Saturday, November 18, 2023

TorrentFreak's Latest News

 

Dozens of VPNs & Shadowsocks Named in Leaked Russian Blocking Document
Andy Maxwell, 17 Nov 06:42 PM

rus-vpn-sAs Russia tightens its grip on encrypted communications and tools with the ability to bypass government censorship, it was recently confirmed that 167 VPN services are actively blocked after failing to comply with state requirements.

With that total expected to grow in the months ahead, a leaked document originating from Russia's Ministry of Transport reveals details of what telecoms watchdog Roscomnadzor has planned for the near-term.

Threat to the "stability, security and integrity" of Russian Telecoms

The document, dated November 10, 2023, was sent by the Ministry of Transport to organizations in the transport sector. After an unofficial appearance on the 'ZaTelecom' Telegram channel, local news outlet Kommersant sought comment from both the Ministry and Roscomnadzor. Neither responded.

The first page of the letter (original/left and Yandex OCR-translated/right), seeks input from organizations currently using any of the VPN services or protocols listed on the second page.

Russia VPN letter - Ministry - Transport Nov11-2023

The text strongly implies that the services and protocols listed are viewed as potential threats to the "stability, security and integrity" of Russian internet/information systems and telecommunications in general.

A more pragmatic reading might conclude that the services and protocols present zero technical threat, but do limit the government's ability to control the narrative. That narrative includes claims that encrypted communications represent a threat to the stability of the internet, which of course they do not.

Dozens of VPNs, Famous Protocol

The letter's second page is a 49-item list containing the names of well-known and lesser known VPN services. In the order they appear, some of the most notable inclusions are Private Internet Access (PIA), Ivacy Private VPN, PrivadoVPN, and PureVPN.

When a VPN appears on list like this it usually indicates a refusal to cooperate with Russian authorities, such as granting permission to inspect user data, communications or whatever else is on the government's mind at any given time.

Russian VPN letter-list-Nov23

In that sense an appearance might not be as damaging to a VPN's image as some might expect, quite the opposite in fact. That being said, item 49 on the list above shows that Russia intends to crack down on Shadowsocks, a protocol that in itself cannot be forced or coerced into compliance.

Shadowsocks

Shadowsocks is an open source encryption protocol created over a decade ago by a Chinese developer known as "clowwindy" and is perhaps best known for its anti-Great Firewall capabilities.

On a basic level, Shadowsocks clients offer a way to connect to SOCKS5 proxies securely using an encrypted tunnel. As standard it isn't a VPN and more importantly doesn't look like one to those hoping to shut VPNs down. People behind these projects are more easily identified, however.

Developers like clowwindy can find themselves under extreme pressure to behave in a particular way. The original Shadowsocks repo on GitHub reveals that even the most robust protocols can be 'Removed according to regulations'.

Fortunately, the Shadowsocks genie is never going back in the bottle; perhaps Russia forgot to ask China about that one, or simply believes it can do better. The theory is that Russia plans to draw up a whitelist of organizations that use the services above in a government approved way, so they don't find themselves inadvertently blocked. That may suggest the government has something aggressive in mind or perhaps faces limitations when it comes to pinpoint blocking.

From: TF, for the latest news on copyright battles, piracy and more.

MPA & IPR Center Tackle 'Holiday' Piracy With New PSA Campaign
Ernesto Van der Sar, 17 Nov 01:13 PM

stream safelyIn recent years copyright holders have tried many things to dissuade the public from visiting pirate websites.

Simply stating that piracy is illegal doesn't appear to work very well, so this type of messaging often tries to appeal to other emotions.

For example, anti-piracy campaigns frequently stress that piracy hurts normal workers as it costs the entertainment industry thousands of jobs. Another strategy is to scare the public directly, by pointing out the ills people may encounter on pirate sites.

