Friday, April 26, 2024

TorrentFreak's Latest News

 

Nintendo vs. Garry's Mod: Dissecting the 'Fake' Domain Behind All the Chaos
Andy Maxwell, 26 Apr 11:47 AM

garrys-mod-sIn a world where there's always someone telling people what to do, Garry's Mod is a breath of fresh air. Launched in 2006, the sandbox game has no goals; just hand over $9.99 to Steam, jump in, and do whatever you like.

With the benefit of hindsight, some fans may have taken that a little too literally. At the time of writing, Garry's Mod workshop content uploaded by users over many years, is being systematically taken down in response to takedown notices filed by Nintendo.

"This is an ongoing process, as we have 20 years of uploads to go through. If you want to help us by deleting your Nintendo related uploads and never uploading them again, that would help us a lot," the Facepunch Studios announcement reads.

The team don't seem especially upset and are taking everything in their stride. Nintendo has a reputation for taking action against content featuring its characters and artwork so removing it now is the right thing to do.

"Honestly, this is fair enough. This is Nintendo's content and what they allow and don't allow is up to them. They don't want you playing with that stuff in Garry's Mod – that's their decision, we have to respect that and take down as much as we can," the announcement adds.

DMCA Notices Aren't Real, or Even Sent By Nintendo, Some Claim

Normal service will be restored shortly, but some fans may still need convincing regarding recent events. They believe that some type of scammer, probably not even connected to Nintendo, has been using bogus notices to take content down for quite some time.

Mindful that Garry and the team needed to be aware of that, so that nothing gets taken offline unnecessarily, attracting their attention became a priority this week.

garrys-mod-twitter

As the image from X shows, a few hours after being alerted, investigations ended with the conclusion that the takedowns were legitimate. Yet for some, that still wasn't good enough. Over the past few months there have been reports of bogus DMCA notices claiming to have been sent by Nintendo, containing allegedly similar fictitious claims. Many were resurrected this week after more than three years, contributing to the chaos.

In some cases, users simply expressed sadness or sympathy for Garry and the team. In many, many others, passions and frustrations proved too much. Instead of the usual blanket bitterness towards Nintendo, Garry's X account filled up with demands for evidence, rock-solid proof that Nintendo really was to blame. Some even fired off accusations that no work had been done to get to the bottom of the crisis.

garrys-news

In a post to X, Garry addressed the "it's fake" guys by posing five questions, all of them related to a domain name referenced in one or more of the takedown notices. The skeptics believe that the domain mm-nintendo.com is fake; Nintendo 'always' use a different domain, and domain details here are different to those used elsewhere, etc.

We've seen more than our fair share of bogus notices in the past but since these notices don't appear to have been shared in public, determining whether they're real or fake simply isn't possible.

Since Garry is on record saying that they're real, there's no obvious reason to question that. It shouldn't come as a big surprise that developers can become quite attached to their projects and the communities that support them; removing content for no reason isn't something they do lightly. So whether real or fake, voluntarily or under duress, a decision has clearly been made to say goodbye to content that, in real terms, amounts to a liability.

That being said, let's squeeze the domain mm-nintendo.com and see what comes out.

Genuine or a Big Fat Phoney?

Finding takedown notices featuring the domain mm-nintendo.com wasn't difficult. The pair shown below seem fairly typical; they both use notice@ in their email addresses and were sent to ISPs asking for content to be taken down.

mm-nintendo-1

Similar notices dated 2016, 2017, and 2018, fail to raise any obvious red flags and since the first and last were processed by GitHub, people can be confident they received considerable scrutiny.

A similar notice sent to GitHub in 2020 took content down using the DMCA. In other parts of the notice, takedowns were requested under trademark law.

At this point, it's worth highlighting something that all of these notices have in common: not a single one targets pirated copies of Nintendo games. Instead, they all target audiovisual works, images, and fictional character depictions, to which Nintendo owns the rights. It's a trend that runs through all similar notices.

A 2019 takedown notice sent to itch.io, also featuring the email address notice@mm-nintendo.com, displays the same features as another sent to Sankakucomplex in 2019. No games piracy in sight, only alleged infringement in characters, artwork, and audiovisual works.

It doesn't seem unreasonable to raise a theory at this point; is it possible that Nintendo uses the mm-nintendo.com domain when takedown notices target characters, artwork, and audiovisual works, in cases where specific expertise is necessary?

MarkMonitor (MM for short?)

There's no direct evidence to show that the MM in mm-nintendo.com stands for MarkMonitor. However, there's plenty of evidence to show MarkMonitor has connections to Nintendo. The domain was registered through MarkMonitor in September 2016 and then updated somewhat coincidentally this Wednesday when the Garry's Mod controversy began.

markmonitor1

The most obvious change is the prominence of the email address brandprotection@mm-nintendo.com before the update. MarkMonitor doesn't manage all 6,431 domain names currently listed under Nintendo of America, but it has provided brand protection services for some of the biggest names in business.

When Apple worked with MarkMonitor back in 2013, records show the company operated the domain mm-apple.com. While that domain has long since expired, mm-microsoft.com is very much alive and just like mm-nintendo.com, redirects to its owner's main domain.

Other domains registered through MarkMonitor and used for brand protection over the years, probably behaved in much the same way; mm-velcro.com, mm-walmart.com, mm-loreal.com, and mm-nissan.com, for example.

So Real or Fake?

There seems no doubt that the domain mm-nintendo.com a) actually exists b) is used for brand protection purposes and c) isn't used often or even at all for regular DMCA takedown work. That leads to the final item, d) the domain is different because it has a specific purpose.

