Microsoft Issues Takedown Notices Over COFEE 69
Eugen tips news that Microsoft has sent DMCA takedown notices to several websites to stop them from offering the Computer Online Forensic Evidence Extractor (COFEE) tool for download after it was leaked earlier this month. One of the sites, Cryptome.org, has posted their correspondence with Microsoft over the software. "... Microsoft contacted Network Solutions, which hosts Cryptome, and since John Young, the owner of the website, wasn't too keen on losing his whole website for the sake of a single 15MB file, he removed the download link and sent Network Solutions a notice of compliance."
CRYPTOME? (Score:3, Interesting)
John fearlessly posts pictures of ECHELON listening posts, Dick Cheney's Secret Bunker, the names of MI5 Moles in the IRA, CIA internal memos and the like.
But they can't take him down on NetSol - which is chock-full of spooks itself!
No, that's only Microsoft, and it's DMCA threat.
So. For how long has Cryptome been a disinformation channel?
Re: (Score:2, Informative)
Like the globe, Cryptome got the COFEE files from Torrent and wanted to see what Microsoft and Netsol would do when the copyfilth snoopfest was offered on a plain-sight website easily targeted. It's been several years since the last takedown notice for Cryptome, none since being hosted on Netsol. There's the result: snarf COFEE.
No, the material was not returned to MS, nor was it asked for, nor for log files, nor has MS apologized for Windows being so bloated, unstable, insecure and riddled with backholes fo
huh? (Score:2, Informative)
Unlike ECHELON listening posts, Dick Cheney's Secret Bunker, the names of MI5 Moles in the IRA, CIA internal memos and the like, Coffee is a copyrighted work which falls under DMCA law, which all registrars must respect.
None of which you listed falls under any laws that would prevent their distribution. If someone stumbles upon some intelligence, there is no law preventing someone from disclosing that intelligence, even classified intelligence if you are a civilian.
Re:huh? (Score:4, Interesting)
Mission Accomplished.
You now believe that copyright violation is the most serious bit of public misbehavior a citizen can get up to. --And, no, I'm not talking about this particular incident, or that particular website, (which I've never even heard of). I'm talking about the national freak-out which began with Napster, and which I was laughing at way back then, but have come to seriously believe may be the crowbar used to justify the final descent into totalitarianism. That's how ludicrous this has all become.
Ooooooh. Somebody didn't watch adverts while downloading a crappy bit of Hollywood. Opiate of the masses, and now the latest excuse to storm your home with the most recent incarnation of the Gestapo.
That and Organic Farming, for equally preposterous reasons. A cat can NOT look at a king and you WILL eat toxic food.
-FL
Re: (Score:2)
Serious Stuff (Score:2)
We have laws, you either follow them, or act to change them, or get punished through them. This is how society works.
Yeah, if you believe the brochure version, which only exists on glossy paper in the sales office.
Each of the agencies (and Dick Cheney) mentioned in the post I was responding to are guilty of numerous MASSIVE law-breakings. While Cheney certainly "worked" to change some laws (ugh), for the most part they simply ignored law altogether. And they sure as heck haven't been punished. "Society"
Re: (Score:1, Offtopic)
Won't anybody think of the pizzas?
I do... way too much... Thinking about a turkey & stuffing pizza right now.
Oh, and maybe a ham, pineapple and jalapeno pizza too.
Can't stop the signal (Score:5, Informative)
Everything goes somewhere, and I go everywhere.
Once something is leaked you can take down all the websites you want, but you won't stop P2P Sharing.
Re: (Score:2, Insightful)
Unfortunately, the mods didn't get the "Firefly" reference the OP made - Can't stop the signal ... etc..
Ah, pop culture references.
Re: (Score:3, Insightful)
Just put it on a server outside of the USA. Then at least you won't have an issue with DMCA notices.
Re: (Score:1)
In this case, it doesn't matter where the website is hosted, since the domain is registered with a US-based registrar, they can always send DMCA notices to the US-based registrar to ask them to "remove the domain name"
Gotta insulate DNS first.
If DNS is protected from takedown, you can have servers all over the world ready to step in with a simple records change.
If not, they just gotta take down DNS, and then it doesn't matter where you put the server, you have to get a new name.....
Re: (Score:2)
??? We do have other DNS servers out here and your government can only try to stop you guys in the US from using them. If a site is removed from your DNS it will still remain on ours and if you change your settings to use our DNS servers you will still be able to access whatever you want.
Re: (Score:1)
It doesn't matter where their DNS servers are.
If their domain is registered with (network solutions) as it is, only Network Solutions holds the auth codes for the domain.
A court can order network solutions to establish a REGISTRAR-LOCK and freeze the domain, i.e. use the ordinary technical means available, to block any transfer attempt.
And then remove delegations to the DNS servers.
In this manner, it doesn't matter where their DNS servers themselves are located, once they are no longer authoritati
Re: (Score:2)
I am sure that you believe this but do you really think that those of in the rest of the world would really put up with that? If the US closed a European, Russian or Chinese site for something that is illegal in the US but not in Europe, Russia or China you would break the internet. It is stupid. We have lots of sites that openly provide films, music etc. to those that can read russian without a care for your laws. The Mafiaa would love to stop this but it is outside your control.
Re: (Score:1)
Then they should register their domains through a russian domain registrar that is outside the US jurisdiction, or through their .RU ccTLD.
Because Network Solutions is a US-based competitive registrar, which has to obey any lawful order made by a US court, under penalty of contempt, and has to obey DMCA notices from companies like Microsoft or risk liability.
Registrars are not immune, and the only reason they haven't frozen DNS for the domain is they weren't ordered to, and Microsoft may not have req
Re: (Score:2)
We are at cross purposes as I meant using different different tlds. .su is popular with the real rebels now and they allow cyrillic. ICANN have been trying to close .su for a long time but if it comes to a fight they know that it will just strengthen the alternatives.
Re: (Score:2)
Once something is leaked you can take down all the websites you want, but you won't stop P2P Sharing.
Indeed, it has already shown up on the anonymous I2P network.
Too little, too late? (Score:5, Insightful)
I suspect that anyone who wanted it has already downloaded a copy by now.
Re:Too little, too late? (Score:5, Funny)
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
Is the installer broken?
Extracted rar>zip>rar>phase folder. All looks ok but installer comes up with 'parameter incorrect' error.
I can relate. (Score:5, Interesting)
"... Microsoft contacted Network Solutions, which hosts Cryptome, and since John Young, the owner of the website, wasn't too keen on losing his whole website for the sake of a single 15MB file, he removed the download link and sent Network Solutions a notice of compliance."
I can relate to this. Around 2002 I received notice over a few files that a website had on one of my servers. I talked it over with the individual (owner) and he agreed it wasn't worth the effort and removed them. Everyone was happy.
I know /. regularly crucifies people who comply with these notices as wimps, corporate sellouts, etc, but when someone has to put food on the table, and really does not care about the content more than their own livelihood, then there really is no issue. This is why we have wikileaks, etc, so that individuals do not have to bear the brunt of responsibility for hosting these leaked files or other sensitive info.
In the case of COFEE, it was a 'stealing software' issue, and not a 'this is my right to leak this program' issue. Or maybe it is...maybe some reverse engineers can find out COFEE is putting innocent people beind bars?
Re: (Score:3, Insightful)
It won't matter anyhow, Microsoft just ignorantly invoked the Streisand effect.
Note to everyone out there faced with a "leak": The best thing to do is NOTHING. By trying to have something removed, it will only be spread more widely.
If Microsoft had simply ignored the incident, Cryptome would have hosted it and the vast majority of people would have never even heard of COFEE. Now, tons of people are downloading it just BECAUSE of the reports of their takedown campaign.
Re: (Score:2, Interesting)
Maybe.
> Note to everyone out there faced with a "leak": The best thing to do is NOTHING.
That depends on your goal.
> By trying to have something removed, it will only be spread more widely.
True.
> If Microsoft had simply ignored the incident, Cryptome would have hosted
> it and the vast majority of people would have never even heard of COFEE.
Also true.
> Now, tons of people are downloading it just BECAUSE
> of t
Re: (Score:2)
Re: (Score:3)
I've seen several C&D's (Cease and Desist) in my time. Most were for copyrighted photos, where someone had copied them without permission and used them. Depending on the offense and the usage, they were treated from removing the offending pictures, to removing the whole site. The whole site treatment was only if (and only if) they constituted the entire site. The customer was always notified, which kept everyone out of legal trouble.
