Slashdot Mirror
Cryptome in Hot Water Again
garg0yle writes to tell us that Cryptome appears to have stepped in it again with a recent leaked document concerning Microsoft's "Global Criminal Compliance Handbook." "Microsoft has demanded that Cryptome take down the guide — on the grounds that it constitutes a 'copyrighted [work] published by Microsoft.' Yesterday, at 5pm, Cryptome editor John Young received a notice from his site’s host, Network Solutions, bearing a stiff ultimatum: citing the Digital Millennium Copyright Act (DMCA), Network Solutions told him that unless he takes the 'copyrighted material' down, they will 'disable [his] website' on Thursday, February 25, 2010. So far, Young refuses to budge." In a gesture of goodwill, Wikileaks has offered to host Cryptome via their twitter feed.
Looks like DNS has already gone...
Looks like it's been taken offline already.
For Wikileaks to offer to host Cryptome - especially with thei recent troubles.
Really, what we need here is a torrent feed with all the latest stuff.
I call it 'The Aristocrats'
MD5? Magnet link? Not that I would seek it out or anything.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
Wikileaks may not be mirroring Cryptome.org in its entirety yet, but they are hosting the "offending" material. Download and redistribute!
http://cryptomeorg.siteprotect.net/
$25 will get you 2 DVDs with 54,000+ articles, spanning June 1996 to February 2010, mailed anywhere in the world.
Learning HOW to think is more important than learning WHAT to think.
A mirror of the site is now up, with partial content available and the rest being transferred.
I wonder what this says about the degree of power different entities have when they choose to resist DMCA requests. Would Google's upstream provider(s) ever dare to take Google offline should Google decide not to comply with a particular DMCA request like Cryptome's provider has done? I suspect not. There must be an advantage to being a big player on the Internet, and a clear disadvantage under the DMCA to being as small as Cryptome. It's easier to be bullied when you're Cryptome, which somehow makes the DMCA seem even worse than I once thought it was.
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
Whatever is in that document, thank you Microsoft for 100% confirming it is what you said. Now, http has heads. You *can* cut them off. Where there is a disconnect between morality and law however is called corruption and that needs to be measured in each case: anyone care to measure here? So, you can cut off all the http heads. What good will that do you? You think Cryptome doesn't have contacts? Doesn't have people who are in the know and know what they are looking for? Microsoft just gave them some free advertising that they have it. Everyone who wants it already does have it by now. And in a shortish while after some corrupt wrangling the http head will come back up and start serving again until the next grand advertisement occurs. But always, occuring in parallel to all this are the things without heads: it will take a great deal more corruption in law to silence those.
Shh.
n/t
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Anyone else a little wary of Network Solutions acting as a judge, jury, and executioner?
Is this their role? Should this be their role?
What information do they release regarding their processes and decisions?
Do you trust a corporate entity with such a track record of being difficult to deal with, to interpret the law?
That's nice of them, but honestly I'd like it if they started hosting their own site again, too.
Wikileaks has offered to host Cryptome via their twitter feed.
This Twitter stuff is getting out of control. First it starts as 140 character messages, now they're hosting entire websites with it.
... and then they built the supercollider.
Wikileaks has offered to host Cryptome via their twitter feed.
Hosting 140 characters at a time?
Having just skimmed the doc, I don't see why anyone would care. The information available to law enforcement is actually less than I had expected.
Well, if you know about the DMCA, then you know that your hosting provider is going to be interpreting the law (roughly, they are going to be complying with DMCA takedown notices).
So it isn't a wild idea to presume that someone paying Network Solutions trusts them to interpret the law.
Nerd rage is the funniest rage.
I just want to make sure I fully understand the situation. This is something written by MS and being hosted in its entirety by someone else without permission, right? So their claim is legally correct and everything, isn't it? I'm not saying I like Microsoft but I just want to be clear on the details which seem to imply that whether or not this is a *nice* thing to do it at least fits the standards for a DMCA notice. Please correct me if I've misunderstood.
That appears to be nearly dead for lack of funding? Generosity is good, but probably not on one's deathbed.
For every problem, there is at least one solution that is simple, neat, and wrong.
Document is a 22 page pdf, about 1.7 MB, size is partly due to a few semi-useful diagrams from some PHB's powerpoint presentation. It's not anything super technical.
sha1 checksum is 15d4c4c7ea3aa93e128bb5756deb72f4e22926f3.
A quick glance didn't reveal anything terribly surprising in the document. It discusses things like how long they retain stuff like user IP addresses for hotmail (answer: 60 days). Also there is a special phone number for emergency requests like those dealing with murder threats. Regular old subpoenas are supposed to go through a non-emergency process.
Except for a few things like internal Microsoft phone numbers, I didn't see anything in the document that had much reason to be confidential. Stuff like the 60 day retention policy really belong in the published privacy statement (I don't know if it's already there).
I'm confused...I thought the way the DMCA safe harbor provisions work is that in order to be immune, the provider must take down the content when a DMCA notice is received, but if the customer files a counter-notice then they can put it back up and they're off the hook (at least until they get a court order). So why are they taking it down in this case?
"You call it a new way of thinking; I call it regression to ignorance!" -- Operation Ivy
Its appalling, and an abuse of the DCMA takedown notices in every aspect. The takedown procedures are in place to provide a legal safe harbor for the company hosting the content.. The takedown notice is to allow the contested content to be removed to minimize any damage. The takedown period in which the the content is removed it allow time for the copyright to get to court to get a temporary restraining order to keep the content offline. The Counter-Notice allows the person who put up the content to get it back online if they believe they are in the right.
Network Solutions is NOT the hosting company. It's merely a DNS registrar. NetSol has no legal liability what soever. They went WAY beyond what is legally required. The DCMA required only the contested content be removed in any case. Network Solutions removing access to entire web site is very troubling. And it may even have opened them up to a lawsuit themselves.
Of course being hosted in the United States is one problem if you want to be an indiscriminate whistle-blower, but an even more serious problem is picking a registrar hosted in the United States. Not only are you and your server host accountable to the DMCA, but so is the company that has the permanent on-off switch to your site's name. When I registered domain names that I thought might ever contain the slightest bit of content that could get me in hot water via the DMCA, I made sure to register my domain names through a registrar which hosts much more notable sites with content in contravention of DMCA. So, I ran a whois on the most notable site I could think of which completely disrespects copyrights (ThePirateBay), and registered my domain names at Key-Systems, http://dd24.net/ being their consumer-facing site. They might be a bit more of an expense (being that I incur a foreign transaction fee with every registration/renewal), but I think the peace of mind in knowing you won't be losing your domain name due to copyright disputes is very worth it.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
Isn't legal lock supposed to be used in cases where the domain name itself is at issue? By refusing to allow the name to be transferred, they are actually censoring the content.
I would be interested to learn if this is an appropriate use of legal lock and if NetSol is entitled to do this. If not, what recourse could be taken?
I just read the document and it's really kinda reassuring. They lay out exactly what they require in order to disclose exactly what information, and they don't say anything without a subpoena (gets you name/address/email older than 180 days). Anything more interesting than that requires a court order (for address book/friend list/email to-from) or a search warrant (new email).
Plus, they detail exactly what they do and don't keep - for example, they don't have messenger logs.
Frankly, I thought they had more info than that. They really keep very little info aside from what they need to actually deliver the service.
YMMV due to the Patriot act, etc - but I don't see why MSFT would lie in a confidential document
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
I found it disturbing that they logged every packet on your Live account for the lifetime of the account (glad I don't use it); but the rest of it is pretty run-of-the-mill.
The wheel is turning, but the hamster is dead.
If you read the article, you would know that they did file a counter-notice.
Network Solutions not only took their site down, but locked the domain to prevent it from coming up somewhere else. This is an extremely aggressive move and one I suspect violates their own terms and conditions and may be actionable under the law.
DMCA notice/counternotice rules are clearly about hosts. It's not about directories, names, pointers, etc.
DNS registrars should be able to safely ignore DMCA notices. If they voluntarily cut off service when there's no compulsion to do so, then they're not serious businesses nor legitimate entities in the internet community.
Personally, I can't imagine why anyone would want to do business with Network Solutions due to slimey "customer service" issues, but this even goes deeper than that. C'mon, folks, quit using bogus registrars.
I use and recommend gandi.net due to their track record of just plain not fucking around with their customers. Over the years Gandi has earned their reputation. My only reservation about Gandi is that I haven't kept up-to-date on all the consequences of their being under French jurisdiction, but my tea leaves tell me that I pretty much want to use someone in the EU (with the obvious exception of the United Kingdom).
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Yes, it's bad that MS is abusing copyright as a secrecy tool, and certainly bad that they're hiding information that should be public, but the subtext supporting all of this is worst of all:
The subtext that cooperation with law enforcement has become something to be ashamed of.
http://thepiratebay.org/torrent/5391023/microsoft-spy.pdf
If anything cryptome can now hit up US.Gov with numerous FOIAs for any documents relating to this document or relationship of law to Microsoft and get it again. If it is copyrighted, yet given to the US government it should be able to be opened up this way. I wonder how it will come back redacted or not. There may be precident with some national legislation that is copyrighted and transparency in US government.
Microsoft is able to narc on you better if you are a Premium customer, so the more you pay them the more they compromise your privacy!
