Fully Loaded Kodi Box Sellers Get Massive Jail Sentences

A court in Wales has given heavy jail sentences to Michael Jarman and Natalie Forber, who ran a business selling fully-loaded Kodi boxes. They have pleaded guilty to operating a fraudulent business having sold more than 1,000 devices over a two year period. Jermain, 21 months sentence while Forber, a 16-month suspended sentence.Image result for kodi boxes

Kodi is perfectly legal, but when augmented with third-party add-ons it becomes a potent device, providing most of the content anyone could desire. The user can set up the system but for many, buying a so-called “fully-loaded” box from a seller is the more comfortable option.

As per local media, Jarman was arrested in January 2015 when police were called to a disturbance at Jarman and Forber’s home. Trading Standards officers launched an investigation after a large number of devices were spotted.

37-year-old Jarman pleaded guilty, but 36-year-old Forber initially denied the charges and was due to stand trial. Nevertheless, she later changed her mind and like Jarman, pleaded guilty to engaging in a fraudulent business.

They both attended a sentencing hearing before Judge Niclas Parry at Caernarfon Crown Court yesterday. Eryl Crump, the local reporter said the Court heard the couple had run their business for about two years, selling around 1,000 fully-loaded Kodi-enabled devices for £100 each via social media.

David Birrell, the prosecutor, said that the operation wasn’t too advanced, but it required Forber programming the devices as well as managing customer service. Forber’s claim of being forced into the scheme by Jarman was rejected by the prosecution.

They made £105,000 between February 2013 and January 2015, and that was transferred between bank accounts to launder the takings.

Forber, the mother mother-of-two broke up with Jarman following her arrest and is now back in work and studying at college.

Judge Niclas Parry while sentencing the pair described the offenses as a “relatively sophisticated fraud” carried out over a significant period and jailed Jarman for 21 months and Forber for 16 months, suspended for two years. Forber must also carry out 200 hours of unpaid work.

They will also face a Proceeds of Crime investigation which could see them paying large sums to the state, should any assets be recoverable.

 

Phone Store Employee Sued For Promoting ‘Pirate’ App Showbox

Two Movie Studios with films ‘Mechanic: Resurrection’ and ‘A Family Man’ respectively have sued an employee of a Hawaiian phone store. The woman accused is alleged to have recommended the ‘pirate’ application Showbox to a customer, and hence the movie makers are demanding damages in federal court for contributory copyright infringement.

It’s nothing new, select companies have targeted thousands of alleged pirates to pay significant settlement fees, or face legal consequences. But the twist in this particular story is that the employee allegedly promoted and installed the ‘pirate’ application Showbox on a customer’s device.

The studios ME2 Productions and Headhunter, own the rights to the movies ‘Mechanic: Resurrection‘ and ‘A Family Man‘ respectively.

Showbox is one of the favorite movie and TV-show streaming application capable of streaming torrents and works on a wide variety of devices.

In a charge filed at the US District Court of Hawaii, the studios accused Taylor Wolf of promoting Showbox and its infringing uses at the Verizon-branded phone store Victra where she works.

“The Defendant promoted the software application Show Box to said members of the general public, including Kazzandra Pokini,” the charge reads, further stating that Wolf installed the Showbox app on the customer’s tablet so that she could watch pirated content.

Excerpts From the Complaint

“Defendant knew that the Show Box app would cause Kazzandra Pokini to make copies of copyrighted content in violation of copyright laws of the United States,” the complaint adds.

This case is unique in the sense that it is not your traditional lawsuit case where the companies go after the user.

Both studios are experienced when it comes to piracy lawsuit. ME2 is linked to Millennium Films and Headhunter is an affiliate of Voltage Pictures.

Like most cases, the copyright holders demand a preliminary injunction to stop Wolf from engaging in any infringing activities, as well as statutory damages, which theoretically can go up to $150,000 per pirated film, but are usually settled for a fraction of that.

BPI Calls for Piracy Crackdown Under New UK Internet ‘Clean-Up’ Laws

This week, Matt Hancock, Secretary of State for Digital, Culture, Media, and Sport, stated new measures would be taken to clean up the ‘Wild West’ elements of the Internet.  Music group BPI responded by saying says the government should use the opportunity to tackle piracy with advanced site-blocking measures, repeat infringer policies, and new responsibilities for service providers.Image result for bpi

The UK Government has for the past several years expressed a strong desire to “clean up” the Internet.

There has been an intense emphasis on making the Internet safer for children, but that’s just the tip of the iceberg.

This week, the Government responded to the Internet Safety Strategy green paper, stating unequivocally that more needs to be done to tackle “online harm”

Considering every six out of ten people face “online harm”, the government while working with social media companies to protect users had seen positive results but the overall outlook has been below par.

For this reason, the Government will introduce new legislation, albeit with the assistance of technology companies, children’s charities and other stakeholders.

The Government has cleared that it wishes to tackle “the full range” of online harms, even though the emphasis is being placed on cyberbullying and online child exploitation. This move has been warmly received by UK music group BPI and thereby requesting the Government to introduce new measures to tackle Internet piracy.

BPI chief executive Geoff Taylor in a statement issued this week welcomed the move towards legislative change and urged the Government to encompass the music industry and beyond.

The BPI has published four initial requests.

  • Establish a new fast-track process for blocking unauthorized sites.
  • Compel online platforms to stop content from being re-posted after it’s been taken down while removing the accounts of repeat infringers.
  • Fines for “online operators” who do not give “transparent contact and ownership information.”
  • Pass laws for a new “duty of care” for online mediators and platforms.

To be published later this, the Department for Digital, Culture, Media & Sport and the Home Office will work on a White Paper to pass laws to tackle “online harms”. The BPI and similar entities will hope that the Government will also do the same.

 

eFail Attack on PGP and S/MIME Encryption

The EFF backed up by security researchers, have issued a warning over PGP and S/MIME encryption. Stop using at least for now to secure your emails.

PGP is widely regarded as the safest way to send secure emails although it does not encrypt metadata and is not the easiest to use.

 

Sebastian Schinzel, Professor of computer security at Münster University of Applied Sciences, on 14 May tweeted: “We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past.”

Professor Schinzel is a respected security researcher for having uncovered many cryptographic vulnerabilities. His most notable find was 2016 DROWN attack which rendered 33% of all HTTPS servers in the world at risk.

The Electronic Frontier Association (EFF) has confirmed the vulnerability:
“A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.”

It is best to follow the EFF’s advice.

The article then gives links to tutorials on how to disable PGP plug-ins in Thunderbird with Enigmail, Apple Mail with GPGTools, and Outlook with Gpg4win.

There is no mention of removing standalone apps such as Gpg4win or PGP browser add-ons such as Mailvelope.

S/MIME

S/MIME is similar to PGP; the only difference is S/MIME uses predefined encryption standards and public-private critical pairs handed by a trusted authority, whereas PGP users define their own encryption methods and sharing of their private encryption keys.

Closing

You should avoid using PGP and S/MIME to encrypt emails until the issue is entirely fixed.

 

Image credit: By arka38/Shutterstock.

 

Despite US Criticism, Ukraine Cybercrime Chief Gets Few Piracy Complaints

The previous year the MPAA, RIAA and other groups asked the U.S. Government to impose sanctions on Ukraine accusing them of failing to fight against online piracy. The European Commission also warned Ukraine of damaging its relations with the EU. However, Ukraine’s head of cyber-police unit said complaints received by him are few in number and are actually going down.

Ukraine over the past decade has played host to some of the world’s largest pirate sites.Image result for skull enter keyboard

The Pirate Bay, Kickass Torrents, ExtraTorrent, Demonoid and many other streaming portals have taken advantage of laws more favorable than those in the US and EU.

For this reason, Ukraine has been heavily criticized for not doing enough to combat piracy, but when placed under pressure, it does take action.

Over the years Ukraine has launched irregular actions against pirate sites and has taken steps to tighten up copyright law.

The Law on State Support of Cinematography came into effect April 2017 which gave copyright owners new tools to combat infringement.

The IIPA asked the U.S. government to suspend or withdraw Ukraine’s trade benefits until the online piracy situation improves.

But despite the criticism, Sergey Demedyuk, Ukraine cyber police chief says that while his department is committed to tackling piracy, it can only do so when complaints are filed with him.

“Yes, we are engaged in piracy very closely. The problem is that piracy is a crime of private accusation. So here we deal with them only in cases where we are contacted,” Demedyuk said in an Interfax interview.

Demedyuk does not know why complaints are going down but has claimed his unit takes action when asked to do so.

In the meantime, the Office of the United States Trade Representative has maintained Ukraine’s position on the Priority Watchlist.

