Slashdot Mirror
What a 'Six Strikes' Copyright Notice Looks Like
The new Copyright Alert System, a.k.a. the 'Six Strikes' policy, went into effect on Monday. Comcast and Verizon activated it today. Ars Technica asked them and other participating ISPs to see the copyright alerts that will be sent to customers who have been identified as infringing. Comcast was the only one to grant their request, saying that a "small number" of the alerts have already been sent out. The alerts will be served to users in the form of in-browser popups. They explain what triggered the alert and ask the user to sign in and confirm they received the alert. (Not admitting guilt, but at least closing off the legal defense of "I didn't know.") The article points out that the alerts also reference an email sent to the Comcast email address associated with the account, something many users not be aware of. The first two notices are just notices. Alert #5 indicates a "Mitigation Measure" is about to be applied, and that users will be required to call Comcast's Security Assurance group and to be lectured on copyright infringement. The article outlines some of the CAS's failings, such as being unable to detect infringement through a VPN, and disregarding fair use. Comcast said, "We will never use account termination as a mitigation measure under the CAS. We have designed the pop-up browser alerts not to interfere with any essential services obtained over the Internet." Comcast also assures subscribers that their privacy is being protected, but obvious that's only to a point. According to TorrentFreak, "Comcast can be asked to hand over IP-addresses of persistent infringers, and the ISP acknowledges that copyright holders can then obtain a subpoena to reveal the personal details of the account holder for legal action."
So this is why my comcast bill went up last month...
in 3...2...1
"In-browser popups?" On what pages? Is Comcast tampering with web pages not their own to insert messages? Do they do MITM attacks on secure pages to break in there?
Netflix Instant Play monthly cost: less than $10, vs. IPREDator or equivalent VPN at about $5. Get a half decent Usenet or BitTorrent client, and the system has been circumvented.
I suspect that ISPs adopted these measures more to appease the content providers than to fight the actual problem.
Why won't the content providers address the obvious, and just make the content available through Netflix/iTunes/Amazon/VUDU/etc. soon after release? Such venues would enable them to profit from the home user who'd then download and pay without a hassle, and at the same time protect secondary international markets where other deals may be in place.
I guess these people learned nothing from Napster, iTunes, and music stores.
Cheers!
E
http://eugeneciurana.com | http://ciurana.eu
People act like this will only affect pirates, but that is far from the truth. There is no oversight to this, so this, like DMCA notices, will harm innocent people.
Would using adblock or simply preventing unwanted "popup" from opening block this notice? I've honestly never seen a single popup since I've started using Opera over 6 years ago, not to mention ads.
The outrage that defeated SOPA is missing. Is it because the harm isn't as clear, big companies like google aren't stepping into the fray, or the association with "pirates" is too toxic? Or is it d) all of the above?
Since when can corporations act like governments?
Who in this day and age still has pop-ups enabled in their browsers?
Excuse me, but please get off my Pennisetum Clandestinum, eh!
Sounds like it's a fair price to pay if it means that we can't get brought into court for pirating just about anything. If that were the case then I'd be ok with it but of course this is not a black and white world we live in.
Apparently even if you successfully challenge the "back breaking straw" copyright alert that triggers a mitigation notice, you have to defeat at least half of ALL notices to get the mitigation removed.
Kinda like getting your license suspended after getting your 6th ticket, but then having to overturn not only your 6th ticket but also 2 other tickets to get your license reinstated.
Firstly, I think popups are generally disabled by people who know how to use torrents. And secondly, they require the popup to be signed so you cannot say "I didn't know" further down the line. Now what happens if you see the popup and just close it (CTRL+W or CTRL+F4)? Does it count as seen? Or better still, pull the popup window to a side and keep doing what you are doing. And shutdown after you are done. Now does that count? And what if I challenge the ISP to show me proof for the notice. Will they do it or just ignore me? If they ignore me, I can ignore them and so the story can go...
Apologies to the author of the original(can be found at http://craphound.com/spamsolutions.txt):
Your law advocates a
(x) technical (x) legislative ( ) market-based ( ) vigilante
approach to fighting piracy. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)
(x) Legitimate bittorrent uses would be affected
(x) It is defenseless against VPNs
(x) It will stop piracy for two weeks and then we'll be stuck with it
(x) Users of netflix will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
(x) Requires too much cooperation from pirates
( ) Requires immediate total cooperation from everybody at once
(x) Many internet users cannot afford to lose business or alienate potential employers
( ) Anyone could anonymously destroy anyone else's career or business
Specifically, your plan fails to account for
( ) Laws expressly prohibiting it
(x) TOR endpoints in foreign countries
(x) Asshats
(x) Jurisdictional problems
(x) Unpopularity of net restrictions
(x) Pop-up blockers
(x) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of piracy
(x) Joe jobs and/or identity theft
(x) Technically illiterate politicians
(x) Dishonesty on the part of pirates themselves
and the following philosophical objections may also apply:
(x) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) IP headers should not be the subject of legislation
(x) Blacklists suck
(x) Whitelists suck
(x) We should be able to watch youtube without being permanently disconnected from the net
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
(x) Why should we have to trust you and your servers?
(x) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
(x) I don't want private corporations suing me for downloading my own files
Furthermore, this is what I think about you:
( ) Sorry dude, but I don't think it would work.
(x) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your
house down!
It is amusing to see comcast and others think just cause everyone else is doing it or because they have "industry" documents like RFC 6108 this somehow insulates them from "stupid".
Injecting shit into http is HARMFUL no matter what BS you can get accepted by throwing your largess around and sponsoring IETF meetings. You simply cannot know a-priori what side effects of injecting javascript crap into HTTP transactions are. In case you have been living under a rock for the past decade sadly everyones using HTTP for transport these days.
As I type no doubt the phishers are working overtime on fake popups emulating comcasts piracy notifications.
I hope sleeping with the MPAA is worth bad press, legal exposure and pissing off your paying customers.
"As part of the Copyright Alerts System operated by the Center for Copyright Information, a copyright owner has sent Comcast a notice claiming your Internet service from Comcast was used to copy or share a movie, television program or song improperly...."
There are absolutely no details about who the copyright owner is, what specific content was infringed, when the alleged infringement was made, what details identifies MY "Internet service", etc.
A more legally correct wording could state "Someone who claims to be the copyright owner, claims that the copyright was infringed from the specific IP which we, Comcast, claim to be belonging to your account at the claimed time of the infringement." But that would be just too many "claims"!
There's no such thing as "illegal download"
US = nascent police state.
Religous speak to God. Insane are spoken to by God. When all shut up, one can finally hear Shostakovich in peace
They think that the copyright cartels are their buddies for taking their bribes and fighting their fight, but when this fails just like all the rest of their evil greedy plans of never letting so much as a penny slip through their fingers the ISPs participating in this may find it difficult to testify to a judge with a straight face that they have no control of the infringing content transmitted over their network. This strategy may not bite them in the ass today, or even next week or next month, but someday it will. He who sups with the devil should have a long spoon.
Quite an experience to live in fear, isn't it? That's what it is to be a slave.
5 Strikes and i change my ISP!
Oh
I read the article. In the summary, the following is stated:
"The article outlines some of the CAS's failings, such as being unable to detect infringement through a VPN"
The article says no such thing. The reference to VPNs in the article states that if a user is always tunneling through a VPN, Comcast will be unable to inject data into their datastream, and thus the user may never see a "popup" warning in their browser. Added to the fact that users may not be aware that their Comcast service comes with a Comcast email account (or they may never check it), and there is no guarantee that a user will ever see a warning sent by Comcast.
I always wondered why possession/acquiring of copyright material is a crime.
The whole problem of making possession/downloading illegal is it tries to fight human nature in a clumsy way (I get that while downloading torrents you also MIGHT seed it - there might not be anyone else downloading from you). People will always want free stuff. If I find a copy of a popular book being sold at half price on the pavement, I will buy it (esp. if the print is great).
At certain times, fighting human nature is important/worth it (e.g. stealing and killing others is illegal). At other times, it is just plain stupid (e.g. War on XYZ). In the end if people want it badly enough they will find a way to get what they want, consequences be damned (see how much stealing laws work against a starving man). You are trying to make natural behavior illegal, and coming up with technical measures to prevent it. Which has the gaping loophole that most technical barriers can/will be breached. And there is little cost to building digital workarounds.
Install TOR (if not against AUP), and tell them that you do not download crap not worth paying for, but that you are an exit node for TOR. Thustraffic from your IP can be assumed to originate from other computers. Inform FBI about the same thing, such that a judge can never issue a warrant as there is no reasonable suspicion against you. And that if you want to download crap, your traffic will use TOR to originate from another IP.
Use a VPN or virtual server for you criminal activities. You can get $2-$5/mo virtual servers powerfull enough for VPN. You can get them in Europe, Canada, South Africa. You name it, you get it.
But again, the whole idea is to hit the stupid guy with below average IQ and below average income. They are the ones least likely to get a qualified defense.
Man in the middle attack is completely unacceptable.
SURELY NOT!!!!!
attack computers on those networks then make those computers download copyrighted materials. Eventually 1000's will get the notice and maybe they'll notice.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
A pop-up I wasn't expecting inserted into my normal web browsers, and breaking any secure sites that it might pop up on prompting security warnings, asking me to click a button, sign-in, etc.?
Yeah, that won't be a scam, will it?
How about this - you have these people's address and billing details, send them a damn letter by recorded delivery if you want them to read it.
Personally, everything I've been advising my users NOT to do for the last ten years would ensure that those warnings are ALL ignored and/or the person runs off to check their antivirus because they are quite obviously not supposed to be there when you have typed in www.google.com or whatever.
They explain what triggered the alert and ask the user to sign in and confirm they received the alert. (Not admitting guilt, but at least closing off the legal defense of "I didn't know.")
If only there was some way of getting around that, like, um... not signing in and confirming you've received the alert? Yeah, that loophole's well and truly closed, well done.
systemd is Roko's Basilisk.
So, when they detect piracy, what http stream will they inject their warning into?
There may be none at the moment, because the 'piracy' may have been done using torrents/ftp/whatever. But they can obviously just wait for a http connection to open.
But many homes have several computers. And the ISP cannot know, due to NAT routers. So what if I am doing an "apt-get upgrade" which fetch 40MB of (legal) packages over http every week, while someone else pirate something? If such an ISP inject a warning in a random http stream, they are most likely to corrupt my fully legal http file transfers - because they will be the majority of http traffic through that NAT router.
And if they hit my browser - well, not only does it block popups, it also blocks both javascript and third-party URLs unless I explicitly whitelist the site. They will perhaps notice that their stuff does not even get downloaded.
I for one, pay heed to our new corporate masters!
This is only going to scare the people using public services. 99% useless and a complete waste of time and money. Typical of the majority of out problems in this country.
“What is ‘improperly?' This is one of the problems with the system,” Derek Bambauer, a tech law professor at the University of Arizona, e-mailed Ars after he saw the alert pages.
Obviously the proper way to do it would have prevented Comcast from being able to see it. See VPN and other suggestions posted above.
A lot of people (not most slashdotters lol) have children. What if this pops up and the kid just clicks it away and never mentions it to his parents? It could easily get up to message #6 without the parents ever knowing about it. And then what?
It would be fun to see bots filing bogus copyright claims with all the ISPs with the IP addresses of entertainment MBAs, their lawyers, lawmakers, celebs...
Purely an intellectual exersize; I would never advocate such a thing.
Perish the thought.
so you run firefox, with pop-ups blocked, you will never get a notice? How "stupid"! Do not track marked, and they will never see how you got there, come on folks, they have packet sniffers, on your set, no at the bad guys place. Violation of your rights.
may not ever use account termination as a way of enforcing this, but I certainly will use account termination as a way of dealing with it.
That thing where they tell you you have to call them?
That call will be to cancel my service.
(and no, I don't use torrents, (except steam) but that hardly matters)
This space available.
If anyone can pulls an alert from a public domain torrent, please post the link. I'd really like to get my 5 alerts out of the way this weekend so I can speak with the CAS team about how utterly useless they, and their entire scheme, are before my account cancels.
I pity you.
I pity you too.
I can't wait for all the spam, look-alike pop-ups, not to mention all the drive-by trolling of open WIFI AP's. How long until people get locked out of their ISP's just due to having an unsecured (or not very secured) WIFI?
Will this work properly in Lynx? Or do I need to file a complaint about cross browser support?
My old sig was REALLY stoopid.
There is always a way to vote when the offensive action is perpetrated by a money grubbing entity: with your wallet. Unfortunately, most people won't be willing to give up their darling televisions on principle alone. It is an inexpensive babysitter for some, a mind eraser for others, and an escape from the day for too many.
Happiness in intelligent people is the rarest thing I know.
Ernest Hemingway
To all the people crabbing about them redirecting DNS "We have designed the pop-up browser alerts not to interfere with any essential services obtained over the Internet." meaning this would cause a disruption in services. Therefore this is not going to be the course of action.
Hmm, so they pop up a window on MY machine when I am browsing the Internet? Sounds like a man in the middle attack to me.
And what happens when someone is using a popup blocker? They don't see it then? This system fails in a lot of areas.
I haven't owned a TV in almost 20 years.
I have comcast for internet only.
This space available.
...someone takes the CAS screenshots from TFA and incorporates them into a phishing scam popup?
"oh, no, not junior rodeo..."
Seriously, wtf? By what right do ISPs have to be judge, jury, and executioner?
for all y'all who are interested.
https://petitions.whitehouse.gov/petition/stop-cas-copyright-alert-system/KjBZN4mV
I've ignored this issue for the past year and now I am confused.
Is this new "six strikes system"(CAS) is a federal or state law?
Or, is this collusion between ISPs to deny service to consumers?
If the latter, how long before they are sued?
I see 2 very real possibilities in the near future as fall out from this:
1) scammers will replicate the typical warning pages the ISP's display in malware/trojans but with the added page areas to "pay a fine : input your credit card details to restore your internet connection to full speed"
2) hackers will develop malware/trojans that incorporate a Peer-to-peer client that downloads know high profile infringing material to force HUGE numbers of people into speed reductions/trouble etc.
... we can just cap them at the equivalent of 300 baud.
now we need to go OSS in diesel cars
First of all, the government isn't directly involved. (It's indirectly involved, in that government policies are where you might not be able to easily "fire" ISPs which cooperate with the scheme.) And it's easier and simpler to petition Congress to abstain from doing a destructive thing, than it is to petition them to do a useful thing (force regulatory agencies to force ISPs to not cooperate with this stupid shit).
Second, there's the scale of damage from false positives. SOPA endangered DNS. Imagine Slashdot or Facebook or the New York Times being falsely accused and taken offline. Now imagine someone's residential DSL being taken offline. Those are different-scale disasters.
Also, there's pirates' perspective, but it's not about toxicity. Everybody in the world, pirate or not, had reason to oppose SOPA. But this isn't going to impact "serious" pirates; only casual pirates and innocents are going to be harmed by this. As a "serious" pirate, since I know this won't harm me ("I wasn't innocent, so I didn't speak up for the innocent...") it's hard to get passionately inflamed. This is only going to either do collateral damage against the innocent, or help to train newbie pirates to use better practices. And as the industry herds more and more of us into becoming "serious" pirates, there's a smaller share of people to advocate against poorly-conceived plans like this one.
What I mean is, SOPA threatened me either as a consequence of my piracy, or also as errors from false accusations. This is only going to get me through a false accusation. I'll be pirating all the time, but if I get a notice, it'll be because of something my neighbor did, incorrectly attributed to me due to someone making a mistake when reading a DHCP lease log. So I'll pay the $35, fight, win, and get my money back, at net cost to my opponent! That's practically a win. SOPA had no win condition, for anyone. Even MPAA would have eventually advocated to please repeal SOPA because they'd want to get mpaa.org back.
Also, this may end up having interesting side-effects and possible uses. If someone communicates with my ISP with the intention of getting my ISP to violate their contract with me, maybe I can sue them for tortious interference. Since it'll usually be triggered by a false positive, that's tortious interference combined with fraud. There may be potential in using this program to cost the MPAA even more money, punitive damages kind of money. Let them get outraged and do the work and bear the expense of ending this program, next year. I'm not litigious enough to follow through with that, but some people might be licking their chops over all the false positives this is going to turn into money in their pockets.
Or the neighbor kids for those without their own.
now we need to go OSS in diesel cars
Is this a new technology and policy that some ISPs are voluntarily adopting?
Will a person be at risk is s/he watches streaming videos?
Streaming videos from another country?
Going to the Pirate Bay site and using a torrent link from to use a torrent client to download something?
Any way to protect yourself?
Let me get this right... In order to inform me that I am breaking copyright laws, the ISP will alter the content of a website in order to display a message to me? In other words they are taking advantage of someone else's copyrighted content in order to force me to read their message? Isn't that the same fuckin' thing they are accusing me of?
"Don't hit people!" said dad, as he emphasized his point with his fist.
I suppose it might come down to context, but in the internet world it would seem to be the difference between your ISP blocking a page versus allowing it but changing the content.
No media boxes I'm aware of can substitute product-placement, in-show banners, etc. They just don't record for certain times.
Fake six-strikes popups which ask for credit card numbers to resolve the complaint.
Forget 300 baud, just cap them at 0 and keep sending them a bill. Technically, that's not "Account Termination" either.
Unix is user friendly, it's just selective about who its friends are.
I hope they don't try sending notices that way. I'm pretty sure I have one but have no idea what it is or how to access it.
Every month my bill goes up! Between all the different constantly fluctuating "fees" (UCC, Regulatory Recovery, Local Franchise, FCC Regulatory, 911, State Assessment, etc.) my bill goes up about a buck or more a month.
So when does the boycott start?
Forgive my noobness, but would using an online proxy site get around this at all?
Let's see ... as a non-moron, I use (during normal browsing) a Proxy, a VPN, NoScript and AdBlock+ plugins, and popups are utterly disabled ... I'm a Comcast customer, but I've never once seen my own Comcast email. Wouldn't this entire thing be utterly pointless and never noticed in my position?