'Holiday' Piracy PSAs

This latter strategy continues to gain traction and it's also the main focus of a new public service announcement (PSA) campaign launched by the U.S. Government's Intellectual Property Rights Coordination Center (IPR Center) and Hollywood's Motion Picture Association (MPA).

There are two videos, both set to appear in a short and longer version. The shorter 15-second clips are intended for social media, where they will be circulated in the coming weeks.

The gist of the PSAs is that people who use pirate sites and services to watch online entertainment risk running into malware, identity theft, and credit card fraud. This is illustrated quite dramatically, by burglars who raid the home of a happy couple enjoying an unreleased film from a pirate source.

Burglars Rob a Pirate

Interestingly, the video specifically (yet indirectly) suggests that a VPN service can't do much to protect against these risks. Here's the relevant dialog.

Man: Check this out. (starts film)
Woman: I didn't even know this was out yet.
Man: It's not, but I have my ways.
Woman: Are you sure that's safe?
Man: I have a VPN, we're good.

The VPN doesn't stop people from physically entering your home, as the PSA depicts. And if we follow this analogy, it's also true that VPNs can't stop identity theft or malware, although some offer separate protection tools against the latter.

The second PSA is a message from IPR Center director Jim Mancuso, who issues a straightforward warning, again focusing on malware and fraud.

"If you watch pirated films or TV shows you could be exposing yourself to credit card fraud, malware or worse. Why deal with that when you could be watching your favorite series and films on legitimate platforms? Don't let anyone ruin your screen time," Mancuso says.

Stream Safely

Both PSAs point people to the Stream Safely campaign site which guides people to legal sources. In addition, the site provides additional information on piracy and file-sharing technologies.

Torrenting Isn't Illegal

The Stream Safely site points out the potential risks of piracy but it doesn't condemn file-sharing outright. For example, it acknowledges that downloading torrents isn't by definition illegal, it depends on what people share.

Legal torrenting can be a good way to get large legitimate files, the website reads, adding that "generally speaking, sharing files across an internet connection is legal, so long as the files being shared aren't themselves illegal and/or copyright law isn't being violated."

This language is paired with obligatory malware warnings and highlighted legal risks, including "copyright trolls" who sue people for allegedly downloading pirated films.

"[L]egal trouble is becoming more common for those who are torrenting illegal content, as internet service providers (ISPs) and copyright trolls get more and more aggressive in tracking down and prosecuting illegal torrents," the website warns.

Beware of Trolls!

legal?

In summary, the campaign aims to point out that piracy isn't risk-free. It appears to be aimed at casual pirates, who may not be as tech-savvy and therefore more at risk of running into trouble.

"Many consumers remain unaware of the risks involved in streaming or downloading pirated films. There are piracy sites that appear legitimate and safe, but most are operated by global crime syndicates," says Jan van Voorn, MPA's Chief of Global Content Protection and head of ACE.

Nuance

The main message of the PSAs is that "watching pirated content is never safe". This is a conclusion we have seen in many industry reports over the years and while it's certainly true there are elevated risks, there have been more nuanced voices too.

For example, we previously heard from anti-virus experts, who pointed out that email is likely a higher risk factor than pirate streaming sites. In addition, research from the EU Intellectual Property Office previously concluded that not all pirate sites are malware-ridden.

"At present, suspected copyright-infringing websites and streaming services are not normally considered to be dominant sources of malware or otherwise unwanted software distribution," the research found.

That research may be dated by now, of course, and there are thousands of pirate sites, all with a unique risk profile. However, this nuance, understandably, didn't make it into the Holiday anti-piracy PSAs.

In summary, there is at least one conclusion we can safely draw. Those who use legal streaming services such as Netflix, Amazon Prime, Disney+, and HBO are less likely to run into trouble than those who use pirate sites and services.

From: TF, for the latest news on copyright battles, piracy and more.

270x90-blue

Are you looking for a VPN service? TorrentFreak sponsor NordVPN has some excellent offers.

 
 
Powered by Mad Mimi®A GoDaddy® company

No comments: