Slashdot Mirror
Cryptome in Hot Water Again
garg0yle writes to tell us that Cryptome appears to have stepped in it again with a recent leaked document concerning Microsoft's "Global Criminal Compliance Handbook." "Microsoft has demanded that Cryptome take down the guide — on the grounds that it constitutes a 'copyrighted [work] published by Microsoft.' Yesterday, at 5pm, Cryptome editor John Young received a notice from his site’s host, Network Solutions, bearing a stiff ultimatum: citing the Digital Millennium Copyright Act (DMCA), Network Solutions told him that unless he takes the 'copyrighted material' down, they will 'disable [his] website' on Thursday, February 25, 2010. So far, Young refuses to budge." In a gesture of goodwill, Wikileaks has offered to host Cryptome via their twitter feed.
Looks like DNS has already gone...
Looks like it's been taken offline already.
Oh well.
For Wikileaks to offer to host Cryptome - especially with thei recent troubles.
Really, what we need here is a torrent feed with all the latest stuff.
I call it 'The Aristocrats'
MD5? Magnet link? Not that I would seek it out or anything.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
Wikileaks may not be mirroring Cryptome.org in its entirety yet, but they are hosting the "offending" material. Download and redistribute!
http://cryptomeorg.siteprotect.net/
$25 will get you 2 DVDs with 54,000+ articles, spanning June 1996 to February 2010, mailed anywhere in the world.
Learning HOW to think is more important than learning WHAT to think.
A mirror of the site is now up, with partial content available and the rest being transferred.
I wonder what this says about the degree of power different entities have when they choose to resist DMCA requests. Would Google's upstream provider(s) ever dare to take Google offline should Google decide not to comply with a particular DMCA request like Cryptome's provider has done? I suspect not. There must be an advantage to being a big player on the Internet, and a clear disadvantage under the DMCA to being as small as Cryptome. It's easier to be bullied when you're Cryptome, which somehow makes the DMCA seem even worse than I once thought it was.
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
Whatever is in that document, thank you Microsoft for 100% confirming it is what you said. Now, http has heads. You *can* cut them off. Where there is a disconnect between morality and law however is called corruption and that needs to be measured in each case: anyone care to measure here? So, you can cut off all the http heads. What good will that do you? You think Cryptome doesn't have contacts? Doesn't have people who are in the know and know what they are looking for? Microsoft just gave them some free advertising that they have it. Everyone who wants it already does have it by now. And in a shortish while after some corrupt wrangling the http head will come back up and start serving again until the next grand advertisement occurs. But always, occuring in parallel to all this are the things without heads: it will take a great deal more corruption in law to silence those.
Shh.
n/t
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Anyone else a little wary of Network Solutions acting as a judge, jury, and executioner?
Is this their role? Should this be their role?
What information do they release regarding their processes and decisions?
Do you trust a corporate entity with such a track record of being difficult to deal with, to interpret the law?
That's nice of them, but honestly I'd like it if they started hosting their own site again, too.
Wikileaks has offered to host Cryptome via their twitter feed.
This Twitter stuff is getting out of control. First it starts as 140 character messages, now they're hosting entire websites with it.
... and then they built the supercollider.
Wikileaks has offered to host Cryptome via their twitter feed.
Hosting 140 characters at a time?
Having just skimmed the doc, I don't see why anyone would care. The information available to law enforcement is actually less than I had expected.
Well, if you know about the DMCA, then you know that your hosting provider is going to be interpreting the law (roughly, they are going to be complying with DMCA takedown notices).
So it isn't a wild idea to presume that someone paying Network Solutions trusts them to interpret the law.
Nerd rage is the funniest rage.
I just want to make sure I fully understand the situation. This is something written by MS and being hosted in its entirety by someone else without permission, right? So their claim is legally correct and everything, isn't it? I'm not saying I like Microsoft but I just want to be clear on the details which seem to imply that whether or not this is a *nice* thing to do it at least fits the standards for a DMCA notice. Please correct me if I've misunderstood.
That appears to be nearly dead for lack of funding? Generosity is good, but probably not on one's deathbed.
For every problem, there is at least one solution that is simple, neat, and wrong.
Hmm, anyone got a cached IP address for cryptome?
It appears that www.wikileaks.org and wikileaks.org are down (connection reset by peer), tried from multiple locations.
Document is a 22 page pdf, about 1.7 MB, size is partly due to a few semi-useful diagrams from some PHB's powerpoint presentation. It's not anything super technical.
sha1 checksum is 15d4c4c7ea3aa93e128bb5756deb72f4e22926f3.
A quick glance didn't reveal anything terribly surprising in the document. It discusses things like how long they retain stuff like user IP addresses for hotmail (answer: 60 days). Also there is a special phone number for emergency requests like those dealing with murder threats. Regular old subpoenas are supposed to go through a non-emergency process.
Except for a few things like internal Microsoft phone numbers, I didn't see anything in the document that had much reason to be confidential. Stuff like the 60 day retention policy really belong in the published privacy statement (I don't know if it's already there).
I'm confused...I thought the way the DMCA safe harbor provisions work is that in order to be immune, the provider must take down the content when a DMCA notice is received, but if the customer files a counter-notice then they can put it back up and they're off the hook (at least until they get a court order). So why are they taking it down in this case?
"You call it a new way of thinking; I call it regression to ignorance!" -- Operation Ivy
if he didn't counter-notice, then network solutions did exactly what they had to do under the DMCA
Snowden and Manning are heroes.
Its appalling, and an abuse of the DCMA takedown notices in every aspect. The takedown procedures are in place to provide a legal safe harbor for the company hosting the content.. The takedown notice is to allow the contested content to be removed to minimize any damage. The takedown period in which the the content is removed it allow time for the copyright to get to court to get a temporary restraining order to keep the content offline. The Counter-Notice allows the person who put up the content to get it back online if they believe they are in the right.
Network Solutions is NOT the hosting company. It's merely a DNS registrar. NetSol has no legal liability what soever. They went WAY beyond what is legally required. The DCMA required only the contested content be removed in any case. Network Solutions removing access to entire web site is very troubling. And it may even have opened them up to a lawsuit themselves.
The work is in fact a copyrighted work by Microsoft. Cryptome was in fact in violation Microsoft's copyright.
Having read the document, I don't see anything in there that is important. Basically, Microsoft will turn over various kinds of data to law enforcement when legally compelled to, and they only turn over what they are required to. In other words, nothing we didn't already know or suspect. It's not like there is some kind of secret whistleblower information in there.
I suspect that the main reason Microsoft cares about its release is that it includes contact information for law enforcement to contact Microsoft, including telephone numbers, which invites harassment. Cryptome should have redacted that before publishing.
[quote}
2007-2008© Copyright Microsoft Corporation. All rights reserved. Microsoft, MSN,
Hotmail, Xbox and Xbox 360 are trademarks of the Microsoft group of companies. No
part of this handout may be reproduced or transmitted in any form or by any means,
electronic or mechanical, without the written permission of Microsoft Corporation.
[/quote]
arstechnica.com had a story the other day about how the NFL and MLB may be running afoul of these kind of statements.
Of course being hosted in the United States is one problem if you want to be an indiscriminate whistle-blower, but an even more serious problem is picking a registrar hosted in the United States. Not only are you and your server host accountable to the DMCA, but so is the company that has the permanent on-off switch to your site's name. When I registered domain names that I thought might ever contain the slightest bit of content that could get me in hot water via the DMCA, I made sure to register my domain names through a registrar which hosts much more notable sites with content in contravention of DMCA. So, I ran a whois on the most notable site I could think of which completely disrespects copyrights (ThePirateBay), and registered my domain names at Key-Systems, http://dd24.net/ being their consumer-facing site. They might be a bit more of an expense (being that I incur a foreign transaction fee with every registration/renewal), but I think the peace of mind in knowing you won't be losing your domain name due to copyright disputes is very worth it.
Because we shouldn't be dicks and slashdot wikileaks. How about a free CDN alternative folks? :)
http://file.wikileaks.org.nyud.net/files/microsoft-spy.pdf
No wonder we're so slow to advance as humans, let alone move off this rock. We're stuck with monopolies squabbling over crumbs.
Take your so-called interoperability, Microsoft, and shove it.
4chan is hosted by NS, and that nobody seems to give a shit about all the copyrighted content that flies through there.
I guess the post purging probably puts a stop to most people caring. Huzzahs for (most) imageboard software(s) saving the day again.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
for a situation like this it's more complicated, and copyright does not always legally trump the first amendment protection given to news reporting.
