When last we reported on Spore (a little more than two weeks ago), it had been at the top of the Pirate Bay’s download list for a week. Even now it is still in the top 15 (14th at time of writing). According to our most recent statistics, it would be fair estimation to say that probably close to 1 million copies have been downloaded on BitTorrent now.

EA has downplayed this, naturally. In comments to video game developer site Gamasutra, EA’s Mariam Sughayer said “Stepping aside from the whole issue of DRM, people need to recognize that every BitTorrent download doesn’t represent a successful copy of a game, let alone a lost sale. We’ve talked to people that made several unsuccessful attempts to download the game and ended up with incomplete, slow, buggy or unusable code. In one case, a file identified as Spore contained a virus. To say that every download represents a successful copy of the game –- or that there’s been more than 500K copies downloaded — that’s just not true.”

Of course, it should be pointed out that when TorrentFreak computed the download figures previously, the basis was only a few torrents, all known to be working and virus free, and similarly with figure earlier. TorrentFreak is not new at this, and we know how to tell the difference between an incomplete, a virused, buggy, or even encrypted with a password, and one that would work if downloaded. To attempt to spin it otherwise is rude and condescending, and shows how hard EA is attempting to salvage the reputation of itself, and Spore.

When we suggested a few weeks ago that the DRM was the cause of the high rate of downloads, we said it only hurt legitimate purchasers (and those that steal it) and we are not alone. A class action lawsuit was filed in northern California on September 22nd, targeting EA for the use of SecuROM. The lawsuit asks for damages based on the secret installation of a program, which can adversely affect your system, without telling you. It’s basically the Sony Rootkit debate again.

The lawyer that filed this case, Alan Himmelfarb, told TorrentFreak “People have an absolute right to control what does and what does not get put onto their computers. When companies resort to secret, undisclosed installations – for whatever purpose – they cross a line. Our lawsuit is the result in this case. First there was Sony with its Rootkit. Then there was Ubisoft with Starforce. Now we have EA with SecuROM. In each case, corporate executives failed to see anything wrong with installing a secret, uninstallable, administrative level program directly into the heart of the command center of the computer, so that they could control how you use your computer. So that they could decide what programs you could run, and what hardware you could have installed. All without asking. All without any attempt to obtain your consent. It is simply wrong, and we will continue to bring similar actions against any company that acts as if they obtain ownership rights to a consumer’s computer simply because someone plays their game or listens to their music.”

Thanks to DRM, Spore may well be the most downloaded game of all time, if not now, then in the next month. However, EA sees the facts a bit differently. On their support page dealing with DRM and Spore, they describe why they went with SecuROM

Q: Why are Maxis and EA implementing this new authentication process?
A: This solution serves to protect our software from piracy.

Yeah, it’s worked REALLY well.

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

EA Downplays Spore’s DRM Triggered Piracy Record torrent downloads.

Sony is following in the footsteps of established anti-piracy lobbyists. The IFPI, for example, has been lobbying politicians to force ISPs to identify, filter, block and remove copyright infringing content from the Internet. For their part, the RIAA has suggested similar measures for the upcoming Anti-Piracy Trade Agreement Wishlist (ACTA).

Thus far, these attempts haven’t been particularly successful. ISPs worldwide are refusing to cooperate, mainly because they feel such actions violate the privacy of their customers. In addition, last week the Belgian ISP Scarlet - previously ordered to stop illegal file-sharing on its network - told the court that it is simply impossible for it to do so.

Nevertheless, Sony’s John McMahon said in his keynote speech at the Broadband World Forum, that he would like ISPs and copyright owners to cooperate in order to reduce piracy. According to McMahon, the entertainment industry is losing more than two billion dollars a year because of piracy, but he believes this number can be reduced significantly with the help of ISPs.

Interestingly, McMahon also said that customer frustration with DRM is one of the main reasons why people turn to file-sharing networks, instead of legal alternatives. Sony recognizes, but at the same time ignores these signals from their customers, as they are not planning to get rid of DRM. Instead, they are investing in a new and improved DRM, the Digital Entertainment Content Ecosystem (DECE).

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

Sony Urges ISPs to Cooperate Against Piracy torrent downloads.

With 3.5 million Internet subscribers, Cox Communications is one of the larger ISPs in the US. Like all the other Internet providers, Cox receives numerous copyright related takedown requests from anti-piracy organizations.

However, it’s how they handle these requests that’s quite unique, and disturbing to say the least. Instead of sending their customer an email, notifying that they have received a DMCA takedown request on their behalf, Cox disables their Internet connection. Here is a quote from the warning page customers get to see when their Internet connection is cut off (screenshot below the article).

Under the DMCA, we have the responsibility to temporarily disable your Internet access, until such time as you take the necessary steps to remove the infringing files and to prevent further distribution of copyrighted material.

There are a couple of things wrong with this notification. First of all, and most importantly, the DMCA doesn’t oblige Cox to disable a customer’s Internet access at all. They have to notify their customer of the alleged infringement, but the measures they actually take are clearly out of proportion, and definitely not in the best interest of their customers.

Indeed, it has already led to a lot of frustration with Cox customers. One of them told TorrentFreak that he has been struggling for two days to regain his Internet access. The customer in question was instructed to call a phone number in order to resolve the issue, but it was impossible to get though for most of the day. When he finally got hold of someone via the regular customer service, he was simply told that he should call the same number he was given before.

After being on hold for more than an hour he eventually got through. The Cox customer told us what happened next: “He [Cox employee] said that he is going to allow me to have the Internet enabled for 1 hour while I ‘call my router company so they can walk me through securing my wireless network.’ If I don’t call back in the next hour, he will turn the Internet off again.”

