Slashdot Mirror
Cryptome in Hot Water Again
garg0yle writes to tell us that Cryptome appears to have stepped in it again with a recent leaked document concerning Microsoft's "Global Criminal Compliance Handbook." "Microsoft has demanded that Cryptome take down the guide — on the grounds that it constitutes a 'copyrighted [work] published by Microsoft.' Yesterday, at 5pm, Cryptome editor John Young received a notice from his site’s host, Network Solutions, bearing a stiff ultimatum: citing the Digital Millennium Copyright Act (DMCA), Network Solutions told him that unless he takes the 'copyrighted material' down, they will 'disable [his] website' on Thursday, February 25, 2010. So far, Young refuses to budge." In a gesture of goodwill, Wikileaks has offered to host Cryptome via their twitter feed.
Looks like DNS has already gone...
For Wikileaks to offer to host Cryptome - especially with thei recent troubles.
Really, what we need here is a torrent feed with all the latest stuff.
I call it 'The Aristocrats'
MD5? Magnet link? Not that I would seek it out or anything.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
Wikileaks may not be mirroring Cryptome.org in its entirety yet, but they are hosting the "offending" material. Download and redistribute!
http://cryptomeorg.siteprotect.net/
$25 will get you 2 DVDs with 54,000+ articles, spanning June 1996 to February 2010, mailed anywhere in the world.
Learning HOW to think is more important than learning WHAT to think.
Yeah Network Solutions took them down after Young's counter-response. Wikileaks is hosting it now.
Basically the issue is that Microsoft has a handguide to do some pretty questionable stuff (IP Extraction is mentioned). They can keep it protected from being publicly viewable by putting a copyright on it. Young says that Copyright was not meant for hiding secrets. I agree.
A mirror of the site is now up, with partial content available and the rest being transferred.
I wonder what this says about the degree of power different entities have when they choose to resist DMCA requests. Would Google's upstream provider(s) ever dare to take Google offline should Google decide not to comply with a particular DMCA request like Cryptome's provider has done? I suspect not. There must be an advantage to being a big player on the Internet, and a clear disadvantage under the DMCA to being as small as Cryptome. It's easier to be bullied when you're Cryptome, which somehow makes the DMCA seem even worse than I once thought it was.
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
Whatever is in that document, thank you Microsoft for 100% confirming it is what you said. Now, http has heads. You *can* cut them off. Where there is a disconnect between morality and law however is called corruption and that needs to be measured in each case: anyone care to measure here? So, you can cut off all the http heads. What good will that do you? You think Cryptome doesn't have contacts? Doesn't have people who are in the know and know what they are looking for? Microsoft just gave them some free advertising that they have it. Everyone who wants it already does have it by now. And in a shortish while after some corrupt wrangling the http head will come back up and start serving again until the next grand advertisement occurs. But always, occuring in parallel to all this are the things without heads: it will take a great deal more corruption in law to silence those.
Shh.
Anyone else a little wary of Network Solutions acting as a judge, jury, and executioner?
Is this their role? Should this be their role?
What information do they release regarding their processes and decisions?
Do you trust a corporate entity with such a track record of being difficult to deal with, to interpret the law?
That's nice of them, but honestly I'd like it if they started hosting their own site again, too.
Wikileaks has offered to host Cryptome via their twitter feed.
This Twitter stuff is getting out of control. First it starts as 140 character messages, now they're hosting entire websites with it.
... and then they built the supercollider.
Wikileaks has offered to host Cryptome via their twitter feed.
Hosting 140 characters at a time?
Having just skimmed the doc, I don't see why anyone would care. The information available to law enforcement is actually less than I had expected.
I just want to make sure I fully understand the situation. This is something written by MS and being hosted in its entirety by someone else without permission, right? So their claim is legally correct and everything, isn't it? I'm not saying I like Microsoft but I just want to be clear on the details which seem to imply that whether or not this is a *nice* thing to do it at least fits the standards for a DMCA notice. Please correct me if I've misunderstood.
That appears to be nearly dead for lack of funding? Generosity is good, but probably not on one's deathbed.
For every problem, there is at least one solution that is simple, neat, and wrong.
Document is a 22 page pdf, about 1.7 MB, size is partly due to a few semi-useful diagrams from some PHB's powerpoint presentation. It's not anything super technical.
sha1 checksum is 15d4c4c7ea3aa93e128bb5756deb72f4e22926f3.
A quick glance didn't reveal anything terribly surprising in the document. It discusses things like how long they retain stuff like user IP addresses for hotmail (answer: 60 days). Also there is a special phone number for emergency requests like those dealing with murder threats. Regular old subpoenas are supposed to go through a non-emergency process.
Except for a few things like internal Microsoft phone numbers, I didn't see anything in the document that had much reason to be confidential. Stuff like the 60 day retention policy really belong in the published privacy statement (I don't know if it's already there).
Ahhh, the Internet at it's very finest. Social consciousness outing the bad guys. On the other hand, might just be someone who doesn't like MS. Either way, it's misuse of copyright AND this points out the real value of the DMCA, which of course is not to protect the people in any way shape or form. At least, that's how I see it.
