Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cloud Firm MediaFire Flags Malware Samples For DMCA Violation, Bans Researcher

Posted by Soulskill on from the guess-we're-learning-this-lesson-the-hard-way dept.

chicksdaddy writes "A malicious software researcher finds herself in company with First Lady Michelle Obama and science fiction author Neil Gaiman: booted from the Web by hard-headed copyright protection algorithms, according to the Naked Security blog. Mila Parkour, a researcher who operates the Contagio malware blog, said on Thursday that she was kicked off the cloud based hosting service Mediafire, after three files she hosted there were flagged for copyright violations and ordered removed under the terms of the Digital Millennium Copyright Act (DMCA). The files included two compressed and encrypted malicious PDF files linked to Contagio blog posts from 2010. The firm responsible for filing the DMCA take down notice was Paris-based LeakID, which describes itself as a 'digital agency ...founded by experts from the world of radio, television and Internet.' LeakID markets 'Leaksearch,' an 'ownership tool that will alert you within seconds if your content...is being pirated.' According to Parkour, Mediafire received a notice from LeakID claiming that it was 'acting on behalf of the copyright owners,' though the owners and presumed copyrighted content weren't named."

19 of 125 comments (clear)

  1. Could be legit by 0racle · · Score: 5, Funny

    Malware authors are content creators too. Don't they deserve the recognition and profits for their hard work?

    --
    "I use a Mac because I'm just better than you are."
    1. Re:Could be legit by icebike · · Score: 3, Funny

      Malware authors are content creators too. Don't they deserve the recognition and profits for their hard work?

      I agree, lets get them to stand up and take a bow. I don't think it's reasonable to hold an anonymous copyright and let all that hard work go unrecognized.

      --
      Sig Battery depleted. Reverting to safe mode.
    2. Re:Could be legit by pixelpusher220 · · Score: 5, Insightful

      Since LeakID now claims ownership of this malware, can't we sue them for all damages it causes? After all, there likely wasn't a EULA with the 'malware'

      --
      People in cars cause accidents....accidents in cars cause people :-D
    3. Re:Could be legit by Hatta · · Score: 5, Insightful

      If the authors aren't named, it's not a valid DMCA complaint. The real problem here is service providers taking down material without a valid complaint.

      IIRC, the DMCA provides immunity for a service provider that takes down material persuant to a valid complaint. That implies that without a valid complaint, there would be a cause for action against the service provider. People need to start suing or there's no incentive for a service provider to obey the law.

      --
      Give me Classic Slashdot or give me death!
  2. In the absence of teeth... by icebike · · Score: 4, Interesting

    There is a reason these takedown companies are all moving off shore. This way they avoid the perjury penalty for filing false reports. Who has time to fly to Paris to file perjury claims against this company on their home turf, in a French Court.

    In the absence of any real penalty in the laws for filing false takedown notices, it seems to me that everyone should simply start filing takedown notices on every single thing they find on the net anywhere until the hosting companies realize that it is a total mess, and start demanding more than an automated statement, something like proof, a statement of the work it is supposed to actually violate, etc.

    Clearly if these files were compressed and encrypted, any hash or content match was random, and virtually any executable code or encrypted file might trigger a match with whatever engine these take-down artists were using.

    Perhaps there is a business opportunity to set up a company in East Timor or some such place that would automatically file a counter notices (putback), which then requires the takedown artists to file suit, or shut up. This puts the cost burden back on them, and at worst case, an improperly accused person has a ten day interruption of availability.

    As long as the hollywood darlings are in office I see no chance of this ever being corrected via legislation. The best bet is to get it to topple over of its own weight.

    --
    Sig Battery depleted. Reverting to safe mode.
    1. Re:In the absence of teeth... by Anonymous Coward · · Score: 5, Interesting

      This is happening to a friend of mine who is being stalked. An offshore firm has obtained access to her FB pictures, and filed takedown notices on every single one she has, even the ones from her phone. FB got tired of the DMCA notices (even though there was -zero- copyright liability anywhere) and suspended her account.

      I guess the answer is to hold your photo collection offshore and just link to the contents, or have one link to blog, etc.

    2. Re:In the absence of teeth... by Khyber · · Score: 5, Insightful

      Why isn't this little story of yours made public? This would be a perfect opportunity to blackeye FB and the DMCA.

      --
      Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
    3. Re:In the absence of teeth... by girlintraining · · Score: 5, Interesting

      There is a reason these takedown companies are all moving off shore. This way they avoid the perjury penalty for filing false reports. Who has time to fly to Paris to file perjury claims against this company on their home turf, in a French Court.

      All easily solved by simply saying that the forum chosen by the plaintiff is inconvenient. It's a simple motion to file in most jurisdictions -- if I live in Texas, and I sue you in New York, you can request the venue (that is, where the court is located, not which laws apply) be changed to New York, as you are the defendant and the burden is on the Plaintiff to prove damages, etc. It's all under the 'innocent until proven guilty' -- and not granting such a motion would prejudice the defense.

      Unfortunately, such just and fair legal concepts have been thrown out... and nobody gives a damn. People are busy protesting crap like mortgage defaults, while the judiciary falls apart to the sound of silence.

      --
      #fuckbeta #iamslashdot #dicemustdie
    4. Re:In the absence of teeth... by Hatta · · Score: 3, Insightful

      There is a reason these takedown companies are all moving off shore. This way they avoid the perjury penalty for filing false reports. Who has time to fly to Paris to file perjury claims against this company on their home turf, in a French Court.

      The perjury claim is effectively impotent anyway. The ONLY thing you have to attest to under penalty of perjury is that you represent a(not the) rights holder who's work is allegedly infringed. That's any rights holder and any work. If you represent Prince, you can have any file removed from the internet by claiming that it is a copy of Purple Rain, even if you do not have a good faith belief that it is, and you cannot be touched by a perjury charge.

      --
      Give me Classic Slashdot or give me death!
  3. Simple solution: by pushing-robot · · Score: 5, Insightful

    Charge these organizations a nuisance fee for false positives. Problem solved.

    --
    How can I believe you when you tell me what I don't want to hear?
    1. Re:Simple solution: by jkflying · · Score: 5, Interesting

      As AC alluded to, they can only be charged with perjury if they don't have rights to the work they claim is being infringed. If your work is nothing to do with the work they claim is infringed, you have no recourse. So to troll the system all you have to do is have a random copyright on something, and claim everything you see infringes on it.

      --
      Help I am stuck in a signature factory!
  4. Hold them to the fire by Rurik · · Score: 5, Interesting

    LeakID (and/or their client) just claimed copyright over malware. Not just any malware, but targeted malware against a corporation for the intent of theft of intellectual property and unauthorized access of computer systems.

    IANAL, but LeakID should then be held liable and responsible for their "copyrighted works".

    1. Re:Hold them to the fire by oobayly · · Score: 3, Insightful

      Exactly, it might be a good idea to report LeakID to the FBI as they've publicised that they (or their client) own said malware.

    2. Re:Hold them to the fire by GIL_Dude · · Score: 3, Insightful

      Maybe they just claimed copyright on the original PDF and are holding the malware infested version as merely an infringing derivative work?

  5. Paris? by toriver · · Score: 3, Interesting

    I hope that is Paris, Texas, since a company in Paris, France has fuck all to do with the United States' DMCA laws.

    1. Re:Paris? by mwvdlee · · Score: 5, Informative

      Thanks to international copyright agreements, French (and a shitload of other countries') copyrights apply in the US as well. And since you don't have to be a US citizen to take legal action to a US company or citizen under US laws, they can. It's the same reason why a certain Swedish site can be sued for infringement of US copyrights according to Swedish laws.
      You see it's a trade-off between security and freedom; companies gain security in exchange for citizens losing freedom.

      --
      Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  6. Re:soon anti spy apps can be banded under DMCA by Anonymous Coward · · Score: 3, Funny

    soon anti spyware apps can be banded under DMCA

    This is a masterfully crafted electrum spyware app. All craftsdwarfship is of the highest quality. It is finely colored with dimple dye. It menaces with spikes of cat and is banded with rings of copper.

  7. Mila Parkour by tangent3 · · Score: 3, Funny

    She was kicked off...

    No worries, she will grab on to the horizontal bar, swing 360 degrees around it then flip, somersault and land with a graceful roll.

  8. Someone injured by this malware needs to... by John+Hasler · · Score: 3, Insightful

    ...file suit against the malware authors and then subpoena LeakID's records to identify them.

    --
    Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.