Law Enforcement Officers Strike Pirate IPTV Operation

Over 150 law enforcement officers in Italy, Switzerland, Germany, and Spain have coordinated to dismantle a sizeable pirate IPTV operation. TV channel sources were targeted across different locations. Out of 49 suspects, five were arrested and taken into custody.

The rise of set-top box streaming has led to regular actions against pirate IPTV operations.Image result for iptv

Around 150 officers of the Provincial Command of the Guardia di Finanza (GdF) coordinated by the public prosecutor’s office in Rome carried out a targeted action on a significant unauthorized IPTV provider.

In Italy, Operation Spinoff made more than 50 searches in 20 provinces of 11 regions. Five people were caught. Switzerland, Germany and Spain – the Polizei Basel-Landschaft, the Kriminal Polizei and the Policia Nacional coordinated to execute warrants.

Image result for guardia di finanza roma iptv

“Through technical and ‘in-the-field’ investigations and the meticulous reconstruction of financial flows, carried out mainly through prepaid credit cards or payment web platforms, investigators have reconstructed the activity of a pyramid-like criminal structure dedicated to the illegal decryption and diffusion of pay-per-view television content through the Internet,” the GdF said in a statement.

Italian authorities report that IPTV core operation was sourcing of original content and channels.

IPTV sold to the public packages consisting of channels for 15 to 20 euros monthly in the form of an IPTV subscription.

The IPTV operation between the 49 individuals approximately generated one million euros. Out of five Italian citizens, four were taken into custody and one placed under house arrest.

Hardware

Everyone is under investigation, from the sources who decrypted the signals to the sellers and re-sellers of the content to end users.

Deadpool Pirated Copy Uploader Pleads Guilty

A 22-year-old Californian man has pleaded guilty to uploading Deadpool’s pirated copy to Facebook. It was shared shortly after the movie premiered, where it was viewed 6,386,456 times. Following an FBI investigation last year, the man was charged with the crime and faces a one-year prison sentence. Image result for facebook

Daily, hundreds of millions of people use Facebook to share photos videos and other things.

People post a lot of things on Facebook, but a pirated copy of Deadpool is one you should not.

Early 2016, a week after Deadpool premiered in theaters Trevor Franklin from Fresno, California uploaded a pirated copy on Facebook.

He downloaded it from file-sharing site Putlocker.is and uploaded it to his Facebook account.

The post was bound to go viral with over six million viewers, but it also meant Twentieth Century Fox and the feds were made known.

The FBI initiated a full-scale investigation which ultimately led to an indictment and the arrest of Franklin last summer.

Trevor Franklin has now signed a plea agreement with the government admitting to sharing the pirated film on Facebook. For this, the authorities will recommend a sentence reduction.

Franklin stated in the legal paperwork, signed by both sides that he knew what he was doing.

Excerpts from the plea agreement

When the incident happened in 2016, several people had warned him of the risk of uploading it on social media due to copyright infringements.

It’s still unclear why the US government decided to pursue this particular case. It could just be a case of setting an example.

According to the plea agreement, Franklin will be sentenced for a Class A crime. It could result in a maximum one-year prison sentence, followed by probation or a supervised release, as well as a fine of $100,000. He has forgone his right to a trial by jury.

 

 

 

 

 

 

New Zealand’s New Privacy Bill

A new privacy bill is going through the parliament in New Zealand with the legislation initially proposed back in March. The bill aims to revoke the Privacy Act of 1993 which is outdated.

This Thursday, May 24, public submissions for the new bill will end, and it will be inspected by the Select Committee to determine whether amendments are necessary. The government is hoping the new law will “promote people’s confidence that their personal information is secure and will be treated properly”.

Enhanced Privacy for New Zealanders

John Edwards, New Zealand’s Privacy Commissioner did go on record stating that he hopes the new privacy law will give the government “meaningful enforcement powers, such as an ability to seek fines for serious non-compliance”.

Edwards believes much like European counterparts New Zealand too should make it mandatory for companies to disclose when data violations occur. Any failure to report violations will result in fines reaching $10,000 for businesses that do obey.

This will be critical in making New Zealand based firms alert to data breaches and cyber-attacks.

Edwards also wants the new legislation to address automated processes “that can affect access or entitlement to goods and services”.

Why Not Before?

