It was 2008 when the UK government originally proposed disconnecting pirates from the Internet, then a few months later Australia followed suit.

The latest is that it’s really going to be legislated and will come into force by April 2010 under the Digital Economy Bill.

I’ve noticed this trend picking up lately, a few companies are adopting this strategy or at least discussing it. First hit – warning, second hit – suspension then finally third hit is permanent disconnection and possible blacklisting.

Illegal file-sharers could be booted off the internet by summer 2011, says Lord Mandelson. The Business Secretary, who has been charged with ironing out the UK’s plans to tackle internet piracy, revealed that disconnecting repeat offenders will be a last resort.

Mandelson told the government’s Digital Creative Industries Conference that the “consequence-free” days of illegal file-sharing are over, and that a “legislate and enforce” strategy had been identified as the best way to tackle the problem. “Three strikes is a reasonable way of describing our approach,” he said.

The legislation, which will see those caught illegally downloading sent warning letters, will be officially set out in the Digital Economy Bill that is expected next month and will come into force in April 2010. “Technical measures will be a last resort and I have no expectation of mass suspensions resulting.”

I don’t see what the big deal is really, just use encrypted protocols or sign up to a VPN package and use another country that’s no so big on stamping down on piracy.

A lot of people use VPNs here in US or UK simply because BitTorrent traffic is throttled, it’s a small price to pay.

The same measures could be used to avoid any ISP snooping and get your downloads in peace. The whole Torrent scene has become a bit of a mess lately and it’s a hotpot of bogus files and tracked downloads.

Even with something like PeerGuardian you aren’t totally safe.

Repeat offenders will be issued with a second letter. If this fails to stop them illegally downloading, they will be put on a “serious infringers list”, with ISPs expected to “exercise technical measures”.

Mandelson also said that Ofcom will monitor the success of the warning letters in the first year and if illegal file-sharing has not reduced by 70 percent then suspending net connections will be brought into force.

“The threat for persistent individuals is, and has to be, real, or no effective deterrent to breaking the law will be in place,” he added.

Mandelson also said a “proper route of appeal” would be available for those suspended from the web. Once notified of possible suspension, offenders will be given 20 working days to appeal to an independent body, although Ofcom has yet to appoint the body. Mandelson said the suspension would not come into force until the appeal has been heard.

It’s interesting as well that they aren’t going hardcore right off the bat, they are still giving people a chance. If piracy reduces by 70% after the initial measures are put in place no-one will get disconnected.

Does that mean 30% of people can still download copyright content without any repercussions?

I’ll be watching the implementation anyway to see what kind of effect it has, I’d like to see the figures before and after 12 months and of course the metrics for measurement.

Source: Network World

This latest mass infection is through a vector I really don’t understand, see as though you can legitimately download Windows 7 from Microsoft.

I guess people just prefer BitTorrent downloads to HTTP downloads, and whoever had this smart idea capitalized on that.

Microsoft should perhaps do something about that and put out a legitimate BitTorrent copy. I guess the problem is updates, once it’s out there and people are seeding it’s out there for good and it’s not necessarily the latest build.

A Trojan buried within counterfeit copies of Windows 7 RC was used to build a botnet of compromised PCs.

The tactic emerged after researchers from security firm Damballa shut down the command and control servers used to control the system, reckoned to have drafted thousands of Windows PCs into its compromised ranks. Damballa reckons malicious hackers distributed the malware by hiding it within counterfeit copies of pre-release versions of Microsoft’s next operating system on offer through BitTorrent.

Damballa reckons that the pirated package was released around 24 April. By 10 May, when security researchers effectively curtailed the operation, as many as 552 new users were becoming infected per hour as a result of the attack.

It seems like the infection rate for this trojan has been pretty sharp, with 552 new users per hour that’s over 13,000 new infections per day adding up to almost 100,000 in one week.

The Command and Control center for the botnet has been taken offline though on May 10th so it’s rendered pretty useless since then.

I guess they should have built a more robust control mechanism like Conficker.

“Since the pirated package was released on 24 April, my best guess is that this botnet probably had at least 27,000 successful installs prior to our takedown of its CnC [command and control] on 10 May,” Tripp Cox, vice president of engineering at Damballa, told eWeek.

Since Damballa’s intervention, users installing the pirated version of Windows 7 RC are outside the control of the botmaster hackers running the attack. However, users who were compromised prior to 10 May remain within the ranks of the zombie drones controlled by the unidentified hackers.

Trend Micro identifies the Trojan featured in the attack as DROPPER-SPX.

Burying backdoors in counterfeit code is a popular tactic among crackers witnessed many times over the years with pirated copies of Microsoft applications and, more recently, with pirated versions of iWork ’09 for Apple Mac machines. In the case of the latest attack, prospective Windows 7 RC users get infected before they have a chance to install anti-virus tools, many of which are yet to support Windows 7 anyway.

You can check out the details on Trend Micro blog here.

If you want to get hold of Windows 7 you can just go directly to the Microsoft site here.

Source: The Register

Ah the big boys can’t get in legitimately, so they are starting to use underhand tactics eh?

A lawsuit filed Wednesday accuses the Motion Picture Association of America of hiring a hacker to steal information from a company that the MPAA has accused of helping copyright violators.

The lawsuit (click for PDF), filed in U.S. District Court for the Central District of California by Torrentspy.com parent Valence Media, doesn’t identify the man the company says was approached by an MPAA executive. But the suit calls the man a former associate of one of the plaintiffs and alleges that he was asked to retrieve private information on Torrentspy.com, a search engine that directs people to download links.

Torrentspy’s complaint includes claims that the man whom the MPAA allegedly paid $15,000 to steal e-mail correspondence and trade secrets has admitted his role in the plot and is cooperating with the company.

Torrentspy is taking this really seriously.

Torrentspy alleges in the suit that the man, whom the company refers to as the “informant,” has provided documents that prove the nature of his relationship with the MPAA, including a written agreement signed by the hacker and an MPAA executive, Rothken said.

“We have very significant proof of wrongdoing and the MPAA’s involvement,” Rothken said. “We think it’s ironic for the MPAA to claim that they are protecting the rights of the movie studios and then go out and pirate other people’s property.”

Rothken said that the MPAA also paid the hacker to “gather nonpublic information” about other Torrentspy-related sites. Rothken declined to specify which sites.

Seems like the hacker has had a change of heart too, hopefully Torrentspy kick their monkey asses.

Source: ZDNet