As much as we may not like the topic
Will this henceforth be known... (Score:5, Funny)
...as the hot COFEE incident?
Re: (Score:2)
No. What's hot about it?
Re: (Score:2, Funny)
Mod parent DOWN -1, clueless.
Still available on TPB.... (Score:5, Informative)
http://thepiratebay.org/torrent/5156601 [thepiratebay.org]
Links Still Live (Score:2, Funny)
Funny story, just visited cryptome and the files are still downloadable.
Re:Links Still Live (Score:5, Informative)
Check the file contents. The only thing in the zip file is the takedown notice.
Re: (Score:2)
Not in the torrent, but I can't seem to connect with any peers.
Sir, please place your hands behind your head and step away from the keyboard.
Takedown notice... (Score:5, Insightful)
but did he give it back (Score:2, Funny)
But did he email his copy back to Microsoft?
Re: (Score:3, Funny)
But did he email his copy back to Microsoft?
No, but he did send them a drawing of a spider.
Want... (Score:2, Funny)
Re: (Score:3, Insightful)
That's why most people are going to grab it.
1) They don't want you to have it.
2) They are making a big deal about it.
3) (the lesser reason) To see what MS is giving up to LEO.
Available on Freenet (Score:2, Informative)
COFEE is available on Freenet, as are most things like this.
Freenet is very usable at the moment. Speeds are pretty good considering the constraints of encryption and anonymity, and there is a lot of filesharing going on.
Re:Available on Freenet (Score:4, Insightful)
Freenet and other anonymous forwarder schemes arent's secure, unless you already can trust any and all of the nodes you connect directly to. And if you can trust them, you might as well use a network share -- it's much faster.
Why it isn't safe? Funneling. The easiest imaginable (but far from most efficient) version is a cluster of N nodes, where N equals the maximum number of jumps a packet can take, the internal max TTL of the protocol used. The nodes are firewalled in a chain, so that only one end of the chain is open from the outside, and only the other end of the chain can send requests out to the internet. Then those who run the nodes know that any traffic that makes it through to the end of the chain must be from directly connected hosts. It doesn't matter if the TTL is randomized and encrypted in an onion layer; as long as there is a max, even if only one out of a million packets make it to the endpoint host, for all the traffic that does make it, they know the source and the destination.
The problem is that with a design where the next hop gets to choose its next hop, you can't prevent someone from creating funnels where traffic can't go to other nodes, only to other malicious hosts or the outside.
Another problem is if you have a single pipe. Then it's dead easy to sit at your ISP and drop the pipe to you intermittently. When there are outgoing requests when the pipe to you is down, the snoops know that the traffic originates from you. And again, with a funnel, they can find out where the traffic is going. Do they know what the traffic is? Well, they may be the ones that host the materials you try to access, in which case, yes, they do.
And yes, a large portion of the so-called darknets are run by law enforcement agencies and institutions working closely with them. Letting a thousand people getting away with downloading pipe bomb recipes, child porn and sedition against king Dumbledore is apparently acceptable if they can nab one every now and then, and thus justify their own existence.
Re: (Score:2)
You (through a nice friendly interface) get it to generate a Pri/Pub key pair. Then the public key is used to both encrypt traffic that is for you AND to id your node on the network. You then send your public key to your trusted friends out-of-band (OOB) e.g. by having a button that exports the key and your current internet-facing IP (grab it automatically from whats-my-ip.com or suchlike) in a way that's dead easy to paste in
Re: (Score:1)
It sounds like you aren't very familiar with how Freenet works. There is no "outside" in Freenet - everything is internal. It's not like Tor where you have content hosted in a specific place and Tor just handles the transport - Freenet hosts all the content too.
A file in Freenet won't be stored in one place, it is split into chunks of 32kB and those will be stored all over Freenet, usually highly redundantly.
Freenet is designed so that even if a large minority of nodes are compromised by law enforcement or
I'm seeding it now (Score:1)
All versions I could find. Search TPB. And I'm not going to stop.