17-year-old boy under caution.

Officers from the police's Central e-Crime Unit arrested the teenager in what they describe as a "pre-planned intelligence-led operation".

A statement from the Metropolitan Police says they believe he is linked to an ongoing international investigation into a number of cyber-attacks on international businesses and intelligence agencies.

The man was arrested on Wednesday and is being taken to London while his home is searched.

LulzSec has previously claimed responsibility for attempted hacks made on the UK's Serious Organised Crime Agency (Soca), the US Senate, the CIA and the Sun newspaper.

On Monday, Anonymous released secret documents stolen from an Italian cybercrime unit.

Last month, LulzSec announced it was disbanding.

Ryan Cleary, 19, of Wickford, Essex, was charged last month with five offences under the Criminal Law and Computer Misuse Acts, including an alleged hacking attack against Soca's website.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

'Pirate' link site stands defiant

A website which offers links to pirated movies has threatened to 'break' BT's internet filtering system if the company tries to block it.

The Motion Picture Association has applied for an injunction that would compel BT to stop its UK customers accessing Newzbin 2.

A High Court ruling on the case is expected on Thursday and may pave the way for further website blocking.

The BBC spoke to one of Newzbin 2's administrators ahead of the verdict.

He did not expect the judge to find in the website's favour.

"In most legal systems the verdict goes to the man with the biggest pile of gold," said Mr White, who represents the website but did not wish to disclose his real identity.

Breaking blocks

Newzbin 2 is a members-only site which aggregates a large amount of the illegally copied material found on Usenet discussion forums.

The original Newzbin site was closed down after a High Court ruling in 2010 ordered it to take down links to copyrighted films and TV programmes.

At the time, Mr Justice Kitchin said: "I have found that the defendant well knows that it is making available to its premium members infringing copies of films."

Mr White pledged that Newzbin 2 would attempt to "ensure continuity of service to our UK users" if a judge rules against it again.

He warned that keeping the site up may involve attempts to break BT's Cleanfeed filter, which the ISP currently uses to block access to sites featuring child sex abuse.

"Our users don't wish Cleanfeed to work and based on a preliminary technical assessment we think it will be trivially breakable. We have the sand, and if needed we will pour it in Cleanfeed's engine oil," he threatened.

BT has so far remained tight-lipped about the case.

Whiskey lifestyle

"Start Quote

We make enough money for strippers and Jack Daniels but Ferraris may be some way off"

End Quote Mr White Newzbin 2

Following the injunction against the original site, Newzbin was wound down. The MPA believes that Newzbin 2 is just a new name for the same group and that it has moved overseas to avoid legal challenges.

Its successor was styled as a "separate organisation" that was not UK-based and therefore not subject to the injunction.

"Newzbin and Newzbin 2 are entirely different. We have no inherited equipment or personnel. We started Newzbin 2 because we were users of the service who disagreed with what happened to them and wanted a service to replace it," said Mr White.

It does however claim the same defence as its predecessor.

"We are the Google of Usenet, that is, merely a search engine and like Google we provide links to places on the internet where infringing material may be found," said Mr White.

The Performing Rights Society For Music (PRS) is currently campaigning for legitimate search engines to highlight differences between legal and illegal content.

Links to sites that offer legal downloads would get green tags, while links to illegal download sites would be flagged in red.

Those determined to download content for free have shifted behaviour in recent months as governments tighten their laws around peer-to-peer file-sharing.

While website blocking is seen by many rightsholders as the answer to the problem, it has proved controversial.

Google's chairman Eric Schmidt vowed to fight any attempts to ban such sites in the US, saying that it set a dangerous precedent which could be misused by censorious governments.

It is an argument also favoured by Newzbin 2.

"We don't think it will be confined to sites falsely accused of helping copyright infringement. It is certain that others with a censorship agenda will use the precedent set by this to require blocking of 'hate speech', libel, anorexia sites, sexism or any other ism that is trendy," said Mr White.

The decision to pursue the website via ISPs represents a change of tactic for rightsholders but the MPA is keen to stress that it does not represent an attack on service providers.

"It is the result of not being able to identify and enforce action against offshore sites - nobody knows who they are run by or exactly where they are based," it said in a statement.

"We have explored every route to get Newzbin to take down the infringing material and are left with no option but to challenge this in the courts," it added.

The MPA said that it had chosen BT because it was the UK's largest ISP.

But industry body the Internet Service Providers' Association (ISPA) said plans to use its filtering technology on a wider scale would not work.

"Currently CleanFeed is dealing with a small, rural road in Scotland. Trying to put Newzbin and other sites into the same blocking technology would be a bit like shutting down the M1. It is not designed to do that," ISPA council member James Blessing told BBC Radio 4's PM programme.

"Rip-off prices"

The music and film industries argue that tough action is needed on pirates because illegal downloading is destroying their businesses.

Mr White said that the movie industry's claims about losing billions of dollars of revenue to illegal downloading were "pure fiction".

He claimed that Newzbin 2 is "barely used for finding music."

"Everyone uses iTunes," he said.

His views seemed to be supported by EMI executive Douglas C Merrill who revealed at a recent conference that his own research showed that users of the file sharing service LimeWire were also iTunes' biggest customers.

Copyright owners, said Mr White, have always fought new technologies.

"The copyright industry has run this argument against the manufacturers of Pianola rolls in the 1920s, against vinyl records in the jazz era, against cassette tapes in the 1970s and VHS tap technology in the 1980s," he said.

"If the MPA want to kill us they can do so virtually overnight and we'll tell them how: learn from the music industry and license work at non rip-off prices which the public regard as fair and in a form they find convenient," he said.

According to the MPA, Newzbin has around 700,000 members and generates an income in excess of �1m per year.

Mr White denies this.

"We make enough money for strippers and Jack Daniels but Ferraris may be some way off," he said.



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

Hackers call for PayPal boycott

Two high profile hacker groups have called on their followers to boycott PayPal over its continued refusal to handle donations to Wikileaks.

Anonymous and Lulz Security issued a joint statement asking supporters to withdraw funds and close their accounts.

PayPal froze Wikileaks' assets after it released stolen US diplomatic cables.

The company declined to comment on the boycott because of ongoing legal action over attempts to hack its website.

Launching the campaign, LulzSec and Anonymous wrote in an online posting: "PayPal continues to withhold funds from WikiLeaks, a beacon of truth in these dark times.

"By simply standing up for ourselves and uniting the people, PayPal still sees it fit to wash its hands of any blame, and instead encourages and assists law enforcement to hunt down participants in the AntiSec movement [the campaign to highlight weak IT security]."

Going straight

The campaign marks something of a departure for LulzSec and Anonymous, which are both known for stealing and releasing private information from websites with poor security.

"Start Quote

PayPal continues to withhold funds from WikiLeaks, a beacon of truth in these dark times."

End Quote Anonymous/LulzSec statement

The groups are at pains to emphasise that their current protest is being waged through legal means.

More than 100 million people around the world use PayPal to make online payments.

The company incurred the wrath of online activists, including Anonymous and Lulz Security, when it appeared to bow to pressure from the US government to stop handling donations to Wikileaks in December 2010.

Shortly afterwards the site suffered several denial of service attacks.

Earlier this month - in July 2011 - 14 people in the US and Europe were arrested in connection with the attacks.

In a statement, PayPal told BBC News: "As we state in our privacy policy, PayPal works with law enforcement or government officials if we receive a subpoena or court order; if we need to do so to comply with law; or if we believe in good faith that illegal activity has occurred."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials

French downloaders face grilling

The body responsible for administering France's "three strikes" anti-piracy law has summoned a group of web users to explain their file sharing habits.

Hadopi takes its name from the 2009 legislation which permits authorities to fine copyright infringers, or to cut off their internet connection.

The move is the most significant enforcement action since French politicians passed the law.

However, the 10 individuals named in the action are not obliged to appear.

France's "three strikes and out" legislation empowers Hadopi to identify suspected illegal file sharers and write to them, demanding they stop.

Those who do not comply after several letters can be disconnected from their internet service provider and blacklisted from obtaining services from another ISP.

In the UK, the Digital Economy Act makes some similar provisions, although the exact nature of possible sanctions has yet to be fully explained.

The blanket term "technical measures" is used to cover a range of potential consequences ranging from enforced slowdown of internet connections to disconnection.

Legal action

Hadopi said that in the last nine months it has been tracking 18 million French IP addresses.

It has sent a total of 470,000 first warnings by email, with 20,000 users receiving a second warning through the mail.

About 10 people who appeared to ignore the two warnings were asked to come and explain their actions to the agency.

After the meeting, Hadopi will decide whether to pursue legal action.

It will then be up to a judge to rule if a user has broken the law.

"The judge may impose a fine of a maximum of 1,500 euros (�1,326) and also disconnect the user from the internet for a maximum of one month," said a Hadopi spokesperson.

"Alternatively, he may decide to fine the user without the disconnection penalty - or simply let the user go."

But Jeremie Zimmermann from French citizen advocacy group La Quadrature du Net (Squaring the Net) thinks that it is unlikely that anyone will ever be charged.

"Start Quote

For Hadopi it's now about this strategy of intimidation - they're sending out warnings to make people believe that file-sharing is bad, but that's as much as they can do"

End Quote Jeremie Zimmermann La Quadrature du Net

"Hadopi is hoping that people will come and confess, that they will say that they have indeed downloaded copyrighted material," he told BBC News.

If the person does not confess or does not even show up, the only evidence the agency can present before the judge is a series of numbers - a particular computer's IP address, he said.

This poses several problems, believes Mr Zimmermann.

Firstly, hackers can easily break into a user's wireless hotspot and stream illegal content to a particular IP address using a different computer.

"We have no idea how this data has been acquired," said Jeremie Zimmermann. He expects that securing a conviction difficult, if not impossible.

Hadopi disagrees. "It's not only about the IP address," said its spokesperson.

"What we have to show is that the person has been warned that there's something wrong going on with his internet usage - that there's been illegal file-sharing - and that he has not done anything to protect himself from it after the first warning.

"So the evidence is the second warning received by the person."

Connection 'hacked'

The first person to respond to Hadopi's "invitation" has already declared his innocence.

Robert Tollot, a 54-year-old high school teacher from the region of Loire, will present himself to the Hadopi officials in Paris in September.

He told the French media that he had never downloaded any copyrighted material and that his wi-fi connection was hacked.

"He's absolutely furious, and it can turn out really badly for Hadopi as others will hear about his case and will prepare accordingly," said Mr Zimmermann.

"This law is absolutely useless," he added.

"For Hadopi it's now all about this strategy of intimidation - they're sending out warnings to make people believe that file-sharing is bad, but that's as much as they can do."



Powered By WizardRSS.com | Full Text RSS Feed | Amazon Plugin | Settlement Statement | WordPress Tutorials