New Zealand Law Commission in 2011 had recommended an update to the Privacy Act, but nothing happened. So, one could suggest the EU’s GDPR legislation played its part in making this bill a reality.

This is a good sign for digital privacy around the world.

Immaculate Timing

The timing couldn’t have been any better considering the ongoing revelations about corporate data mining such as Facebook.

The recent Cambridge Analytica disaster shed light on how corporations are mining data through social media.

Taking into consideration the many other incidents that have taken place over the years it is safe to say that New Zealand’s legislation bill is so vital.

What’s Next?

This Thursday, the bill will go back to the select committee to address any pending issues. After that, the legislation will be revised for a second reading. Then, the Committee of the Whole House will go through the bill before third reading. In this stage, the bill will get Royal Assent and be passed into law.

53 Pirate Sites Blocked in Singapore

Singapore ISPs have blocked 53 pirate websites after a successful application by the MPAA, which accused the sites of blatant copyright infringement.

In 2014 Singapore passed amendments to copyright law that grant ISPs to block ‘pirate’ sites after mounting pressure from copyright holders.

The amendments came into effect in December 2014, but it was not until later that websites were targeted. In September 2016 following MPAA request, Solarmovie.ph became the first site ordered to be blocked under Singapore’s amended Copyright Act.

Owing to a successful application by the MPAA earlier this year, yesterday 53 sites across 154 domains have been blocked by ISPs rendering them inaccessible.

“In Singapore, these sites are responsible for a major portion of copyright infringement of films and television shows,” an MPAA spokesperson told The Straits Times (paywall).

The High Court, however, cannot grant a block injunction on any site without first proving the site is “flagrantly infringing”. YouTube is an example of non-blatant infringement.

The judgment should be tipped in copyright holders’ favor for sites to be considered for blocking.

There are also additional factors the Court takes into consideration when deciding to block a site like ISPs burden, technical feasibility, and its effectiveness.

In line with regions such as the UK and Australia, sites targeted for blocking needs to be informed of the case made against them, to make sure they’re given a chance to defend themselves in court. Not a single fully-fledged ‘pirate’ site has ever defended itself against a blocking application anywhere in the world.

Finally, copyright holders can apply for amendment of blocking order to the Singapore High Court should ‘pirate’ sites try to evade an ISP blockade. It is similar to the Australian model where each case must be heard on its merits, unlike the UK model which is more streamlined.

Recent Reports by Motion Picture Association Canada states at least 42 countries have obligations to block infringing sites. Just in Europe, 1,800 websites and 5,300 domains have been rendered inaccessible, with Portugal, Italy, the UK, and Denmark leading the way.

Copyright holders in Canada are lobbying hard for a site-blocking regime as they want to the “uncertain, slow and expensive” way of going through the courts.

Website Bug Enables Anyone to Track US Phones Without Permission

Last week US senator John Wyden issued a formal complaint to the FFC about a phone tracking system. Worryingly, a second more terrifying tracking service has surfaced.

It is called LocationSmart, and it is a phone tracking service that can pinpoint the location of mobile phones connected to carrier networks belonging to Verizon, AT&T, Sprint, and T-Mobile.

Brian Krebs, a security researcher, has revealed that a bug exists in the service.

The free to use API had been allowing anyone with basic coding knowledge to track almost every cell phone in the US.

Location Tracking Demo

The technology was intended to check the location of one’s phone through an SMS message asking the user’s authorization to approximate their phone’s position using mobile tower triangulation.

But, a researcher at Carnegie Mellon University found a way to bypass the SMS authorization process. The online demo tool did the trick.

Easily Exploitable

Robert Xiao from Carnegie Mellon’s  Human-Computer Interaction Institute said he found the bug by chance. In his detailed blog about the virus, he explained just how easy it was to bypass the SMS security check.

Mario Proietti, the CEO of LocationSmart, said the firm would launch an investigation regarding this. The demo tool is no longer available on their website. The CEO said the API was made available for “legitimate and authorized purposes” only.

Legal Conundrum

Krebs claims that it is imaginable the demo was available since 2011 for exploitation, and definitely since January 2017.

Krebs said: “A third-party firm leaking customer location information not only would almost certainly violate each mobile providers own stated privacy policies, but the real-time exposure of this data poses serious privacy and security risks for virtually all U.S. mobile customers.”

The decision from FCC’s investigation is yet to come, but it’s certain this case will not go down meekly.