First-time offenders will eventually get their Internet access reinstated, but not without being warned that they might lose it permanently if they receive two more takedown requests. “If it happens three times, I will be referred to their headquarters in Atlanta,” the Cox customer told us.

We contacted Cox’s customer support to verify this, and we were told that there is indeed a three strikes policy in place. When a Cox subscriber receives three takedown requests, their Internet access will be cut off entirely. Interestingly, this is the same policy that the European Parliament voted against last week, because it “restricts the rights and freedoms of Internet users.”

It turns out that Cox doesn’t need legislation to implement a three-strikes policy though. “Cox does in fact have a 3 strikes policy with regards to violations of our acceptable use policy for Internet service. If a customer’s service gets suspended 3 times for the same type of violation the customer risks having their Internet service terminated,” Cox’s customer support told TorrentFreak.

It is of course up to Cox how they handle alleged violations of their acceptable use policy. However, the problem lies in the fact that they act upon accusations made by the MPAA, RIAA and other anti-piracy organizations who employ evidence gathering methods that are shoddy, to say the least. In addition, there is still no law that requires a person to secure their wireless network and there are even routers that enable people to share their connection with outsiders.

We think that Cox clearly overstepped the mark here. Customers might not make as much noise as the lawyers of the entertainment industry, but eventually, they are the ones who bring in the money. Cox Communication currently uses the slogan “Your friend in the digital age.” Some friend…

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

Cox Disconnects Alleged Pirates from the Internet torrent downloads.

For those first getting interested in file-sharing, it can be a bewildering experience, with a huge array of software clients, sites and jargon to cut through. Make no mistake, it’s easy to take a wrong turn. Instead of ending up on Mininova or The Pirate Bay, novice users find themselves clicking their way to the dark side and ending up on a ’scam’ site.

A ’scam’ file-sharing site can operate in numerous ways, but in the end the aims tend to be the same. They either try to offload malware or, more commonly, try to part the site visitor from his cash by getting him to sign up to access the site with his credit card. Usually, users pay a relatively small amount in the first instance, say $5-$10 per month. However, it’s not unusual for additional charges to start appearing on the victim’s card at a later date. Canceling the agreement with the scammers can be a nightmare.

In return for the money paid, the user usually gains access to a basic meta-search site, which simply searches and offers results from completely free sites such as Mininova or The Pirate Bay. Millions of unsuspecting people are signing up for these scam sites (often advertised by ‘legitimate’ BitTorrent sites), and have done for some years now.

One of the most famous scam sites is FullReleases.com, which has been in operation for a few years now and has generated a fortune for its owners and a whole lot of misery for its ‘customers’. Today, those victims have reason to celebrate since the owners of the site have had their identities revealed and, related or not, most of the sites they operated are parked and not longer operational.

Mateusz Dylewski and Jake Dylewski are reportedly the sons of Polish immigrants who settled in Surrey, BC, Canada. After their successes running a pair of warez sites, in 2005 they created FullReleases.com and set about making their millions with false claims and misleading operations which targeted naive entrants to the file-sharing phenomenon. The site went on to become one of the world’s most famous scam sites, parting untold people from their cash and prompting thousands of complaints.

However, rumor has that the brothers didn’t stop with one site, and started to build an empire. Dozens more appeared, with some deliberately named to trade on the successes of established genuine sites, with domains such as adultreactor, bitdig, releases.ws and rapidsharereactor.

Right now, many of these sites have been taken down, including FullReleases.com, and although this in itself won’t get refunds for those that have been scammed already, it will certainly give them a boost. It is not 100% sure why all the scam sites are suddenly parked or offline, but it is likely that the brothers are enjoying an early retirement.

So how can people avoid getting sucked in by these scammers and others like them? It’s amazingly simple - NEVER pay to download torrents since they are always available for free, and for God’s sake, Google!

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

Massive Warez Scam Architects Run For Cover torrent downloads.

DRM has managed to become widespread without the knowledge of many. DVDs, MP3s, books, software, games and even audio CDs (although such DRM’d CDs are not allowed to use the CD logo), they can all come with DRM nowadays. DRM issues occasionally hit the headlines, with instances like the Sony Rootkit lawsuits and HD-DVD fiasco, with TorrentFreak even running a competition to design an anti- DRM T-shirt last year (results are here).

The problem with DRM is that it doesn’t do what it’s supposed to do. The only people who are negatively affected are honest customers, since pirates will get their DRM-free version off BitTorrent anyway. In fact, DRM seems to produce an increase in downloads over legitimate sales, with the ‘Spore’ fiasco as a recent example.

Public reaction to DRM is not favorable, and has been growing worse (such as when a DRM-based service closes). Even though some retailers have started to sell their goods without DRM, others have not, or have released products selling stuff ONLY in DRM encumbered formats. A prime example of without DRM is Amazon, with its music, and an example of with DRM is Amazon and their Kindle ebook reader. Kindle ebooks are sold complete with DRM, locking the books to a single system. This applies to all Kindle ebooks sold via Amazon.

One of the Kindle e-books looks a little out of place with DRM though. A member of the US-based Students for Free Culture organization informed TorrentFreak that the book Free Culture, by Creative Commons founder Lawrence Lessig, is available through the service. The book deals with the rise of the copyright situation in the US, and how laws in other areas were changed to keep pace with advances in technology, sometimes making obsolete decades, or centuries of precedent.

The fact that this book is available in a DRM format might not seem all that important, except that the book itself spells out what is wrong with DRM. The book is available as a 100% free download on the book’s official site. However, short of violating the DMCA by circumventing the DRM, it is hard to put the pdf version of the book on the Kindle, exemplifying the problem. Most ironically, though, is that the subtitle of the book is “How Big Media Uses Technology and the Law to Lock Down Culture and Control Creativity”, so the book has become its own example.

Prof. Lessig did not respond to requests for comment on this story, but he will be giving a keynote speech at SFC’s “Free Culture 08” on October 11th.

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

Lessig’s ‘Free Culture’ Now Available with DRM torrent downloads.

We recently reported how Ohio University spent more than $75,000 on the CopySense anti-piracy system, and we promised an insight into how the system works. CopySense is the network equivalent of the Eye of Sauron, watching over the lands it controls, looking for something of interest, and attempting to kill it. Instead of Orcs, however, it uses RST packets.

As stated previously, for your money you get a box that you plug into your network as close as possible to the Internet connection. Here it monitors all the traffic it can see, looking for data that matches the fingerprints stored in it. If it detects a transfer matching a fingerprint, it terminates the connection, in the same way Sandvine does , by sending RST packets to both ends of the connection, spoofed to look like the other sent it.

Although it seems like a fairer system than the Sandvine box Comcast used, it still has some significant flaws. Perhaps of greatest interest, is that it can be configured to act just like Sandvine, but more so. Literature for the system claims it “automatically filters copyright infringements, operating in a manner similar to a virus filter, without disrupting legitimate file trades.” But does it live up to the hype?

Audible Magic’s support site contains the answers to the basic questions most of us have about CopySense.

Q: What P2P protocols/programs are recognized?
A: The CopySense Appliance recognizes signatures from over 150 popular P2P applications and their derivatives. As new P2P applications are introduced, additional recognition capabilities are provided as software updates under your maintenance agreement
Q: How does it block traffic?
A: The appliance can be instructed to block all P2P traffic or to block only copyrighted content from P2P applications. The CopySense Appliance uses a patented packet-resetting process, and it sends a packet reset to both the requesting and sending IP addresses each time they attempt a P2P transfer that is to be blocked. The P2P application is thus forced to time out with an unsuccessful transfer.
Q: How does it recognize copyrighted content?
A: The CopySense technology examines the perceptual characteristics of a media file and compares that signature with those contained in a database of protected works. Publishers of media content register their works in Audible Magic’s database. The database is regularly updated in the CopySense Appliance as part of a content update subscription.

As the name of the site is TorrentFreak, and the main protocol in use is BitTorrent, let’s start there. Torrents are non-sequential downloads (illustration), that take ‘random’ (generally rarest first of what’s available) pieces from peers on the torrent, in 16KiB chunks. Also, although chunks might be sequential, pieces rarely are. A data stream may consist of 5 chunks from the start, then 2 from the back, and 1 from the middle. From just that 128KiB of data, Audible Magic claim they can identify a copyrighted work, and then terminate the connection.

If it sounds implausible, that’s because it is. It may work with systems like DC++, or possibly eD2k (as well as SoulSeek and KaZaA), but there is no way it can be accurate or effective with BitTorrent. Such methods would work better with HTTP (like Rapidshare) or FTP transfers, but aside from CopySense saying they don’t interfere with anything non-P2P, there is another problem.

As highlighted in the recent case involving the baby dancing to a Prince soundtrack, fair use is a perfectly adequate defence. This system makes no allocation for fair use at all. In the case, the judge ruled that before copyright enforcement can take place, the copyright owner is required to consider if the usage is fair use. An automated system is incapable of that. There have also been doubts surrounding the effectiveness of the streaming content version, which is based on the same technology.

So, in essence, CopySense does not (and can not) work to inhibit the most popular p2p protocol out there. If it could, then we would simply see a resurgence in passworded RAR files being torrented, with the passwords posted either on the torrent site, or even in the comment field of the torrent. CopySense also fails to check if a copyrighted file that it might identify (if you’re using a protocol that it can actually detect) is being used in a way consistent with fair use, or is licensed for use (although extremely improbable, the possibility exists, especially if copyrighted recording is right at the start).

In part two, we will look at claims that have been made from those who have used CopySense, and how that affects copyright infringement cases already in progress, and just how you get your content protected.

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

CopySense Sleek Predator, or White Elephant? torrent downloads.

The Pirate Party is known for it’s battle against the ever increasing government surveillance on the public. So, when an anonymous whistleblower sent them a internal document which showed that the government went as far as installing trojans on computers, they didn’t hesitate to publish it.

German authorities weren’t too happy about the leak, which might be illegal according to a criminal law specialist, and went after the source. Earlier this week police searched the home of the Pirate Party spokesperson where they hoped to find more information. In addition to the home search, a server from another party member was seized. The server, however, was fully encrypted, so chances are low that it will uncover the whistleblower.

In a response, Andreas Popp, Chairman of the Bavarian Pirate Party said: “A brave person leaks documents to the Pirate Party, to inform the public about a procedure of the Bavarian Government, which is highly likely to violate the constitution. Now this persons is hunted like a criminal. Private rooms are raided, servers get seized.”

Pirate Parties around the world will continue to speak out against these, and other privacy threats. The trojan in question (German) was able to tap into Skype calls and intercept traffic to encrypted websites.

Post from: TorrentFreak

torrentlog.com - Full movie downloads (dvdrips and divx)

Pirate Party Official Raided after Uncovering State Trojan torrent downloads.

Over the years BitTorrent has attracted some shady figures. We’ve reported on malware ridden BitTorrent clients and media players, a BitTorrent site that infects its users with spyware, and several other scams.

Although most scams can be avoided easily when a few simple rules are followed, they still manage to trick thousands of novices every day - and this is not going to end anytime soon. Since BitTorrent has become more or less mainstream, with millions of users worldwide, it also proves an interesting target for email spammers.

The latest scam, unlike the others we have reported on before, is one that is sent by email. The email is disguised as a message from the anti-piracy company MediaDefender (using their logo etc.), and warns the recipient that his or her download behavior has been logged. The email has a report attached with more details about the infringed material, which turns out to be a virus.

Dear User!

Your recent internet activity was logged on the following sites:

* Btjunkie
* SumoTorrent
* isoHunt
* Btscene
* Mininova
* Fenopy
* Monova
* Yotoshi
* GetInvites
* Btmon

We have attached a report about the copyrighted movies, music, softwares you
downloaded or searched on these webpages. We strongly advise you to stop any
future activities regarding the downloading of illegal content or you can
expect prosecution by 17 U.S.C. §§ 512, 1201?1205, 1301?1332; 28 U.S.C. §
4001 laws.

Sincerely,

MediaDefender Inc.

To the more experienced and BitTorrent savvy users it is clear that the email is a scam. First of all, MediaDefender has never been involved in anti-piracy enforcement. The only thing they do is spoofing, flood BitTorrent sites with fake files, and the occasional DDoS attack on Revision3.

In addition, the email claims to have data on what the user searched for on the sites, which is irrelevant and practically impossible. It seems that the spammers should have done some more research on the topic. A good spammer would have included The Pirate Bay in the list of sites instead of Getinvites, which is a BitTorrent invite trading site, and not a search engine

A related scam email, sent out by the same group of people judging by the style and format, is also targeted at filesharers and threatens to suspend their Internet connection. The email claims to be sent by the Internet service provider consortium, and again includes an infected attachment with a report.

The email is a clever scam that shows how mainstream BitTorrent has become. The emails are sent out randomly, but many recipients, scared by be cut off by their ISP, or sued for downloading copyrighted material, might open the infected attachment without realizing that it is a scam.

This is an article from: TorrentFreak

Anti-Piracy Scam Emails Target BitTorrent Users

torrentlog.com - Full movie downloads (dvdrips and divx)

Anti-Piracy Scam Emails Target BitTorrent Users torrent downloads.

Comcast was ordered to stop slowing down BitTorrent users before the end of the year. In addition, the company has to disclose all “network managing” practices.

The FCC’s final decision came exactly a year after we first reported on the issue. Initially, Comcast flatout denied that they were slowing down BitTorrent users, but after AP confirmed our reports, mainstream media picked it up and the FCC got involved. FCC argues that Comcast’s actions are unfair because they specifically target BitTorrent, not any other protocols.

Good news right? So BitTorrent users will soon be able to download at blazing speeds again? Well, not really. A neutral net wont stop ISPs from slowing down their customers. Now they simply have to slow down everyone - and that’s exactly what their plan is. Comcast already said that they will move on, and throttle bandwidth hogs at peak times when needed. On top of that, they are enforcing a monthly bandwidth limit, not hesitating to disconnect people who use more than they should.

Comcast is taking these measures under the “reasonable network management” flag. However, what is reasonable now (if it is), might not be one or two years from now. The problem is that the ISPs are the ones who decide what the limits should be, meaning they can pretty much do whatever they want.

Several ISPs have already started to experiment with new tools to prevent customers from using too much bandwidth. Comcast will slow down all heavy bandwidth users, and Time Warner Cable is testing metered plans, where users will pay for the bandwidth they transfer. Worrying developments, to say the least.

Some might not see a problem with metered plans. We pay for water and gasoline in pretty much the same way. This is indeed true, but there’s also a danger in metering the Internet. It will restrict innovation (heavy bandwidth apps), and the use of high bandwidth video streaming may become something for the elite.

One thing is clear, BitTorrent users will be the main targets of these new “business models”. It was therefore surprising to see comments from Eric Klinker, Chief Technology Officer of BitTorrent, on these initiatives. “I think what Comcast and Time Warner Cable are doing is a great first step,” Klinker told Cnet. “It gets ISPs out of the business of deciding which applications are important and which aren’t. But there are enhancements to the peer-to-peer protocol, in particular, that can make it easier on all ISPs.”

Net neutrality is not the Holy Grail though - a neutral net is useless if it’s slower than a biased one. Klinker agreed on this, and told us that he doesn’t think that these new business models, or network management practices, are a good long term strategy. “This is a step in the right direction because ISPs are indeed making their networks more “neutral” without new legislation requiring them to do so,” he told TorrentFreak. “But make no mistake, bandwidth caps and metered plans are bad for the Internet and could stunt the adoption and growth of all broadband services.”

Network expert Robb Topolski, who was the first to document Comcast’s unfair network management practices, thinks that ISPs might experiment with new network management tools, but that these wont stick. When we asked him whether he thinks the FCC ruling will lead to more bandwidth caps and metered plans, he said: “If it does, then something has gone wrong with competition. Customers clearly don’t want metered plans and bandwidth caps. There might be some ISPs that experiment with these, but I don’t see it happening.”

Let’s hope Robb is right. Of course, we applaud the FCC ruling, but we have a strange feeling that ISPs will continue to fight their customers for a while. They should, of course, move on and invest in the future. BitTorrent is here to stay, files will get larger, and more bandwidth intensive services will surface, really.

This is an article from: TorrentFreak

Comcast vs. BitTorrent, What’s Next?

torrentlog.com - Full movie downloads (dvdrips and divx)

Comcast vs. BitTorrent, What’s Next? torrent downloads.

Here at TorrentFreak we get a few emails each week announcing the arrival of new BitTorrent sites but there are so many, we can’t possibly write about them all. Instead, due to time limitations, we write about ones which are topical in some way or offer some interesting or unique features. Today we report on a new torrent site which does indeed have an interesting feature, although most won’t appreciate it.

One of the main drawbacks of using P2P software such as Limewire, is that the content on the network (Gnutella) is unmoderated - anyone is free to put up whatever they like, be it music, movies or TV shows. Of course, others use this lack of moderation as a green light to upload viruses, spyware and other malicious software. Equally, one of the great strengths of BitTorrent (at least from a harm-reduction point of view), is that .torrent files are uploaded to torrent sites where staff work hard to filter out as much of the malicious software as they can, making BitTorrent relatively malware-free.

Of course, this great system falls apart if you can’t trust the people running the site. People expect anti-pirates like MiiVi to be ‘the enemy within’, but who needs those when you have ‘friends’ like the guys at new torrent site, TrafficLoader.com.

TrafficLoader.com (and its forum, pdls.info) hasn’t been setup for the benefit of BitTorrent users, it will be used by spammers, scammers and virus peddlers to spread their malicious software among the community. One of the admins called ‘Satty’ says that no registration is needed to upload torrents to the site and none will ever be removed. The site does have a notice - ‘Viruses, spyware, affiliate links and everything related is strictly prohibited’ but don’t believe it - Satty says these rules don’t apply to his friends in the PPI (Pay Per Install) community.

A few days ago the site was pretty bare with relatively few torrents and it was clear that most of them contained malware. It was suggested to Satty that it might be a good idea to have some genuine torrents too, to help disguise the bad torrents. Now things are starting to ‘improve’ on the site with many more torrents added recently which don’t immediately appear to be malware.

In the last few days, TrafficLoader cosmetically ‘cleaned up’ the site to remove porn adverts in order to appear more genuine but unfortunately, someone as well as TorrentFreak noticed that they made a big mistake:

“Why would you [Satty, admin] put a forum for ppi on a publicly scraped site, a.k.a here?? Do you just want ppl to find out shit is full of malware?”

Just in case they did want people to find out, hopefully this post will help them get the word out.

For those that want advice on how to avoid bad torrents in the future, try one of our guides.

This is an article from: TorrentFreak

TrafficLoader.com to Infect BitTorrent Users with Malware

torrentlog.com - Full movie downloads (dvdrips and divx)

TrafficLoader.com to Infect BitTorrent Users with Malware torrent downloads.

Piracy can be a funny business at times, but the rhetoric is often extremely predictable. So when something unexpected happens it can knock you off your stride. Something like… a major game publisher distributing a Scene no-cd crack as a fix would do it, for instance. If it sounds unlikely, that’s because sometimes truth is stranger than fiction. In this case, the publisher is Ubisoft, the game ‘Rainbow Six: Vegas 2‘, and the Scene ‘no-cd’ crack – yes that’s there as well.

The situation revolves around that oddest of characters, Direct2Drive (D2D) - an online games store, owned by IGN, selling games over the Internet as protected downloads. Game code is modified to prevent the standard retail DRM from inhibiting game play (as there is no actual disc to check for) with Trymedia activation utilized instead. More importantly, since the code around the DRM has been modified and changed to a different system, regular patches from the game developers can’t be used. Instead, patches must be reworked by D2D to accommodate these changes. These changes are not always quick, a point D2D does try and defuse in its FAQ.

Thus we come to Rainbow Six: Vegas2 (R6V2) which, since its release in March, has had three patches released for it. The third, 1.03 provides a lot of changes, including new play modes, so legitimate purchasers of the game were eager to try it. The problem is, those that bought it via D2D can’t use it. This is the problem inherent in DRM. Those that buy the product are the ones affected, not those the DRM is designed to defeat.

After lots of complaining and attempts to fix things themselves, one Ubisoft employee found a solution. A zip file was uploaded to the help/support site, named “R6Vegas2_fix.zip”.

If D2D users patched to 1.02, then replaced the EXE with this one, they could then update to the new patch. However, someone ran a hex edit and it appears the fix was not Ubisoft code but actually a ‘no-cd’ crack released by the Scene group RELOADED, as shown here.

Since then, the zip file containing the fix has been pulled from the Ubisoft support site, so we’re unable to verify. The game’s community is as baffled by this as everyone else. Since the claimed origin of the fix, 10 days ago, there has been no word on it officially from Ubisoft, beyond a ‘Community Manager’ who states

We’re looking into this further as this was not the UK Support team that posted this, however if it is an executable that does not need the disc I doubt it has come from an external source. There’d be very little point doing so when we already own the original unprotected executable.

As soon as we find out more about this we’ll let you know.
_________________
Ubi.Vigil
Community Manager
Ubisoft UK

Although it is not unknown for a Scene release to be used to ‘fix’ a retail product, it’s certainly rare to have that fact promoted. That the ‘no-cd’ patch works, might have some relation to how brutal the Scene is when it comes to the quality of their work, especially in games. Whilst this is a validation that the Scene isn’t as bad as the lobby groups would have you believe (they fixed the game, and did it for free) you can bet that Ubisoft won’t be smiling at E3, and that they, and Direct2Drive, will continue to use DRM to annoy and inconvenience paying customers.

This is an article from: TorrentFreak

Ubisoft Steals ‘No-CD Crack’ to Fix Rainbox 6: Vegas 2

torrentlog.com - Full movie downloads (dvdrips and divx)

Ubisoft Steals ‘No-CD Crack’ to Fix Rainbox 6: Vegas 2 torrent downloads.

Thankfully, Lenslok isn’t the latest horrible idea in anti-piracy technology - in fact, it was first introduced more than 20 years ago. Developed by inventor John Frost, the device had a lens which carried around a dozen grooves which sent light though it at varying angles, ‘unscrambling’ seemingly random graphical blocks underneath it to reveal a secret ‘continue’ code.

These days, DRM is often applied a little more stealthily but never has it been as complex for the legitimate user as it was with Lenslok.

Rather than explain the full process of using the Lenslok, here is a scan of the original instructions that came with the device:

The first game to use the Lenslok DRM was the ZX Spectrum version of the hugely successful wireframe-3D shoot ‘em up, ‘Elite‘. But of course, we’re talking about DRM here so yes, you guessed it, it caused lots of problems for the legitimate users. As each version of the Lenslok device was unique to the game it sought to protect, sending out the incorrect Lenslok device to around 500 buyers of ‘Elite’ wasn’t the best move made by the publisher, ‘Firebird‘. None of these people could play the game, but probably had an interesting experience for a few hours trying to work out how to use the prism. With no Internet forums to voice their anger, there were many complaints in the computer magazines of the day.

The final nail in the Lenslok coffin was its inability to work with anything other than a tiny portable TV, as the on-screen input window would otherwise be bigger than the device itself, rendering it useless.

Although Lenslok is now (thankfully) dead and buried, those people running a ZX Spectrum emulator might still come across its evil work when playing games such as ACE, Art Studio, Elite, Jewels of Darkness, Price of Magik, Tomahawk or TT Racer.

So, the choice is to either pick up a Lenslok off eBay for next to nothing, or run a digital emulation of it - a sure sign of the times.

This is an article from: TorrentFreak

Crazy Video Game DRM Prism, 1980’s Style

torrentlog.com - Full movie downloads (dvdrips and divx)

Crazy Video Game DRM Prism, 1980’s Style torrent downloads.

No more slow downloads, viruses, or adware/spyware required to find the files you are looking for. The Rhever application has a built in easy-to-use search engine to find what you are looking for and does not require you to troll websites looking for .torrent files.

Unfortunately for Rhever, there is no Internet ‘buzz’ around their brand, people just aren’t taking about it, which is a bit strange for such a seemingly great product. If you do a search, 95% of the stuff you’ll find are press releases - and they only appear to be designed to worry people onto their new service.

They play an awful lot on the closure of TorrentSpy in their attempts to generate fear, uncertainty, doubt - and new business for them.

The ‘launch‘ press release lays off most of the scare tactics but is still littered with strange and misleading statements. Rhever spam is posted on dozens of forums, like this one and there are also some ‘interesting’ articles and blog posts around (tagged ‘Rhever’) proclaiming the end of BitTorrent sites. Even Digg doesn’t escape Rhever spam submitted by the company itself.

Also, Rhever use the most contentious music industry statistics to ‘prove’ that other P2P networks are dangerous, and refer to the IFPI as “respected industry analysts.”

If the fear doesn’t work, maybe the comedy angle will get them some subscribers? Rhever has produced a series of (admittedly quite funny) promotional animations showing the benefits of using Rhever over existing file sharing networks. Take a look at the ‘Rhever vs LimeWire’ video below which says that Rhever has done the impossible - and completely eradicated viruses from its network. In its own words:

Each of its [Rhever's] 60,000 servers are run by an administrative team that monitors the servers for any rogue files - viruses, fake uploads and other negative features that are removed instantly

LimeWire vs Rhever

BitTorrent vs Rhever . In this video you will find the secret of the Rhever network..

So it seems Rhever is selling access to good old Usenet and advises its subscribers to use NZB files to get their material, recommending its own (currently non-operational) site to get them - NZB.net.

Considering that Rhever’s strategy is to worry people about the legality of their chosen method of sharing files so much that they sign up, they’re quite cavalier about their own legal position. NZB sites in the US don’t have a great lifespan and offering a full package with Usenet seems very brave.

Finally, here is the KaZaA vs Rhever video:

Rhever is keen to play on the adware bundled with KaZaA, and that proves interesting when armed with WHOIS.

Rhever.com and NZB.net are both owned by a company called JMH Media. JMH Media are the current owners of the MySpaceBar.com domain, which was previously connected to the Scam.MySpaceBar malware. Unsurprisingly, McAfee doesn’t like it at all.

I’m not exactly inspired with confidence to try this Rhever but hey, nothing ventured, nothing gained! Time to sign up. Unfortunately, no matter what I put in I get errors, a point not lost on the solitary poster on the Rhever forums:

No mention of prices anywhere. No contract information. No proper terms or conditions. No company information. No privacy statement. No contact information. No postal address.

There is however, a link to the Rhever client, named ’setup.exe’…..

Maybe Rhever’s fear-marketing has got to me? Far from being scared into leaving BitTorrent, all this uncertainty means that i’m too scared to even install ’setup.exe’ due to what might be inside it - an instinct I acquired in my days as a LimeWire/KaZaA user.

Another couple of hours wasted looking for The Holy Grail, only to realize that much like the French soldiers in the movie of the same name, I already have one.

What we really need now is a talented animator to make a proper ‘BitTorrent versus Rhever’ video….

This is an article from: TorrentFreak

Be Afraid of BitTorrent, Very, Very Afraid

torrentlog.com - Full movie downloads (dvdrips and divx)

Be Afraid of BitTorrent, Very, Very Afraid torrent downloads.

Again, it’s one of the few bastions of anti-corruption, Wikileaks, that has spilled the beans on this unsavory topic. Yesterday the site revealed a document proposing a treaty that will significantly limit the privacy and rights of Internet users, to the benefit of multimillion dollar companies.

“ACTA” is basically an attempt to criminalize the Internet, thus allowing a virtual police state to occur by the selective prosecuting of crimes. In short, it’s an international treaty, or hopes to be, that will greatly increase already draconian copyright measures, in a poor attempt to appease the copyright and patent industries.

The proposal is based on the assumption that ‘intellectual property rights’ (a term used nine times on the first page of the proposal, and 24 times over the entire 3 ½ page document) trump personal privacy, data protection, probable cause, and lots of other important principles in western democracies.

The measure which has received wider publicity is the so-called ‘Pirate Bay killer’. At the end of page two, there is a list of things that should be included in a signee’s legal framework, and in the section about criminal sanctions it states “significant willful infringements without motivation for financial gain to such an extent as to prejudicially affect the copyright holder (e.g., Internet piracy)”. Think non-profit, personal use file-sharing.

Of course, this could go two ways, as the MPAA, for instance, has been guilty of ‘Internet piracy’ in the past, with it’s university toolkit.

Worst of all though, are the following two points speaking of “establishment and imposition of deterrent-level penalties” and “ex-officio authority to take action against infringers”. It is argued that the current level of penalties aren’t harsh enough (“people are still doing it, so they’re no deterrent”), so there should be room for harsher punishments. Combine this with the ability to prosecute without a rights holder complaint, which means that people could be liable for millions, or imprisoned (they are talking about CRIMINAL enforcement) for sharing Steal this Film, or Paulo Coelho’s books. So, these people actively want you to share would have no say in any such prosecution.

There are some other pure gems proposed, such as “ex officio authority for customs authorities to suspend import, export and trans-shipment of suspected IPR infringing goods”. Given that copyright law is so complex and convoluted, and that judges make mistakes in the cases they hear, this is worrying.

Unsurprisingly, the US patent office is backed up beyond belief and dominated by patent trolls that wait until a successful business is established, before pouncing to clean up. This would mean the death for any new and innovative products, or art. If that wasn’t bad enough, there is a further provision for rights holders to prod customs officials into suspension. Thus, a company can make an allegation, forcing a competitors products to be held in limbo until sorted.

Protest has been swift. TorrentFreak occasional contributor Jamie King wrote on his own blog: “In the form that it currently appears to exist, ACTA would ratchet-up further the rights of Hollywood and Recording Industry Association of America (RIAA) at the expense of all of our civil liberties. It provisions to criminalize information use practices currently allowed under U.S., European, and international law are completely disproportionate to the ‘problems’ it claims to address.”

Andrew Norton, chairman of the American Pirate Party was much less restrained: “The very existence of the Anti-Counterfeiting Trade Agreement (ACTA) – be it in policy or just planning, sends one definite message to people around the world; Corruption is rife in the interested countries. There can be no other reason for yet another ‘intellectual property’ (itself a misnomer) law aimed at protecting business interests and expanding government intrusion into the private affairs of it’s citizens, in the name of ‘protection’.”

Of course, the other area most affected by this would be whistle-blower sites like Wikileaks itself. The owner of any leaked document can claim copyright infringement on its publication, and have it pulled. In this, ACTA is a very effective censorship tool. For some reason, though, this aspect has not been widely reported, or even mentioned.

This is an article from: TorrentFreak

Proposed Treaty Turns Internet Into a Virtual Police State

torrentlog.com - Full movie downloads (dvdrips and divx)

Proposed Treaty Turns Internet Into a Virtual Police State torrent downloads.

Dear friends and supporters,

The Shareaza Development Team would like to extend our thanks to all of you for your contributions towards our Legal Defense Fund. As you will remember, our project’s identity was appropriated late last year by the recording industry funded Discordia Ltd. shell company and handed over to the recording industry “approved” iMesh for commercial exploitation.

To that end, we are today announcing that we have legal representation and will be contesting the trademark application on our name and identity taken out by Discordia Ltd. After that, we’ll be looking to get our old domain back from the people who threatened, bullied and intimidated the team member holding it on the project’s behalf and who are now using as the gateway to their deceptive business model.

We would like to take this opportunity to thank the Software Freedom Law Centre, the EFF and Richard Stallman for their help and assistance in this unfortunate matter and also for their recognition of this new threat being faced by free software projects the world over.

If you’d like to help us in our fight to regain control of our identity, we welcome all donations to our Legal Defense Fund. You can use our ChipIn account here to donate safely.

So will this all be long, drawn out and very boring? Quite possibly. Are we going to sit back, lick our wounds and wait for the lawyers to sort it all out?

Heck no!

In fact, The Shareaza Development team is also announcing today that we’ve started work on Shareaza 3.0. Put simply, we’re not going to let the identity thieves slow us down at all.

Shareaza 3.0 will be a significant milestone in Shareaza’s long history. For a start we’re switching to the brand new QT 4.4 application development framework. This will allow us a lot more flexibility for a redesign of Shareaza’s network core, making the current Gnutella, Gnutella2 and ED2K networks more modular. We’re also getting rid of the deprecated MFC code to make 3.0 more plug-in friendly and many of the existing features our users know and love will also be re-built with portability in mind.

The even bigger news is that we’re scrapping our current implementation of BitTorrent and will be using the libtorrent libraries as our base for torrent support in the 3.0 release. Shareaza’s BitTorrent implementation is long overdue for a revamp and while many of it’s features were revolutionary at the time (Shareaza was the first client to experiment with decentralized torrents for example) the development team realizes that its time to bring BT support into line with the modern torrent scene.

Developers with some spare time and a desire to get their hands dirty playing with the new QT 4.4 on an existing code base are welcome to stop by our developers IRC channel [link] for a chat.

Once again, we send our thanks all the Shareaza users and supporters out there and invite Discordia, iMesh and the recording industry monopoly to drop the trademark application and return our domain name before you embarrass yourselves any further. We’re fighting back!

Inquiries can be made via our forums here

Kind regards,

Shareaza Community

This is an article from: TorrentFreak

Shareaza Stands Up To Scammers: “We’re fighting back!”

torrentlog.com - Full movie downloads (dvdrips and divx)

Shareaza Stands Up To Scammers: “We’re fighting back!” torrent downloads.

The popular TBDev code on which thousands of private BitTorrent trackers are built, is said to be vulnerable to a major exploit. A successful attack could allow a malicious attacker to deface the main tracker page (index.php) and hijack the account of anyone who logs into the application. Worryingly it’s even possible to hijack an administrator’s account by using a social engineering attack to get them to click on specially crafted hyperlink, although most admins won’t be tricked by this method.

According to Michael Brooks, a security researcher who brought this issue to our attention, this particular TBDev exploit is down to the fact the developers didn’t protect the administrative interface from Cross Site Scripting attacks (XSS).

The attack uses CSRF in a chain with other flaws to obtain synergy - Michael calls this CSRF Bouncing.

“Unfortunately this Cross Site Scripting attack is accessible by an attacker using a Cross Site Request Forgery” Michael told TorrentFreak. “The Cross Site Scripting flaw is particularly valuable. The XSS payload is stored in the main index.php for the application. This means that an attacker can expose every visitor to their payload.”

Michael goes on: “The CSRF flaw is POST based so it does require the administrator to execute javascript. Finding the administrator account isn’t difficult if you have a user account on the system. Like with just about every SQL powered application the administrator is the first user account created. From this profile you will be able to send a personal message and you may even be able to obtain the admin’s email address.”

Worryingly, even if the attacker doesn’t have a user account, it’s possible to get one using an XSS flaw.

Michael explained how a malicious attacker increases his chances of a success with the exploit, by combining it with a little social engineering.

“In this case I am using the reflective XSS flaw to make it appear as though the administrator is viewing his own web application. The social engineering attack could look something like this: ‘I think there is a bug in your site. Can you check this link, it just does not look right http://localhost/redir.php?url=’ . This now means the flaw is no longer a “Cross Site” Request Forgery, because the request is being sent from the same website.”

After a successful attack it’s possible to deface the site and “hijack every user’s authentication token indefinitely”.

So what can be done to avoid this exploit? Michael told TorrentFreak:

“The most important thing to keep in mind is do not click on links that look like this. The link can be easily modified to be shorter, but the important part is avoiding links to TBDev’s /redir.php.”

“However this isn’t the only way that the flaw can be exploited. If you visit a website that the hacker controls then he can also trigger the attack. If you think you might have clicked on a bad link, change your password immediately.”

So what should an admin do if they already fell victim to the exploit?

“To remove the persistent XSS payload the administrator might have to login to the SQL server manually and delete the offending entry in the “news” table (since they won’t be able to use the web application to delete the news posting) using DELETE FROM news WHERE body LIKE ‘%fromCharCode%’.

The difficult part is that every user will have to change their password. In PHP I suggest defending against XSS using htmlspecialchars($var,ENT_QUOTES); . There are cases where XSS can still be possible without ENT_QUOTES. To defend against CSRF i suggest using PHP CSRF Guard.”

An administrator on a TBDev tracker we spoke with suggested a very quick fix off the top of his head:

in news.php change

$body = $_POST[”body”];

to

$body = htmlspecialchars($_POST[”body”],ENT_QUOTES);

We put this to Michael who told us: “The fix isn’t bad however the same fix also needs to be applied to $_GET[”url”] in redir.php or the administrator account as well as others are subjected to hijack. There are other security problems with this application, but the XSS is the most serious as it leads to immediate attack.”

Earlier today TorrentFreak contacted a number of admins with details of the exploit. Michael tells us he has notified the relevant people of the flaw but it may take a few days until an official patch is made available.

The full details of the exploit are available here.

This is an article from: TorrentFreak

Private BitTorrent Trackers Under Threat From Major Exploit

torrentlog.com - Full movie downloads (dvdrips and divx)

Private BitTorrent Trackers Under Threat From Major Exploit torrent downloads.

Net neutrality really is the hot topic at the moment. Ignited by the Comcast fiasco, the concept of net neutrality has certainly been brought into the mainstream. Most ISPs are never quite forthcoming about their throttling, capping and otherwise interfering behavior, but that crowd certainly doesn’t include the CEO of Virgin Media, the UK’s second largest ISP.

In an interview with the Royal Television Society’s Television magazine, far from covering up their intentions, Virgin Media’s new incoming CEO Neil Berkett - who joined the Virgin Media Board just a few days ago - has launched an attack on the ideas and principles behind net neutrality.

“This net neutrality thing is a load of bollocks,” he said, adding that Virgin is already in the process of doing deals to speed up the traffic of certain media providers.

With around 3.5 million customers in the UK, and already traffic shaping due to lack of capacity, it’s a sobering thought that at the behest of “content providers” with deep pockets, Virgin is prepared to speed up their traffic, which would presumably have a negative impact on those at the bottom of the ISP’s priority list, namely bandwidth hungry file-sharers.

Berkett then turned on the BBC and their iPlayer service, telling them - and other public broadcasters like them - that if they don’t pay a premium to gain faster access to Virgin Media’s customers, their service would be put into “bus lanes”.

It just shows that some ISPs are happy to throttle just about anyone in the name of profit, it’s just that most aren’t as open about it as Mr Berkett.

via DigitalSpy

This is an article from: TorrentFreak

Virgin Media CEO Says Net Neutrality is “A Load of Bollocks”

torrentlog.com - Full movie downloads (dvdrips and divx)

Virgin Media CEO Says Net Neutrality is “A Load of Bollocks” torrent downloads.