It's possible that brand protection matters are handled by a dedicated Nintendo department and/or MarkMonitor itself, which also has an office in the UK. Perhaps the image below, uploaded on Thursday, offers a few more clues. Just don't venture too close to the edge.

nintendo-office

Whether the DMCA or similar takedown notices sent to Garry and the team are legitimate is best judged by those who have seen them. Based on the above, however, his claim – that the notices are official – should really be the last word on the matter.

As for the other 'fake' notices previously sent that also mention the mm-nintendo.com domain, only a close review of each could determine whether they're genuine and/or accurate. When everything is said and done, however, perhaps the most important question is whether they target obviously Nintendo-like characters or imagery.

From what we've seen, most seem to do just that.

From: TF, for the latest news on copyright battles, piracy and more.

U.S. "Know Your Customer" Proposal Will Put an End to Anonymous Cloud Users
Andy Maxwell, 25 Apr 06:38 PM

identity-sIt's long been the case that access to certain services, whether on or offline, will only be granted when customers prove their identity.

Often linked to financial products but in many cases basic money/goods transactions carried out online, handing over a name, address, date of birth and similar details, can increase confidence that a deal will more likely than not go according to plan. In some cases, especially when buying restricted products, proving identity can be a condition of sale.

Yet, for many years, companies operating in the online space have been happy to do business with customers without knowing very much about them at all.

In some cases, where companies understand that a lack of friction is valuable to the customer, an email address has long been considered sufficient. If the credit or pre-payment card eventually used to pay for a product has enough credit and isn't stolen, there seems very little to be concerned about. For many governments, however, any level of anonymity has the capacity to cause concern, and if that means unmasking everyone to identify a few bad actors, so be it.

Improving Detection and Prevention of Foreign Malicious Cyber Activity

Perceived and actual threats from shadowy overseas actors are something few countries can avoid. Whether in the West or the East, reports of relatively low-key meddling through to seriously malicious hacks, even attacks on key infrastructure, are becoming a fact of modern life.

After being under discussion for years, late January the U.S. Department of Commerce published a notice of proposed rulemaking hoping to reduce threats to the United States. If adopted, the proposal will establish a new set of requirements for Infrastructure as a Service providers (IaaS), often known as cloud infrastructure providers, to deny access to foreign adversaries.

The premise is relatively simple. By having a more rigorous sign-up procedure for platforms such as Amazon's AWS, for example, the risk of malicious actors using U.S. cloud services to attack U.S. critical infrastructure, or undermine national security in other ways, can be reduced. The Bureau of Industry and Security noted the following in its announcement late January.

The proposed rule introduces potential regulations that require U.S. cloud infrastructure providers and their foreign resellers to implement and maintain Customer Identification Programs (CIPs), which would include the collection of "Know Your Customer" (KYC) information. Similar KYC requirements already exist in other industries and seek to assist service providers in identifying and addressing potential risks posed by providing services to certain customers. Such risks include fraud, theft, facilitation of terrorism, and other activities contrary to U.S. national security interests.

While supposedly aimed at external threats, only positive identification of all customers can eliminate the possibility that an 'innocent' domestic user isn't actually a foreign threat actor. Or, according to the proposal, anyone (or all people) from a specified jurisdiction at the government's discretion. Upon notification by IaaS providers, that could include foreign persons training large artificial intelligence models "with potential capabilities that could be used in malicious cyber-enabled activity."

Scope of IaaS and Customer Identification Programs

Under the proposed rule, Customer Identification Programs (CIPs) operated by IaaS providers must collect information from both existing and prospective customers, i.e. those at the application stage of opening an account. The bare minimum includes the following data: a customer's name, address, the means and source of payment for each customer's account, email addresses and telephone numbers, and IP addresses used for access or administration of the account.

What qualifies as an IaaS is surprisingly broad:

Any product or service offered to a consumer, including complimentary or "trial" offerings, that provides processing, storage, networks, or other fundamental computing resources, and with which the consumer is able to deploy and run software that is not predefined, including operating systems and applications.

The consumer typically does not manage or control most of the underlying hardware but has control over the operating systems, storage, and any deployed applications. The term is inclusive of "managed" products or services, in which the provider is responsible for some aspects of system configuration or maintenance, and "unmanaged" products or services, in which the provider is only responsible for ensuring that the product is available to the consumer.

And it doesn't stop there. The term IaaS includes all 'virtualized' products and services where the computing resources of a physical machine are shared, such as Virtual Private Servers (VPS). It even covers 'baremetal' servers allocated to a single person. The definition also extends to any service where the consumer does not manage or control the underlying hardware but contracts with a third party for access.

"This definition would capture services such as content delivery networks, proxy services, and domain name resolution services," the proposal reads.

The proposed rule, National Emergency with Respect to Significant Malicious Cyber-Enabled Activities, will stop accepting comments from interested parties on April 30, 2024.

Given the implications for regular citizens, many of whom are already hanging on to what remains of their privacy, the prospect of handing over highly sensitive information just to obtain a product trial is a real concern. The potential for leaks grows with each disclosure, as does the possibility of personal information ending up for sale on the dark web.

Which is where the threat actors will obtain other people's credentials to masquerade as regular users when subjected to a Know Your Customer process. For IaaS services themselves, the largest will have few problems implementing customer identification programs and may even consider them useful. On one hand, they can help to stop threat actors and on the other, take the opportunity to build a database containing the personal details of every single customer.

From: TF, for the latest news on copyright battles, piracy and more.

270x90-blue

Are you looking for a VPN service? TorrentFreak sponsor NordVPN has some excellent offers.

 
 
Powered by Mad Mimi®A GoDaddy® company

No comments: