Wednesday

The Kodi Legal Paradox

Over the years the copyright wars have moved in different directions from newsgroups, usenet, peer to peer and the infamous PirateBay.   About fifteen years ago all the geeks I knew where using a private FTP server run by someone from Manchester to download films and movies.   The principle was simple, this guy would basically download every film, album or TV series he could find and loaded them onto a super fast server. Then you paid 10 pounds a month for unlimited access and downloaded everything you needed, worked great until suddenly one day it  (and him) disappeared!

The issues there were a little more straight forward than today because most of the definitions of copyright infringement involve downloading, copying or stealing licensed material.  Just like the person who makes pirated copies of DVDs, it's relatively simple to prosecute these people using criminal law because there is a theft and physical evidence.  



However now it's a little more complicated simply because of the way the internet has developed.  Speeds have generally increased greatly now and the days of downloading a film over a few hours (or even days) have long gone.  In fact most of us have internet connections that can happily stream a movie while we watch it.    Which has enabled a previously little known media streaming software called Kodi to become very  popular indeed. 

Kodi can be installed on all sorts of devices and is popular particular on android based media boxes. Although Kodi is simply an open source media player which started life called XBMC (Xbox Media Center)
, it's adaptability and the hundreds of available plugins have put it in the center of home entertainment for millions of people.   

In thousands of homes across the world, a little media streaming box or Fire stick loaded with Kodi and some associated plugins is busily streaming copyrighted material directly to their TV sets.  These devices can even be bought preloaded and preconfigured so no technical knowledge is required, and effectively have the ability to stream all sorts of subscription services for free.  There are plugins for streaming Sky TV, Virgin, BT and Netflix to name but a few - the combined costs of these subscriptions would be over a hundred pounds a month so you can see the attraction and you don't need to use a VPN.

It's clearly damaging the companies like Sky who pay billions in licensing deals for everything from Sports to movies.   However the legal implications at least against the end user are unclear, because people are simply viewing a video stream of the content and not downloading then it's difficult to prosecute them.  Despite over 50% of the investigations by the Federation Against Copyright Theft (FACT) being concerned with Kodi there are still very few prosecutions.

The few successful prosecutions have come against people pre-loading Kodi and selling the boxes to individuals and organisations which is contrary to the Copyright, Designs and Patent Act 1988.

Brexit May Change Legal Situation
The primary reason users of these boxes cannot be directly prosecuted is due to a ruling by the European Court of Justice. It stated that no individual can be prosecuted for looking at copyrighted material online as per Article 5.1 of the EU Copyright Directive. It basically states that users aren't directly downloading but just watching on their screen which doesn't require the permission of the copyright holders.

Morally of course, it's difficult to argue that it's not theft but as yet our legal framework hasn't quite caught up with this situation. It wouldn't take much modification of the copyright legislation to make using Kodi to watch Sky for free illegal and this is expected to happen in the next few months. The European laws currently protecting people will obviously have little effect when Britain leaves the European Union anyway. It's probably time to turn that Kodi box off or at least use a VPN service to hide what you're doing with it!

Friday

My VPN Doesn't Work!

For many people around the world, a VPN is one of the their most essential online tools.   These Virtual Private Networks allows users to surf securely and have unrestricted access to the internet.   The VPN was primarily designed to add a layer of security to web transactions, however nowadays it's arguably more often used as a way to hide your location.

For example if you try and access the BBCs online service from outside the UK you'll get blocked as it's not accessible outside the country.  Same goes for Hulu, US Netflix, ABC NBC and RTE in Ireland - in fact just about every major media site on the web is only accessible from specific countries.  When you combine the other internet restrictions often applied by specific countries, huge areas of the web are often not accessible depending on your location.

So what does the expat Brit, or travelling US businessman do when they can't access all their local shows and media?  Well they use a VPN service to hide their location and let them watch whatever they want, irrespective of where they happen to be.  You'll see holidaymakers in Spanish bars watching Eastenders on their laptops whilst an Irishman streams Gaelic football on RTE online next to him.

Basically a VPN bypasses all these blocks and allows you to watch whatever you want.  Services like Identity Cloaker have adapted to locate servers in all of the most populous countries.  I have personally been a subscriber for nearly ten years now and use it pretty much every day when travelling.

My VPN Doesn't Work

Over the last year however things have been getting a little difficult, as the media companies have started to fight back. For a variety of reasons ranging they've started to try and block the use of VPNs when accessing their services. There has always been some attempts to block the use of these methods, however they have never been that serious. It's actually very difficult to detect a properly configured VPN so the companies would have to individually block IP addresses. Although this works it's only temporary (VPN services simply switch their addresses) and it's extremely time consuming. Nevertheless the BBC attempted this purge early in 2016 and succeeded in blocking many thousands of VPNs from being used to access BBC iPlayer from outside the UK.

VPN doesn't work
Other companies like RTE, Hulu, ABC and many others have followed suit painstakingly identifying addresses with multiple connections and individually blocking proxy and VPN connections from accessing their sites. Many of the smaller VPN companies have closed down, although most of the established companies have the sort of infrastructure which allows them to keep switching these addresses round so are still active.

Unfortunately 2016 saw a new development which I expect to be extended throughout this year. Netflix have been under pressure from the media firms that they license their media from to block access to these programs. The primary reason is that Netflix pays for distribution rights per country, so they only have the rights to broadcast content in those specific countries, yet a working VPN completely bypasses this.   The media giant however decided to use a different approach to blocking the virtual networks by blocking every IP address which was classified as commercial.

Suddenly the cry my VPN doesn't work went up across the world as literally 99% of these services stopped working with Netflix overnight.   The problem was that all these VPNs are installed in commercial datacentres and as such Netflix was able to block every  single one of them in one go.  There were casualties of course, people could no longer access their accounts from company offices for example, but it appears this was a price worth paying.

It's likely many more of the big media companies will follow this method, although it won't be suitable for all of them.  Amazon Prime has already followed suit so that you may have problems accessing video streams if you use a VPN with a commercial classification.  A couple of the more advanced VPN systems like Identity Cloaker have upgraded their networks to include residential IP addresses, however this is very difficult to do so it's unlikely that most providers will be able to do this.


Monday

Memories of When the Internet Was Less Serious

Do you remember when the web was young? It was used by geeky students, the military, academia and Star Trek fans (obviously some overlap on those). Now it certainly wasn't as slick and smooth as now but it was certainly a much more open way of sharing information than it is today. I certainly remember the first time I spoke to someone online across the globe through some flaky text only IRC program and it gave me a genuine thrill. Any computer that was connected to the net was accessible and would welcome you with open arms, unlike today where we need to use a VPN.

In the mid 90's I ran an evening internet course for anyone who was interested. It had tremendous support but it was difficult to run mainly because the 20 people in the class had to communicate down a 28.8k modem sitting on my desk... But people didn't seem to mind, the thrill, the excitement was there...even when it didn't quite work.
For instance when I demonstrated Internet Relay Chat - a chap called Mike from my class managed to arrange a date with a someone called Lilly from Detroit. We were all nearly as excited as Mike just waiting to hear how the date went (Mike worked in Detroit for a few weeks a year). In the end, it didn't actually happen as it turned out Lilly wasn't actually from Detroit, or in fact was called Lilly - but was actually a rather disturbed and lonely welder from Chicago called Norman.

But despite Norman, there was a sense of community and sharing. It was tough to find stuff of course, you had to use programs like Gopher and Archie to find information, which they occasionally did. But after you needed to figure out how to connect, download or access the results.  There was also much less of a worry that you were being stalked, monitored or logged, although using a VPN wasn't really an option either.

1990s (ASCII) Computer Art 

However despite it being hard work, there was a side benefit - often you had to learn how things worked in order to use them.  Heck, you even had to sometimes read a manual to get a program to load or have a hope of using it. There was no alternative in the earliest days of the 1990s internet, even when you connected to a site or online system you'd often get stuck in some obscure text editor with no option other than to learn the commands.

Of course, most of the internet nowadays is point and click which is pretty much like the operating systems we use.  This works up to a point, but when things go wrong or you need to consider something like security most users have very little idea of where to start.   I thought my children would power passed me in technology knowledge but that hasn't happened.  Partly because they don't seem that interested but perhaps also they've have never had to spend two weeks typing in the code for Minotaur's Cave (and fixing the syntax errors) before they could play the game!


Thursday

UK State Surveillance - Investigatory Powers Act 2016

It's been around for years in various guises, but unfortunately it looks like the ridiculously intrusive 'snoopers charter' bill has become law in the UK.   The Investigatory Powers Act 2016 is basically a surveillance law that requires ISPs and telephone companies to store everyone's digital history for 12 months.  This data then must be supplied to a list of 'approved agencies' on demand - people like police, security services and some official government agencies.

That's worth thinking about, a democratic elected government wants access to everything you do online for 12 months.  Every tweet, every web page you view, every video you watch, every song you listen to - all available for a selection of Government departments to peruse at their leisure.  It's a completely unprecedented level of access - a level right up there with the very worst authoritarian regimes across the world.   Make no mistake though, the Investigatory Powers Act will become an excuse, a legitimate blueprint for intrusive spying and surveillance across the world.

The excuses are the usual predictable ones which are used by these same regimes, heightened security threats, safety of our citizens, essential for combating terrorism.   However remember this huge amount of data is the ordinary browsing history of millions of innocent ordinary people, our privacy completely destroyed on the slim chance of catching a particularly careless or stupid terrorist.

It doesn't stop there though, there are more powers granted to the security services.  Powers to hack into phones and computers, the power to collect data in bulk, although they've already been doing this illegally for years anyway.    Access to journalists call and web data is also allowed even if they're trying to maintain confidentiality - handy for cover ups and blocking unwelcome investigative journalism!

If the internet had been around in the heydays of the KGB and Stasi, it's probably not far off the model they would have applied.  It's basically total surveillance with a hint of respectability and privacy rights, all easily bypassed with a slight justification and a judges signature.

Is the total sacrifice worth it?  Will we become completely terror free? Terrorists picked up in their droves whilst planning attacks on innocent people?   Of course not, there are ways to avoid detection - you can use encryption and residential VPNs to hide your communications.   There are lots of inexpensive security services which will ultimately block all but the most concerted efforts.  Will the average well funded terrorist be able to afford $10 a month to use a VPN?   Of course they will, and inevitably you will be left with the security services left spying on the rest of us whilst their data passes by in a blur of encrypted gibberish.

The security services will be left spying on innocent people like you and me whilst the terrorists laugh down their encrypted channels as yet another civil liberty has been taken from us.


Friday

Downloading Torrents Anonymously

When you want the latest movie or music file, many users turn instantly to BitTorrents with good reason. If a new movie is released on DVD you can be assured that within hours someone somewhere will be starting to share it, and that's all it takes with torrents - one helpful upload and pretty soon there's thousands of people able to help distribute. Peer to Peer downloading like this also provides incredible download speeds, especially as the technology as developed. In it's infancy you were likely to get stuck for days or weeks on a file as uploaders logged off, nowadays that rarely happens especially with popular titles.

There are problems though and the major one is pretty serious - anonymity or the complete lack of it. You see when you connect to a torrent, using any BitTorrent client then you're all actively sharing the file you are downloading which means anyone can see your IP address and the client you are using. It's all readily available as you can see from this screen shot.

Everyone's IP address visible to anybody else who is in that swarm and downloading the file which makes privacy kind of a non-starter.

Now to your fellow down loader,  this is of little interest and there's no real issue. Unfortunately there are others joining these download swarms who are actively searching for your identity. They can be logged into two main sections -

  •  Anti-piracy organisations.
  •  Law firms acting for copyright holders
Both of these will go one step further as soon as they have the name of the file you're downloading and your IP address - they will look up your real identity.   It's not hard to do your ISP for example can supply the full name and address associated with each IP address very easily.  After that happens you'll either receive a DCMA notice or arguably worse a threat of legal action from one of these dodgy law firms like ACS Law which we wrote about here many years ago.

It's a very lucrative occupation, instead of simply selling copies of a movie you just track down all the people who are illegally downloading it and threaten them with huge fines or legal action. It works especially well with porn movies as the victims are usually less likely to go to court to defend their position on downloading 'sexy teen nympho nurses' - for obvious reasons. 

So although BitTorrent clients are incredibly easy to use and give you access to just about any digital content you like - it's not smart to use them without taking some precautions.  Anonymous torrenting is possible but you need to hide your IP address from both your ISP and the rest of the swarm plus hide the file you are downloading from your ISP.   The logical answer which solves all this is to use a VPN but beware not all these services allow the use of BitTorrent simply because of the huge bandwidth they tend to use.