Mail In Black

Posted on January 15, 2013 by eric

Mail in Black is the name of a French company that provides an interesting anti-spam solution. Their idea is simple. Spam is generated by robots. Thus, if you filter out every communication issued by robots, than you would get rid of spams. How to detect a robot? Apply a Turing test.

How does it work:

You define an initial white list of email addresses or domains.
When MailInBlack receives an email, it checks whether the emitter is part of the white list. If it is the case, then the mail is forwarded to you.
If the emitter is not in the white list, MailInBlack returns, on your behalf, a captcha challenge (for instance, type the orange text).

MIBNuageMots

If the challenge is successful, then it forwards the message and automatically adds the recipient to the white list.
Else the message is quarantined and the emitter is added to a black list.
Of course, if you rescue a message from the quarantine, then the emitter moves to the white list.

According to me, there are some potential hiccups:

You may loose messages from automatic systems that are legitimate to receive (and there are many legitimate). Therefore, the initial building of the white list is important.
Some surprised emitters may believe that the challenge is actually a spam or worse, a malware. This is mitigated as they just sent you a message an d “you” ask the challenge.
If they are successful, how long will it take before we will we the first malware spam mimicking a MailInBlack challenge but with a malicious site?

Nevertheless, an interesting approach to anti-spam.

DDos as a form of free speech

Posted on January 14, 2013 by eric

Dykan K. (from Eage, Wisconsin) stared on January 7 an online petition to ask the Obama administration that

Make, distributed denial-of-service (DDoS), a legal form of protesting.

With the advance in internet techonology, comes new grounds for protesting. Distributed denial-of-service (DDoS), is not any form of hacking in any way. It is the equivalent of repeatedly hitting the refresh button on a webpage. It is, in that way, no different than any “occupy” protest. Instead of a group of people standing outside a building to occupy the area, they are having their computer occupy a website to slow (or deny) service of that particular website for a short time.

Many newspaper claim it is issued by Anonymous. Nevertheless, I was not able to find a related tweet issued by @AnonNews (if somebody spotted it, please send me the pointer).

Is it a legitimate demand? Obviously, some DDos actions were used to protest against authorities, resented actions… For instance, when MegaUpload was closed, Anonymous organized such attack (see http://eric-diehl.com/megaupload-is-down/). Nevertheless, DDos is also used for black mailing or just simple malevolence. Therefore, we can foresee the answer of the Obama administration. To receive an official answer, the petition must score more than 25,000 signatures in one month. At writing time, it was at 4,255.

Update 16-jan: Since Tuesday, the White House has raised the threshold from 25,000 signatures up to 100,000 signatures. At writing time, it was at 4,855. Of course, this rising is not correlated to this petition (rather to secessionist petitions)

CORAL consortium is dissolved

Posted on January 3, 2013 by eric

In October 2004, Intertrust, Philips, Matsushita, Samsung, Sony, and Twentieth Century Fox Film Corporation founded the CORAL consortium. Many companies joined it. It was an initiative to specify an interoperable framework for DRM. The first set of specifications was published in November 2005, and the final set in October 2007.

The actual deployment of the Coral framework is extremely limited. Nevertheless, CORAL framework has been one of the initial contributions to DECE which defines UltraViolet.

On December 13, 2012, the CORAL organization has been dissolved. The web site, http://www.coral-interop.org/, will stay online until April 1, 2013.

How BitTorrent is monitored…

Posted on December 5, 2012 by eric

In a recent study, CHOTIA Tom et al., four researchers from the University of Birmingham, attempted to check whether BitTorrent was monitored, how it was, and by whom. They studied the two types of monitoring:

Indirect monitoring where the copyright infringement agency does not participate to the transaction and just collects clues with not extremely convincing evidence
Direct monitoring where the agency is part of the transaction. in that case, the evidence is better.

For the first type of monitoring, they used six heuristics (5 that they collected from the literature and one that they created). The conclusion is clear: many agencies are scouting the swarms. Funnily, they spotted the French INRIA team who was making a similar study. ( see Identifying providers and downloader in bittorrent). Without surprise, this part of the study was conclusive.

For direct monitoring, they tried other heuristics such as checking whether the reported completion progresses or is consistent, or the duration of connection. Once more, they detected monitoring activity.

The study presents also several interesting (but not surprising) conclusions:

The most popular pieces of content are far more monitored than less popular. This is logic as monitoring as a cost and who would pay for the long tail?
When sharing a popular piece of content, the likelihood to be monitored within three hours is high.
The block lists of supposed monitors (which are available for most popular clients) are not complete.

The definition of the heuristics is interesting. It gives a good hint to the agencies on what they should do to become stealthier.

Twitter and DMCA

Posted on November 29, 2012 by eric

As Google with its transparency program, Twitter is also offering a better transparency when removing twitters following a DMCA notification. Previously, the infringing tweet was removed without any explanation. For a month, Twitter has changed its policy. In case that Twitter decides it is legitimate to takedown a tweet, the following process is applied:

The affected user is notified once the tweet is removed
The affected user received the complaint as well as the procedure to file a counter-notice
A copy is sent to Chilling Effects; Chilling effects is a project from EFF and many US universities (Harvard, Stanford, Berkeley…) that collects all the Cease & Desist (C&D) in the World
The with held tweet is clearly marked

Since 2010, Twitter became a convenient vector for distributing pointers to shared infringing content. Soon, content owners emitted C&D.

Like Google, Twitter tries to find a tradeoff between the content owners and their users. Transparency is probably a good solution.

Google: explosion in the number of takedown URL

Posted on November 19, 2012 by eric

Every semester, Google publishes its biannual transparency report. This semester, the focus was on the increase of the number of user data requests issued by government agencies. The press communicated a lot on this topic.

I prefer to analyze the URL removal requests. They are requested by content owners and governments. The picture displays the URLs requested to be removed from Search per week. It clearly highlights an explosion on the number of requests in the last month. Compare with the same snapshot captured on September 3.

The top organisms requesting removals were Degban (a company specialized in multimedia copyright protection), RIAA and BPI (British Recorded music Industry). The top copyright owners concerned by the takedown URLs were RIAA, Froytal Services Ltd (a porn producer!) and BPI. The affected domains were mainly a search engine for cyber lockers and of course torrent sites (the iconic Pirate Bay was not among the top sites!)

The blog of content protection

A site managed by Eric Diehl