As another famous example, see the tobacco industry documents that showed how the industry lied to congress in claiming it didn't know its products caused cancer. Those got leaked and published, the industry sued the guy who published them, they lost, and the documents are still online.
Isn't legal lock supposed to be used in cases where the domain name itself is at issue? By refusing to allow the name to be transferred, they are actually censoring the content.
I would be interested to learn if this is an appropriate use of legal lock and if NetSol is entitled to do this. If not, what recourse could be taken?
I just read the document and it's really kinda reassuring. They lay out exactly what they require in order to disclose exactly what information, and they don't say anything without a subpoena (gets you name/address/email older than 180 days). Anything more interesting than that requires a court order (for address book/friend list/email to-from) or a search warrant (new email).
Plus, they detail exactly what they do and don't keep - for example, they don't have messenger logs.
Frankly, I thought they had more info than that. They really keep very little info aside from what they need to actually deliver the service.
YMMV due to the Patriot act, etc - but I don't see why MSFT would lie in a confidential document
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
Agreed. I am just surprised there's anyone left doing business with Notwork Solutions. You get what you pay for.
Let it be another continuing lesson to avoid using them for anything.
If you read the article, you would know that they did file a counter-notice.
Network Solutions not only took their site down, but locked the domain to prevent it from coming up somewhere else. This is an extremely aggressive move and one I suspect violates their own terms and conditions and may be actionable under the law.
Global Criminal Compliance Handbook?
It helps global criminals comply with all those pesky, but obviously important, inter-syndicate deals, capiche?
Say hello to my little sig.
DMCA notice/counternotice rules are clearly about hosts. It's not about directories, names, pointers, etc.
DNS registrars should be able to safely ignore DMCA notices. If they voluntarily cut off service when there's no compulsion to do so, then they're not serious businesses nor legitimate entities in the internet community.
Personally, I can't imagine why anyone would want to do business with Network Solutions due to slimey "customer service" issues, but this even goes deeper than that. C'mon, folks, quit using bogus registrars.
I use and recommend gandi.net due to their track record of just plain not fucking around with their customers. Over the years Gandi has earned their reputation. My only reservation about Gandi is that I haven't kept up-to-date on all the consequences of their being under French jurisdiction, but my tea leaves tell me that I pretty much want to use someone in the EU (with the obvious exception of the United Kingdom).
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Yes, it's bad that MS is abusing copyright as a secrecy tool, and certainly bad that they're hiding information that should be public, but the subtext supporting all of this is worst of all:
The subtext that cooperation with law enforcement has become something to be ashamed of.
A gentle reminder to please donate to keep WikiLeaks going, the site is still not fully operational.
http://thepiratebay.org/torrent/5391023/microsoft-spy.pdf
If anything cryptome can now hit up US.Gov with numerous FOIAs for any documents relating to this document or relationship of law to Microsoft and get it again. If it is copyrighted, yet given to the US government it should be able to be opened up this way. I wonder how it will come back redacted or not. There may be precident with some national legislation that is copyrighted and transparency in US government.
...interprets censorship as damage and finds a way to route around it.
Microsoft can't win this one, and Cryptome can't lose this one.
Should the DMCA takedown notice be added to Godwin's law?
Microsoft is able to narc on you better if you are a Premium customer, so the more you pay them the more they compromise your privacy!
I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
True, but the GP's fundamental point is still valid:
[Emphasis mine]
They've actually made the domain unavailable, which is more troubling, because it means that email and other services will fail, too. Regardless, NetSol is out of line.
Crumb's Corollary: Never bring a knife to a bun fight.
Network Solutions was cryptome's web host?! Hm.. then I guess they were on the hook after all.
Even so, I gotta take a cheap parting shot: they're still slime, so using them for hosting is just as bad an idea as using them as a registrar.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
That is true, but it doesn't necessarily mean that the website is also hosted at NetSol. There are plenty of people who (are stupid enough to) use NetSol as a domain registrar, paying their ridiculous fees and then host the site on another provider.
"A plan fiendishly clever in its intricacies"- Homer Simpson
I wish we could moderate something to remove a recent post....
Ignore parent. It's incorrect. Read this informative post instead, then mod it up.
Crumb's Corollary: Never bring a knife to a bun fight.
I look forward to reading it. Online, of course!
I would NEVER think of violating MS' copyright.
That would be wrong.
Guaranteed! This comment 100% Anthrax free!
So all that stuff earlier this week where everyone was cheering because the GPL is legally enforceable was just a cover, right? I mean, every single post in this thread is endorsing breaking copyright law. But every single posts in those threads were endorsing protecting copyright law.
Weird!!!!!
Tell you what slashdot. Whenever you have an article where you endorse breaking copyright law, I'm going to go ahead and break copyright law. By taking GPL code and using it in my closed source programs.
Deal?
You need to read before commenting.
Cryptome was asked to take down the content, they refused, and issued a counter claim.
The provider did as the DMCA tells them to do. Take down the site for 10 days. If the
offended party hasn't started the ligation process, the site will be back up within a maximum
of 14 days after it was taken down.
Just read the offending doc. Seems pretty innocuous to me. MS would be required to provide all of this info by law. This just explains the data so MS doesn't have to hold the detectives hand every time they receive a subpoena from law enforcement. If your concern is that DMCA is being used to suppress information rather than prevent distribution of copyrighted material, just restate the information in your own words. Problem solved.
... to host DNS where their website is hosted. I host my domains on godaddy, and my sites are elsewhere. If for some reason any of my sites were ever taken down. They could be brought up within hours elsewhere.
Basically it summarizes what data Microsoft collects from its users - a list of IP addresses you've accessed their services from & when, plus any particulars you've provided them, such as name, date of birth, etc.
Also anything you've uploaded to their servers may be fair game in the event of a subpoena.
Nothing surprising if you've got much sense, really.
Hail Eris, full of mischief...
E pluribus sanguinem
netsol is in the business to suck nut sakz thats is all.
All taking down cryptome for a few days does it make a hell of a lot more people interested in the Microsoft "spy" document which I must say is rather dry and unimpressive on its own merit.
By sending DMCA notice MS:
1. Gets orders of magnitude more people interested in their stupid little document and thus more people will ultimate download and read it.
2. Attract more people to dislike or further dislike MS for taking down cryptome of all sites.
3. Attract more people to dislike MS for abusing crappy lobbyist inspired legislation to prevent people from knowing information that they should have a right to know anyway WRT data retention and LEA procedures.
MS wins nothing and makes no money by doing this. They only hurt themselves.
Did this make it up to the chain to their General Counsel? I'd think this would be noteworthy enough to make for at least a few minutes with Brad Smith before they go strong-arming Cryptome.
That it comes from their outsourced piracy protection people smells like they did not.
I mean are they really wanting to make precedent out of it? You would think Microsoft would presume that Cryptome and the EFF, etc., would fight the DMCA being used in this way.
I have to conclude that the contractor acted above their pay grade on this one...
Anyone seen my low uid? last seen 10 years ago while panning the #@$# out of Taco's 'web based discussion system'
http://fredri.cc/ms-spying.pdf
I think the number of people who use Microsoft's online services is less than the number of people who use Google's online services. We should be more concerned about Google's tie-ups with Feds and NSA.
The largest prime factor of my UID is 263267.
I clicked your link to wired.com and they really do have the PDF there. I apologize for momentarily doubting you, sir.
It's pretty safe to assume that there are some pieces of paper floating around, National Secuirty Letters for example, but if I told you that ... oh wait ...
Just read the MS document, and concur with other comments here. Knowing the document's contents actually RAISES my level of trust, since it lays out precisely the conditions under which private information will be revealed (basically: go through the court system), and what information is available.
All companies who deliver cloud-based services should reveal this information to their customers. There is absolutely no reason to keep it secret. Microsoft, Google, Yahoo: man up, and make it official.
Seeing how Network Solutions is utterly mis-handling this situation is destroying my trust in them by the bucket-load. I am seriously considering moving my domains off of them. I certainly wouldn't want to be strong-armed just because I made some big company like MS mad!
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday
http://www.wired.com/threatlevel/2010/02/microsoft-cryptome/
i think we can do that much
I assumed that Cryptome wasn't hosted at Network Solutions (ugh!). But I still stand by my post. All NetSol has to do was to block access to that one files. They didn't have to remove the entire web site. I guess that speaks to the competence of Network Solutions web hosting.
If NetSol received a takedown for a site that they do not host, they should ignore it, not lock the domain. Unfortunately I'm having trouble figuring out definitively where Cryptome is hosted since the traceroute ends somewhere in Savvis's backbone, but the IP address is in a block assigned to NetSol.