I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.
The no transmission part kinda seems silly... They should only be handing these things out in completely dark rooms where recipients have been patted down for low light vision assist equipment. Then they need to recollect the docs before any light is allowed in or doors are opened to allow people out.
Without these precautions there is a chance the copyrighted information on the page may come into contact with visible spectrum radiation, potentially violating the no transmission clause. Imagine if someone's occular nodes were oriented in such a way to receive visible spectrum radiation that had previously contacted the copyrighted material.
Either those rubes don't understand that words printed on a page don't transmit themselves or this is entrapment by Microsoft.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
True, but the GP's fundamental point is still valid:
[Emphasis mine]
They've actually made the domain unavailable, which is more troubling, because it means that email and other services will fail, too. Regardless, NetSol is out of line.
Crumb's Corollary: Never bring a knife to a bun fight.
Network Solutions was cryptome's web host?! Hm.. then I guess they were on the hook after all.
Even so, I gotta take a cheap parting shot: they're still slime, so using them for hosting is just as bad an idea as using them as a registrar.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
That is true, but it doesn't necessarily mean that the website is also hosted at NetSol. There are plenty of people who (are stupid enough to) use NetSol as a domain registrar, paying their ridiculous fees and then host the site on another provider.
"A plan fiendishly clever in its intricacies"- Homer Simpson
I wish we could moderate something to remove a recent post....
Ignore parent. It's incorrect. Read this informative post instead, then mod it up.
Crumb's Corollary: Never bring a knife to a bun fight.
I look forward to reading it. Online, of course!
I would NEVER think of violating MS' copyright.
That would be wrong.
Guaranteed! This comment 100% Anthrax free!
So all that stuff earlier this week where everyone was cheering because the GPL is legally enforceable was just a cover, right? I mean, every single post in this thread is endorsing breaking copyright law. But every single posts in those threads were endorsing protecting copyright law.
Weird!!!!!
Tell you what slashdot. Whenever you have an article where you endorse breaking copyright law, I'm going to go ahead and break copyright law. By taking GPL code and using it in my closed source programs.
Deal?
Just read the offending doc. Seems pretty innocuous to me. MS would be required to provide all of this info by law. This just explains the data so MS doesn't have to hold the detectives hand every time they receive a subpoena from law enforcement. If your concern is that DMCA is being used to suppress information rather than prevent distribution of copyrighted material, just restate the information in your own words. Problem solved.
... to host DNS where their website is hosted. I host my domains on godaddy, and my sites are elsewhere. If for some reason any of my sites were ever taken down. They could be brought up within hours elsewhere.
Basically it summarizes what data Microsoft collects from its users - a list of IP addresses you've accessed their services from & when, plus any particulars you've provided them, such as name, date of birth, etc.
Also anything you've uploaded to their servers may be fair game in the event of a subpoena.
Nothing surprising if you've got much sense, really.
Hail Eris, full of mischief...
E pluribus sanguinem
Did this make it up to the chain to their General Counsel? I'd think this would be noteworthy enough to make for at least a few minutes with Brad Smith before they go strong-arming Cryptome.
That it comes from their outsourced piracy protection people smells like they did not.
I mean are they really wanting to make precedent out of it? You would think Microsoft would presume that Cryptome and the EFF, etc., would fight the DMCA being used in this way.
I have to conclude that the contractor acted above their pay grade on this one...
Anyone seen my low uid? last seen 10 years ago while panning the #@$# out of Taco's 'web based discussion system'
I think the number of people who use Microsoft's online services is less than the number of people who use Google's online services. We should be more concerned about Google's tie-ups with Feds and NSA.
The largest prime factor of my UID is 263267.
Just read the MS document, and concur with other comments here. Knowing the document's contents actually RAISES my level of trust, since it lays out precisely the conditions under which private information will be revealed (basically: go through the court system), and what information is available.
All companies who deliver cloud-based services should reveal this information to their customers. There is absolutely no reason to keep it secret. Microsoft, Google, Yahoo: man up, and make it official.
Seeing how Network Solutions is utterly mis-handling this situation is destroying my trust in them by the bucket-load. I am seriously considering moving my domains off of them. I certainly wouldn't want to be strong-armed just because I made some big company like MS mad!
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday
I assumed that Cryptome wasn't hosted at Network Solutions (ugh!). But I still stand by my post. All NetSol has to do was to block access to that one files. They didn't have to remove the entire web site. I guess that speaks to the competence of Network Solutions web hosting.
If NetSol received a takedown for a site that they do not host, they should ignore it, not lock the domain. Unfortunately I'm having trouble figuring out definitively where Cryptome is hosted since the traceroute ends somewhere in Savvis's backbone, but the IP address is in a block assigned to NetSol.