Support NYCountryLawyer RIAA vs People
I'm confused...I thought the way the DMCA safe harbor provisions work is that in order to be immune, the provider must take down the content when a DMCA notice is received, but if the customer files a counter-notice then they can put it back up and they're off the hook (at least until they get a court order). So why are they taking it down in this case?
"You call it a new way of thinking; I call it regression to ignorance!" -- Operation Ivy
Its appalling, and an abuse of the DCMA takedown notices in every aspect. The takedown procedures are in place to provide a legal safe harbor for the company hosting the content.. The takedown notice is to allow the contested content to be removed to minimize any damage. The takedown period in which the the content is removed it allow time for the copyright to get to court to get a temporary restraining order to keep the content offline. The Counter-Notice allows the person who put up the content to get it back online if they believe they are in the right.
Network Solutions is NOT the hosting company. It's merely a DNS registrar. NetSol has no legal liability what soever. They went WAY beyond what is legally required. The DCMA required only the contested content be removed in any case. Network Solutions removing access to entire web site is very troubling. And it may even have opened them up to a lawsuit themselves.
Not meant for hiding secrets, but definitely meant for preventing illegally made copies of a work. This is exactly what copyright is for, whether you like Microsoft or not.
"Give a man fire, and he'll be warm for a day; set a man on fire, and he'll be warm for the rest of his life
Keep in mind that this probably was a legal copy of the work. As has been mentioned elsewhere, Microsoft's work is newsworthy. There is a fair use for such things.
Of course being hosted in the United States is one problem if you want to be an indiscriminate whistle-blower, but an even more serious problem is picking a registrar hosted in the United States. Not only are you and your server host accountable to the DMCA, but so is the company that has the permanent on-off switch to your site's name. When I registered domain names that I thought might ever contain the slightest bit of content that could get me in hot water via the DMCA, I made sure to register my domain names through a registrar which hosts much more notable sites with content in contravention of DMCA. So, I ran a whois on the most notable site I could think of which completely disrespects copyrights (ThePirateBay), and registered my domain names at Key-Systems, http://dd24.net/ being their consumer-facing site. They might be a bit more of an expense (being that I incur a foreign transaction fee with every registration/renewal), but I think the peace of mind in knowing you won't be losing your domain name due to copyright disputes is very worth it.
Maybe you haven't looked at their site lately (I wouldn't blame you); NetSol has been providing hosting for years: http://www.networksolutions.com/web-hosting/index.jsp
I just read the document and it's really kinda reassuring. They lay out exactly what they require in order to disclose exactly what information, and they don't say anything without a subpoena (gets you name/address/email older than 180 days). Anything more interesting than that requires a court order (for address book/friend list/email to-from) or a search warrant (new email).
Plus, they detail exactly what they do and don't keep - for example, they don't have messenger logs.
Frankly, I thought they had more info than that. They really keep very little info aside from what they need to actually deliver the service.
YMMV due to the Patriot act, etc - but I don't see why MSFT would lie in a confidential document
I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
If you read the article, you would know that they did file a counter-notice.
Network Solutions not only took their site down, but locked the domain to prevent it from coming up somewhere else. This is an extremely aggressive move and one I suspect violates their own terms and conditions and may be actionable under the law.
I'm not aware of any fair use rulings that have ever allowed for the broad publication of a complete copyrighted work.
His justification appears to be that although Microsoft is required to comply with the law, they should publish exactly how they comply so that people are more capably of avoiding the governmental eavesdropping.
Basically he's arguing that while complying on the surface, Microsoft should be helping subvert the law at the same time, which would likely land Microsoft in some pretty serious legal trouble.
The public has a right to know what the law allows the government to do. It doesn't have a right to know the specific implementation.
Such back doors do often result in some security risks, however, believe it or not you don't have a right to do penetration testing on someone else's system, even if you use that system.
I wish we could moderate something to remove a recent post....
Ignore parent. It's incorrect. Read this informative post instead, then mod it up.
Crumb's Corollary: Never bring a knife to a bun fight.
So all that stuff earlier this week where everyone was cheering because the GPL is legally enforceable was just a cover, right? I mean, every single post in this thread is endorsing breaking copyright law. But every single posts in those threads were endorsing protecting copyright law.
Weird!!!!!
Tell you what slashdot. Whenever you have an article where you endorse breaking copyright law, I'm going to go ahead and break copyright law. By taking GPL code and using it in my closed source programs.
Deal?
How the hell does allowing copyright on a secret document help "To promote the progress of science and useful arts" ?
I think a more practical solution is to demand a written statement of "what is going in the products" you buy. Burying a back-door in an unknown place in the source code isn't a disclosure even if you are given the source.
"Promot[ing] the progress of science and the useful arts" was never meant to be a "sales pitch;" it was genuinely the intent of the law. In fact, James Madison only barely convinced Thomas Jefferson to write it into the Constitution in the first place, using the argument that too few creative works would be created otherwise (we know this from the letters they wrote to each other discussing the subject). I'm sure that if either of them knew how that clause would be interpreted today, they would never have even considered writing it.
In fact, had the Founding Fathers been alive today, they'd probably be part of the free culture movement themselves -- note how Ben Franklin chose not to patent any of his inventions, for example.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz