Search n00bz.net
Saturday
Apr072012

Kid Safe Web Terminal?

Somehow I doubt it! I see this stuff all over town. Every place that is for kids has a computer. I wonder if they are all on the same botnet!

Wednesday
Feb222012

Goot Root?

Why is Linux safer than Windows? Because linux-tpreter hasn't been updated.  That is always a favorite joke I hear among the community.  Today with the update of Metasploit 4.2, I saw a module that I had always ment to check out.  Post Sudo Upgrade on a shell.

Thanks to this module by todb, post/multi/manage/sudo, getting privledge escalation on an Ubuntu host with point, click, pwn!

 

Goot Root? 

 

Yup!

Tuesday
Jan172012

Stop Online Piracy Act- From Wikipedia

 

Tomorrow, January 18th 2012 Wikipedia is going dark in protest of SOPA or the Stop Online Privacy Act.  Here is a snapshot of the Wikipedia page since many people tomorrow will be wondering what is this SOPA thing and Wikipedia will be offline!

I did not receive Wikipedia's permission so I guess this could be a violation of SOPA.  Anyone who links to this page would be in violation as well!  Damn it feels good to be a gangsta!

 

 

Stop Online Piracy Act

Great Seal of the United States.
Full title "To promote prosperity, creativity, entrepreneurship, and innovation by combating the theft of U.S. property, and for other purposes." —H.R. 3261[1]
Acronym SOPA
Colloquial name(s) House Bill 3261

 

 

The Stop Online Piracy Act (SOPA), also known as House Bill 3261 or H.R. 3261, is a bill that was introduced in the United States House of Representatives on October 26, 2011, by House Judiciary Committee Chair Representative Lamar Smith (R-TX) and a bipartisan group of 12 initial co-sponsors. The bill, if made law, would expand the ability of U.S. law enforcement and copyright holders to fight online trafficking in copyrighted intellectual property and counterfeit goods.[2] Presented to the House Judiciary Committee, it builds on the similar PRO-IP Act of 2008 and the corresponding Senate bill, the PROTECT IP Act.[3]

The originally proposed bill would allow the U.S. Department of Justice, as well as copyright holders, to seek court orders against websites accused of enabling or facilitating copyright infringement. Depending on who makes the request, the court order could include barring online advertising networks and payment facilitators from doing business with the allegedly infringing website, barring search engines from linking to such sites, and requiring Internet service providers to block access to such sites. The bill would make unauthorized streaming of copyrighted content a crime, with a maximum penalty of five years in prison for ten such infringements within six months. The bill also gives immunity to Internet services that voluntarily take action against websites dedicated to infringement, while making liable for damages any copyright holder who knowingly misrepresents that a website is dedicated to infringement.[4]

Proponents of the bill say it protects the intellectual property market and corresponding industry, jobs and revenue, and is necessary to bolster enforcement of copyright laws, especially against foreign websites.[5] They cite examples such as Google's $500 million settlement with the Department of Justice for its role in a scheme to target U.S. consumers with ads to illegally import prescription drugs from Canadian pharmacies.[6]

Opponents say that it violates the First Amendment,[7] is Internet censorship,[8] will cripple the Internet,[9] and will threaten whistle-blowing and other free speech actions.[7][10] Opponents have initiated a number of protest actions, including petition drives, boycotts of companies that support the legislation, and planned service blackouts by major Internet companies scheduled to coincide with the next Congressional hearing on the matter.

The House Judiciary Committee held hearings on November 16 and December 15, 2011. The Committee was scheduled to continue debate in January 2012.[11]

Contents

The bill would authorize the U.S. Department of Justice to seek court orders against websites outside U.S. jurisdiction accused of infringing on copyrights, or of enabling or facilitating copyright infringement.[4] After delivering a court order, the U.S. Attorney General could require US-directed Internet service providers, ad networks, and payment processors to suspend doing business with sites found to infringe on federal criminal intellectual property laws. The Attorney General could also bar search engines from displaying links to the sites.[12]

The bill also establishes a two-step process for intellectual property rights holders to seek relief if they have been harmed by a site dedicated to infringement. The rights holder must first notify, in writing, related payment facilitators and ad networks of the identity of the website, who, in turn, must then forward that notification and suspend services to that identified website, unless that site provides a counter notification explaining how it is not in violation. The rights holder can then sue for limited injunctive relief against the site operator, if such a counter notification is provided, or if the payment or advertising services fail to suspend service in the absence of a counter notification.[12]

The bill provides immunity from liability to the ad and payment networks that comply with this Act or that take voluntary action to cut ties to such sites. Any copyright holder who knowingly misrepresents that a website is dedicated to infringement would be liable for damages.[4] The second section increases the penalties for streaming video and for selling counterfeit drugs, military materials or consumer goods. The bill would increase the penalties for unauthorized streaming of copyrighted content[for uploaders, downloaders, or hosts? clarification needed] and other intellectual property offenses.[12]

At the end of October co-sponsor Representative Bob Goodlatte (R-VA), chairman of the House Judiciary Committee's Intellectual Property sub-panel, told The Hill that SOPA is a rewrite of the Senate's bill that addresses some tech industry concerns, noting that under the House version of the legislation copyright holders won't be able to directly sue intermediaries like search engines to block infringing websites and would instead need a court's approval before taking action against third parties.[13]

Goals

Protecting intellectual property of content creators

According to Rep. Goodlatte, "Intellectual property is one of America's chief job creators and competitive advantages in the global marketplace, yet American inventors, authors, and entrepreneurs have been forced to stand by and watch as their works are stolen by foreign infringers beyond the reach of current U.S. laws. This legislation will update the laws to ensure that the economic incentives our Framers enshrined in the Constitution over 220 years ago—to encourage new writings, research, products and services— remain effective in the 21st century's global marketplace, which will create more American jobs."[14]

Rights-holders see intermediaries—the companies who host, link to, and provide e-commerce around the content—as the only accessible defendants.[15]

Sponsor Rep. John Conyers (D-MI) said, "Millions of American jobs hang in the balance, and our efforts to protect America's intellectual property are critical to our economy's long-term success."[14] Smith added, "The Stop Online Piracy Act helps stop the flow of revenue to rogue websites and ensures that the profits from American innovations go to American innovators."[14]

The Motion Picture Association of America (MPAA) representative who testified before the committee said that the motion picture and film industry supported two million jobs and 95,000 small businesses.[16]

Protection against counterfeit drugs

Pfizer spokesman John Clark testified that patients could not always detect cleverly forged websites selling drugs that were either mis-branded or simply counterfeit.[17]

RxRights, a consumer advocacy group, issued a statement saying that Clark failed "to acknowledge that there are Canadian and other international pharmacies that do disclose where they are located, require a valid doctor's prescription and sell safe, brand-name medications produced by the same leading manufacturers as prescription medications sold in the U.S."[18] They had earlier said that SOPA "fails to distinguish between counterfeit and genuine pharmacies" and would prevent American patients from ordering their medications from Canadian pharmacies online.[19]

Bill sponsor Smith accused Google of obstructing the bill, citing its $500 million settlement with the DOJ on charges that it allowed ads from Canadian pharmacies, leading to illegal imports of prescription drugs.[6] Shipment of prescription drugs from foreign pharmacies to customers in the US typically violates the Federal Food, Drug and Cosmetic Act and the Controlled Substances Act.[20]

Impact on online freedom of speech

On TIME's Techland blog, Jerry Brito wrote, "Imagine if the U.K. created a blacklist of American newspapers that its courts found violated celebrities' privacy? Or what if France blocked American sites it believed contained hate speech?"[21] Similarly, the Center for Democracy and Technology warned, "If SOPA and PIPA are enacted, the US government must be prepared for other governments to follow suit, in service to whatever social policies they believe are important—whether restricting hate speech, insults to public officials, or political dissent."[22]

Laurence H. Tribe, a Harvard University professor of constitutional law, released an open letter on the web stating that SOPA would “undermine the openness and free exchange of information at the heart of the Internet. And it would violate the First Amendment.”[7][23]

The AFL-CIO's Paul Almeida, arguing in favor of SOPA, has stated that free speech was not a relevant consideration, because "Freedom of speech is not the same as lawlessness on the Internet. There is no inconsistency between protecting an open Internet and safeguarding intellectual property. Protecting intellectual property is not the same as censorship; the First Amendment does not protect stealing goods off trucks."[24]

Autocratic countries

According to the Electronic Frontier Foundation, proxy servers, such as those used during the Arab Spring, can also be used to thwart copyright enforcement and therefore may be outlawed by the act.[25]

John Palfrey, co-director of the Berkman Center for Internet & Society, expressed disagreement with the use of his research findings to support SOPA. He wrote that "SOPA would make many [DNS] circumvention tools illegal", which could put "dissident communities" in autocratic countries "at much greater risk than they already are". He added, "The single biggest funder of circumvention tools has been and remains the U.S. government, precisely because of the role the tools play in online activism. It would be highly counter-productive for the U.S. government to both fund and outlaw the same set of tools.[26]

Marvin Ammori has stated the bill might make The Tor Project illegal. Funded by the State Department the Tor Project creates encryption technology used by dissidents in repressive regimes (that consequently outlaw it). Ammori says that the US Supreme Court case of Lamont v. Postmaster General 381 U.S. 301 (1965) makes it clear that Americans have the First Amendment right to read and listen to such foreign dissident free speech, even if those foreigners themselves lack an equivalent free speech right (for example under their constitution or through Optional Protocols under the United Nations International Covenant on Civil and Political Rights).[27]

Impact on websites

Websites that host user content

Opponents have warned that SOPA would have a negative impact on online communities. Journalist Rebecca MacKinnon argued in an op-ed that making companies liable for users' actions could have a chilling effect on user-generated sites such as YouTube. "The intention is not the same as China’s Great Firewall, a nationwide system of Web censorship, but the practical effect could be similar", she says.[28] The Electronic Freedom Foundation (EFF) warned that websites Etsy, Flickr and Vimeo all seemed likely to shut down if the bill becomes law.[29] Policy analysts for New America Foundation say this legislation would enable law enforcement to take down an entire domain due to something posted on a single blog, arguing, "an entire largely innocent online community could be punished for the actions of a tiny minority."[30]

Additional concerns include the impact on common Internet functions such as linking or access data from the cloud. EFF claimed the bill would ban linking to sites deemed offending, even in search results[31] and on services such as Twitter.[32] Christian Dawson, Chief Operating Officer (COO) of Virginia-based hosting company ServInt, predicted that the legislation would lead to many cloud computing and Web hosting services moving out of the US to avoid lawsuits.[33] The Electronic Frontier Foundation have stated that the requirement that any site must self-police user generated content would impose significant liability costs and explains "why venture capitalists have said en masse they won’t invest in online startups if PIPA and SOPA pass."[34]

Proponents of the bill countered these claims, arguing that filtering is already common. Michael O'Leary of the MPAA testified on November 16 that the act's effect on business would be more minimal, noting that at least 16 countries already block websites, and that the Internet still functions in those countries.[35] MPAA Chairman Chris Dodd noted that Google figured out how to block sites when China requested it.[36] Some ISPs in Denmark, Finland, Ireland and Italy blocked The Pirate Bay after courts ruled in favor of music and film industry litigation, and a coalition of film and record companies has threatened to sue British Telecom if it does not follow suit.[37] Maria Pallante of the US Copyright Office said that Congress has updated the Copyright Act before and should again, or "the U.S. copyright system will ultimately fail." Asked for clarification, she said that the US currently lacks jurisdiction over websites in other countries.[35]

Weakening of "safe harbor" protections

The 1998 Digital Millennium Copyright Act (DMCA) includes the Online Copyright Infringement Liability Limitation Act, that provides a "safe harbor" for websites that host content. Under that provision, copyright owners who felt that a site was hosting infringing content are required to request the site to remove the infringing material within a certain amount of time.[38][39][40] SOPA would bypass this "safe harbor" provision by placing the responsibility for detecting and policing infringement onto the site itself, and allowing judges to block access to websites "dedicated to theft of U.S. property."[41]

According to critics of the bill such as the Center for Democracy and Technology and the Electronic Frontier Foundation, the bill's wording is vague enough that a single complaint about a site could be enough to block it, with the burden of proof resting on the site. A provision in the bill states that any site would be blocked that "is taking, or has taken deliberate actions to avoid confirming a high probability of the use of the U.S.-directed site to carry out acts that constitute a violation." Critics have read this to mean that a site must actively monitor its content and identify violations to avoid blocking, rather than relying on others to notify it of such violations.[29][42]

Law professor Jason Mazzone wrote, "Damages are also not available to the site owner unless a claimant 'knowingly materially' misrepresented that the law covers the targeted site, a difficult legal test to meet. The owner of the site can issue a counter-notice to restore payment processing and advertising but services need not comply with the counter-notice".[43]

Goodlatte stated, "We're open to working with them on language to narrow [the bill's provisions], but I think it is unrealistic to think we're going to continue to rely on the DMCA notice-and-takedown provision. Anybody who is involved in providing services on the Internet would be expected to do some things. But we are very open to tweaking the language to ensure we don't impose extraordinary burdens on legitimate companies as long as they aren't the primary purveyors [of pirated content]".[44][45]

O'Leary submitted written testimony in favor of the bill that expressed guarded support of current DMCA provisions. "Where these sites are legitimate and make good faith efforts to respond to our requests, this model works with varying degrees of effectiveness," O'Leary wrote. "It does not, however, always work quickly, and it is not perfect, but it works."[16]

Web-related businesses

An analysis in the information technology magazine eWeek stated, "The language of SOPA is so broad, the rules so unconnected to the reality of Internet technology and the penalties so disconnected from the alleged crimes that this bill could effectively kill e-commerce or even normal Internet use. The bill also has grave implications for existing U.S., foreign and international laws and is sure to spend decades in court challenges."[46]

Art Bordsky of advocacy group Public Knowledge similarly stated, "The definitions written in the bill are so broad that any US consumer who uses a website overseas immediately gives the US jurisdiction the power to potentially take action against it."[47]

On October 28, 2011, the EFF called the bill a "massive piece of job-killing Internet regulation," and said, "This bill cannot be fixed; it must be killed."[48]

Gary Shapiro, CEO of the Consumer Electronics Association, spoke out strongly against the bill, stating, "The bill attempts a radical restructuring of the laws governing the Internet," and that "It would undo the legal safe harbors that have allowed a world-leading Internet industry to flourish over the last decade. It would expose legitimate American businesses and innovators to broad and open-ended liability. The result will be more lawsuits, decreased venture capital investment, and fewer new jobs."[49]

Lukas Biewald, founder of CrowdFlower, stated, "It'll have a stifling effect on venture capital... No one would invest because of the legal liability."[50]

Booz & Company on November 16 published a Google-funded study finding that almost all of the 200 venture capitalists and angel investors interviewed would stop funding digital media intermediaries if the bill became law. More than 80 percent said they would rather invest in a risky, weak economy with the current laws than a strong economy with the proposed law in effect. If legal ambiguities were removed and good faith provisions in place, investing would increase by nearly 115 percent.[51]

As reported by David Carr of The New York Times in an article critical of SOPA and PIPA, Google, Facebook, Twitter and other companies sent a joint letter to Congress, stating "We support the bills’ stated goals – providing additional enforcement tools to combat foreign ‘rogue’ Web sites that are dedicated to copyright infringement or counterfeiting. However, the bills as drafted would expose law-abiding U.S. Internet and technology companies to new uncertain liabilities, private rights of action and technology mandates that would require monitoring of Web sites.”[23][52] Smith responded, saying, the article "unfairly criticizes the Stop Online Piracy Act", and, "does not point to any language in the bill to back up the claims. SOPA targets only foreign Web sites that are primarily dedicated to illegal and infringing activity. Domestic Web sites, like blogs, are not covered by this legislation." Smith also said that Carr incorrectly framed the debate as between the entertainment industry and high-tech companies, noting support by more than "120 groups and associations across diverse industries, including the United States Chamber of Commerce".[53]

Users uploading illegal content

Lateef Mtima, director of the Institute for Intellectual Property and Social Justice at Howard University School of Law, expressed concern that users who upload copyrighted content to sites could potentially be held criminally liable themselves, saying, "Perhaps the most dangerous aspect of the bill is that the conduct it would criminalize is so poorly defined. While on its face the bill seems to attempt to distinguish between commercial and non-commercial conduct, purportedly criminalizing the former and permitting the latter, in actuality the bill not only fails to accomplish this but, because of its lack of concrete definitions, it potentially criminalizes conduct that is currently permitted under the law."[54]

An aide to Rep. Smith said, "This bill does not make it a felony for a person to post a video on YouTube of their children singing to a copyrighted song. The bill specifically targets websites dedicated to illegal or infringing activity. Sites that host user content—like YouTube, Facebook, and Twitter—have nothing to be concerned about under this legislation".[54]

In January 2012, bloggers claimed that Smith's own website had apparently used a copyright protected image without attributing it to the photographer who took it, with Time noting, "It doesn’t seem like a huge violation, but that’s the point; if SOPA passes, who knows how minor infractions like this will be handled."[55][56]

Internal networks

A paper by the Center for Democracy and Technology claimed that the bill "targets an entire website even if only a small portion hosts or links to some infringing content."[39]

According to A. M. Reilly of Industry Leaders Magazine, under SOPA, culpability for distributing copyright material is extended to those who aid the initial poster of the material. For companies that use virtual private networks (VPN) to create a network that appears to be internal but is spread across various offices and employees' homes, any of these offsite locations that initiate sharing of copyright material could put the entire VPN and hosting company at risk of violation.[57]

Answering similar criticism in a CNET editorial, Recording Industry Association of America (RIAA) head Cary Sherman wrote, "Actually, it's quite the opposite. By focusing on specific sites rather than entire domains, action can be targeted against only the illegal subdomain or Internet protocol address rather than taking action against the entire domain."[58]

Impact on web-browsing software

The Electronic Frontier Foundation expressed concern that free and open source software (FLOSS) projects found to be aiding online piracy could experience serious problems under SOPA.[59] Of special concern was the web browser Firefox,[25] which has an optional extension, MAFIAAFire Redirector, that redirects users to a new location for domains that were seized by the U.S. government.[60] In May 2011, Mozilla refused a request by the Department of Homeland Security to remove MAFIAAFire from its website, questioning whether the software had ever been declared illegal.[61][62]

Potential effectiveness

Edward J. Black, president and CEO of the Computer & Communication Industry Association, wrote in the Huffington Post that "Ironically, it would do little to stop actual pirate websites, which could simply reappear hours later under a different name, if their numeric web addresses aren't public even sooner. Anyone who knows or has that web address would still be able to reach the offending website."[63]

An editorial in the San Jose Mercury-News stated, "Imagine the resources required to parse through the millions of Google and Facebook offerings every day looking for pirates who, if found, can just toss up another site in no time."[64]

John Palfrey of the Berkman Center for Internet & Society commented, "DNS filtering is by necessity either overbroad or underbroad; it either blocks too much or too little. Content on the Internet changes its place and nature rapidly, and DNS filtering is ineffective when it comes to keeping up with it."[26]

Technical issues

Deep-packet inspection and privacy

According to Markham Erickson, head of NetCoalition, which opposes SOPA, the section of the bill that would allow judges to order internet service providers to block access to infringing websites to customers located in the United States would also allow the checking of those customers' IP address, a method known as IP blocking. Erickson has expressed concerns that such an order might require those providers to engage in "deep packet inspection", which involves analyzing all of the content being transmitted to and from the user, raising new privacy concerns.[65][66]

Policy analysts for New America Foundation say this legislation would "instigate a data obfuscation arms race" whereby by increasingly invasive practices would be required to monitor users' web traffic resulting in a "counterproductive cat-and-mouse game of censorship and circumvention would drive savvy scofflaws to darknets while increasing surveillance of less technically proficient Internet users."[30]

Domain Name System

The Domain Name System (DNS) servers, most often equated with a telephone directory, translate browser requests for domain names into the IP address assigned to that computer or network. The original bill requires these servers to stop referring requests for infringing domains to their assigned IP addresses. DNS is robust by design against failure and requires that a lack of response is met by inquiries to other DNS servers.[67]

Andrew Lee, CEO of ESET North America, objected that since the bill would require internet service providers to filter DNS queries for the sites, this would undermine the integrity of the Domain Name System.[68]

According to David Ulevitch, the San Francisco-based head of OpenDNS, the passage of SOPA could cause Americans to switch to DNS providers located in other countries who offer encrypted links, and may cause U.S. providers, such as OpenDNS itself, to move to other countries, such as the Cayman Islands.[69]

In November 2011, an anonymous top-level domain, .bit, was launched outside of ICANN control, as a response to the perceived threat from SOPA, although its effectiveness (as well as the effectiveness of other alternative DNS roots) remains unknown.[70]

On January 12, 2012, Sen. Patrick Leahy (D-VT), Chairman of the Senate Judiciary Committee overseeing PIPA,[71][72] and House sponsor Lamar Smith announced[73] that provisions related to DNS redirection would be pulled from their respective bills.[74][75]

Internet security

A white paper by several internet security experts, including Steve Crocker and Dan Kaminsky, wrote, "From an operational standpoint, a resolution failure from a nameserver subject to a court order and from a hacked nameserver would be indistinguishable. Users running secure applications have a need to distinguish between policy-based failures and failures caused, for example, by the presence of an attack or a hostile network, or else downgrade attacks would likely be prolific."[76]

Domain Name System Security Extensions

Stewart Baker, former first Assistant Secretary for Policy at the Department of Homeland Security and former General Counsel of the National Security Agency, stated that SOPA would do "great damage to Internet security"[67] by undermining Domain Name System Security Extensions (DNSSEC), a proposed security upgrade for DNS, since a browser must treat all redirects the same, and must continue to search until it finds a DNS server (possibly overseas) providing untampered results.[67] On December 14, 2011 he wrote that SOPA was "badly in need of a knockout punch" due to its impact on security and DNS:[67]

from the [Attorney General]’s point of view, the browser’s efforts to find an authoritative DNS server will look like a deliberate effort to evade his blocking order. The latest version of SOPA will feed that view. It allows the AG to sue “any entity that knowingly and willfully provides ... a product ... designed by such entity or by another in concert with such entity for the circumvention or bypassing of” the AG’s blocking orders. It’s hard to escape the conclusion that this provision is aimed squarely at the browser companies. Browsers implementing DNSSEC will have to circumvent and bypass criminal blocking, and in the process, they will also circumvent and bypass SOPA orders.

DNSSEC is a set of protocols developed by the Internet Engineering Task Force (IETF) for ensuring internet security. A white paper by the Brookings Institution noted, "The DNS system is based on trust," adding that DNSSEC was developed to prevent malicious redirection of DNS traffic, and that "other forms of redirection will break the assurances from this security tool."[77]

On November 17, Sandia National Laboratories, a research agency of the U.S. Department of Energy, released a technical assessment of the DNS filtering provisions in the House and Senate bills, in response to Representative Zoe Lofgren's (D-CA) request. The assessment stated that the proposed DNS filtering would be unlikely to be effective, would negatively impact internet security, and would delay full implementation of DNSSEC.[78][79]

On November 18, House Cybersecurity Subcommittee chair Dan Lungren stated that he had "very serious concerns" about SOPA's impact on DNSSEC, adding, "we don't have enough information, and if this is a serious problem as was suggested by some of the technical experts that got in touch with me, we have to address it."[80]

Transparency in enforcement

Brooklyn Law School professor Jason Mazzone warned, "Much of what will happen under SOPA will occur out of the public eye and without the possibility of holding anyone accountable. For when copyright law is made and enforced privately, it is hard for the public to know the shape that the law takes and harder still to complain about its operation."[43]

Supporters

Legislators

The Stop Online Piracy Act was introduced by Representative Lamar Smith (R-TX) and was initially co-sponsored by Howard Berman (D-CA), Marsha Blackburn (R-TN), Mary Bono Mack (R-CA), Steve Chabot (R-OH), John Conyers (D-MI), Ted Deutch (D-FL), Elton Gallegly (R-CA), Bob Goodlatte (R-VA), Timothy Griffin (R-AR), Dennis A. Ross (R-FL), Adam Schiff (D-CA) and Lee Terry (R-NE). As of January 16, 2012, there were 31 sponsors.[81]

Companies and organizations

The legislation has broad support from organizations that rely on copyright, including the Motion Picture Association of America, the Recording Industry Association of America, Macmillan US, Viacom, and various other companies and unions in the cable, movie, and music industries. Supporters also include trademark-dependent companies such as Nike, L'Oréal, and Acushnet Company.[82][83]

Both the AFL-CIO and the U.S. Chamber of Commerce support H.R. 3261, and many industries have also publicly praised the legislation.

In June 2011, former Bill Clinton press secretary Mike McCurry and former George W. Bush advisor Mark McKinnon, business partners in Public Strategies, Inc., started a campaign which echoed McCurry's earlier work in the network neutrality legislative fight. McCurry represented SOPA/PIPA in Politico as a way to combat theft on-line,[84] drawing a favorable comment from the MPAA.[85] On the 15th, McCurry and Arts + Labs co-chair McKinnon sponsored the "CREATE – A Forum on Creativity, Commerce, Copyright, Counterfeiting and Policy" conference with members of Congress, artists and information-business executives.[86]

On September 22, 2011, a letter signed by over 350 businesses and organizations—including NBCUniversal, Pfizer, Ford Motor Company, Revlon, NBA, and Macmillan US—was sent to Congress encouraging the passage of the legislation.[82][83] Fightonlinetheft.com, a website of The Coalition Against Counterfeiting and Piracy (a project of the United States Chamber of Commerce Global Intellectual Property Center,[87]) cites a long list of supporters including these and the Fraternal Order of Police, the National Governors Association, the U.S. Conference of Mayors, the National Association of Attorneys General, the Better Business Bureau, and the National Consumers League.[88][89]

On November 22 the CEO of the Business Software Alliance (BSA) said, "valid and important questions have been raised about the bill". He said that definitions and remedies needed to be tightened and narrowed, but "BSA stands ready to work with Chairman Smith and his colleagues on the Judiciary Committee to resolve these issues."[90][91]

On December 22, Go Daddy, the world's largest domain name registrar, stated that it supported SOPA.[92] Go Daddy then rescinded its support, its CEO saying, "Fighting online piracy is of the utmost importance, which is why Go Daddy has been working to help craft revisions to this legislation—but we can clearly do better. It's very important that all Internet stakeholders work together on this. Getting it right is worth the wait. Go Daddy will support it when and if the Internet community supports it."[93]

In January 2012, the Entertainment Software Association announced support for SOPA.[94] Some association members expressed opposition to SOPA.[95]

Opposition

Legislators

House Minority Leader Nancy Pelosi (D-CA) expressed opposition to the bill, as well as Representatives Darrell Issa (R-CA) and presidential candidate Ron Paul (R-TX), who joined nine Democrats to sign a letter to other House members warning that the bill would cause "an explosion of innovation-killing lawsuits and litigation."[96] "Issa said the legislation is beyond repair and must be rewritten from scratch," reported The Hill.[97] Issa and Lofgren announced plans for legislation offering "a copyright enforcement process modeled after the U.S. International Trade Commission's (ITC) patent infringement investigations."[33] Politico referred to support as an "election liability" for legislators.[98] Subsequently proponents began hinting that key provisions might be deferred with opponents stating this was inadequate.[99][100]

On January 14, 2012, the Obama administration responded to a petition against the bill, stating that it would not support legislation with provisions that could lead to Internet censorship, squelching of innovation, or reduced Internet security, but encouraged "all sides to work together to pass sound legislation this year that provides prosecutors and rights holders new legal tools to combat online piracy originating beyond U.S. borders while staying true to the principles outlined above in this response."[101][102][103][104]

Companies and organizations

EFF home page with American Censorship Day banner

Opponents include Google, Yahoo!, YouTube, Facebook, Twitter, AOL, LinkedIn, eBay, Mozilla Corporation, Roblox, Reddit,[105] the Wikimedia Foundation,[106] and human rights organizations such as Reporters Without Borders,[107] the Electronic Frontier Foundation (EFF), the ACLU, and Human Rights Watch.[108]

Kaspersky Lab, a major computer security company, demonstrated its opposition to SOPA and "decided to discontinue its membership in the BSA".[109]

On December 13, 2011, Julian Sanchez of the Libertarian think tank Cato Institute came out in strong opposition to the bill saying that while the amended version "trims or softens a few of the most egregious provisions of the original proposal... the fundamental problem with SOPA has never been these details; it’s the core idea. The core idea is still to create an Internet blacklist..."[110]

The Library Copyright Alliance (including the American Library Association) objected to the broadened definition of "willful infringement" and the introduction of felony penalties for noncommercial streaming infringement, stating that these changes could encourage criminal prosecution of libraries.[111]

On November 22, Mike Masnick of Techdirt called SOPA "toxic"[99] and published a detailed criticism[112] of the ideas underlying the bill, writing that "one could argue that the entire Internet enables or facilitates infringement", and saying that a list of sites compiled by the entertainment industry included the personal site of one of their own artists, 50 Cent, and legitimate internet companies. The article questioned the effect of the bill on $2 trillion in GDP and 3.1 million jobs, with a host of consequential problems on investment, liability and innovation.[113] Paul Graham, the founder of venture capital company Y Combinator opposed the bill, and banned all SOPA-supporting companies from their "demo day" events. "If these companies are so clueless about technology that they think SOPA is a good idea," he asks, "how could they be good investors?"[114] Prominent pro-democracy movement, Avaaz.org started a petition in protest over SOPA and so far has got over 1.2 million signatures worldwide. [115]

The Center for Democracy and Technology maintains a list of SOPA and PIPA opponents consisting of the editorial boards of The New York Times, the Los Angeles Times, 34 other organizations and hundreds of prominent individuals.[116]

Zynga Game Network, creator of Facebook games Texas HoldEm Poker and FarmVille, wrote to the sponsors of both bills highlighting concerns over the effect on "the DMCA's safe harbor provisions ... [which] ... have been a cornerstone of the U.S. Technology and industry's growth and success", and opposing the bill due to its impact on "innovation and dynamism".[117]

Other

Computer scientist Vint Cerf, one of the founders of the Internet, now Google vice president, wrote to Smith, saying "Requiring search engines to delete a domain name begins a worldwide arms race of unprecedented 'censorship' of the Web," in a letter published on CNet.[118][119]

On November 18, 2011, the European Union Parliament adopted by a large majority a resolution that "stresses the need to protect the integrity of the global Internet and freedom of communication by refraining from unilateral measures to revoke IP addresses or domain names."[120][121]

On December 15, 2011, a second hearing was scheduled to amend and vote on SOPA. Many opponents remained firm even after Smith proposed a 71-page amendment to the bill to address concerns. NetCoalition, which works with Google, Twitter, eBay and Facebook, appreciated that Smith was listening, but says it nonetheless could not support the amendment. Issa stated that Smith’s amendment, "retains the fundamental flaws of its predecessor by blocking Americans' ability to access websites, imposing costly regulation on Web companies and giving Attorney General Eric Holder's Department of Justice broad new powers to police the Internet".[122]

In December 2011, film and comics writer Steve Niles spoke out against SOPA, commenting, "I know folks are scared to speak out because a lot of us work for these companies, but we have to fight. Too much is at stake."[123][124]

In January 2012, novelist, screenwriter and comics writer Peter David directed his ire at the intellectual property pirates whose activities he felt provoked the creation of SOPA. While convinced that the then-current language of SOPA would go too far in its restricting free expression, and would likely be scaled down, David argued that content pirates, such as the websites that had posted his novels online in their entirety for free downloads, as well as users who supported or took advantage of these activities, could have prevented SOPA by respecting copyright laws.[125]

Protest actions

Mozilla's SOPA protest, displayed in Firefox on November 16, 2011

On November 16, 2011, Tumblr, Mozilla, Techdirt, the Center for Democracy and Technology were among many Internet companies that protested by participating in American Censorship Day. They displayed black banners over their site logos with the words "STOP CENSORSHIP".[126]

In December 2011, Wikipedia co-founder Jimmy Wales initiated discussion with editors regarding a potential knowledge blackout, a protest inspired by a successful campaign by the Italian-language Wikipedia to block the Italian DDL intercettazioni bill, terms of which could have infringed the encyclopedia's editorial independence. Editors and others[127] mulled interrupting service for one or more days as in the Italian protest, or alternatively presenting site visitors with a blanked page directing them to further information before permitting them to complete searches.[128][129] As a result, the English-language Wikipedia will be blacked out for 24 hours on January 18.[130]

Markham Erickson, executive director of NetCoalition, told Fox News that “a number of companies have had discussions about [blacking out services]” last week[131] and discussion of the option spread to other media outlets.[132]

In January 2012, Reddit announced plans to black out its site for twelve hours on January 18, as company co-founder Alexis Ohanian announced he was going to testify to Congress. "He’s of the firm position that SOPA could potentially 'obliterate' the entire tech industry", Paul Tassi wrote in Forbes. Tassi also opined that Google and Facebook would have to join the blackout to reach a sufficiently broad audience.[133] Other prominent sites that are reported to be participating in the January 18 blackout are Cheezburger Sites,[134] Mojang,[135] Major League Gaming,[136] and Boing Boing.[137]

Wider protests have been considered and in some cases committed to by major internet sites, with high profile bodies such as Google, Facebook, Twitter, Yahoo, Amazon, AOL, Reddit, Mozilla, LinkedIn, IAC, eBay, PayPal, Wordpress and Wikimedia being widely named as "considering" or committed to an "unprecedented"[138] internet blackout on January 18, 2012.[138][139][140][141]

Legislative history

November 16 House Judiciary Committee hearing

At the House Judiciary Committee hearing, there was concern among some observers that the set of speakers who testified lacked technical expertise. Technology news site CNET reported "One by one, each witness—including a lobbyist for the Motion Picture Association of America—said they weren't qualified to discuss... DNSSEC."[80] Adam Thierer, a senior research fellow at the Mercatus Center, similarly said, "The techno-ignorance of Congress was on full display. Member after member admitted that they really didn't have any idea what impact SOPA's regulatory provisions would have on the DNS, online security, or much of anything else."[142]

Lofgren stated, “We have no technical expertise on this panel today.” She also criticized the tone of the hearing, saying, “It hasn’t generally been the policy of this committee to dismiss the views of those we are going to regulate. Impugning the motives of the critics instead of the substance is a mistake.”[143]

Lungren told Politico's Morning Tech that he had "very serious concerns" about SOPA's impact on DNSSEC, adding "we don't have enough information, and if this is a serious problem as was suggested by some of the technical experts that got in touch with me, we have to address it. I can't afford to let that go by without dealing with it."[144]

Gary Shapiro, CEO of the Consumer Electronics Association, who had wanted to testify but was not invited, stated, "The significant potential harms of this bill are reflected by the extraordinary coalition arrayed against it. Concerns about SOPA have been raised by Tea Partiers, progressives, computer scientists, human rights advocates, venture capitalists, law professors, independent musicians, and many more. Unfortunately, these voices were not heard at today's hearing."[49]

An editorial in Fortune wrote, "This is just another case of Congress doing the bidding of powerful lobbyists—in this case, Hollywood and the music industry, among others. It would be downright mundane if the legislation weren't so draconian and the rhetoric surrounding it weren't so transparently pandering."[145]

December 15 markup of the bill

Since its introduction, a number of opponents to the bill have expressed concerns. The bill was presented for markup by the House Judiciary Committee on December 15.

An aide to Smith stated that "He is open to changes but only legitimate changes. Some site[s] are totally capable of filtering illegal content, but they won’t and are instead profiting from the traffic of illegal content.”[146]

Markup outcome

After the first day of the hearing, more than 20 amendments had been rejected, including one by Issa which would have stripped provisions targeting search engines and Internet providers. PC World reported that the 22–12 vote on the amendment could foreshadow strong support for the bill by the committee.[147]

The Committee adjourned on the second day agreeing to continue debate early in 2012.[11][148] Smith announced a plan to remove the provision that requires Internet service providers to block access to certain foreign websites.[75] On January 15, 2011, Issa said he has received assurances from Rep. Eric Cantor that the bill would not come up for a vote until a consensus could be reached.[149]

January 24, related PROTECT IP Act to be voted on in Senate

Senate Majority Leader Harry Reid plans to bring the Senate's version of the legislation (the Protect IP Act or PIPA) to a vote on January 24. Reid rejected a request by six Senators for a postponement, saying "this is an issue that is too important to delay."[150]

See also

References

  1. ^ H.R.3261 – Stop Online Piracy Act; House Judiciary Committee; October 26, 2011
  2. ^ House Introduces Internet Piracy Bill; Washington Post; October 26, 2011
  3. ^ H.R. 3261, STOP ONLINE PIRACY ACT; House Judiciary Committee; October 26, 2011
  4. ^ a b c The US Stop Online Piracy Act: A Primer; PC World – Business Center; November 16, 2011
  5. ^ Beth Marlowe (November 17, 2011). "SOPA (Stop Online Piracy Act) debate: Why are Google and Facebook against it?". Washington Post. Retrieved November 17, 2011.
  6. ^ a b Eric Engleman. "House Judiciary Chairman Says Google Obstructs Piracy Bill". Bloomberg BusinessWeek. Retrieved December 19, 2011.
  7. ^ a b c Tribe, Laurence H. (December 6, 2011). "THE "STOP ONLINE PIRACY ACT" (SOPA) VIOLATES THE FIRST AMENDMENT". Scribd. Retrieved January 10, 2012.
  8. ^ Chloe Albanesius (November 16, 2011). "SOPA: Is Congress Pushing Web Censorship? | News & Opinion". PCMag.com. Retrieved November 18, 2011.
  9. ^ Chloe Albanesius (November 1, 2011). "Will Online Piracy Bill Combat 'Rogue' Web Sites or Cripple the Internet?". Retrieved December 19, 2011.
  10. ^ a b Hayley Tsukayama (December 20, 2011). "SOPA online piracy bill markup postponed". The Washington Post.
  11. ^ a b c "Bill Summary by Congressional Research Service". Thomas – Library of Congress. October 26, 2011. Archived from the original on December 19, 2011. Retrieved November 21, 2011.
  12. ^ Gautham Nagesh (October 31, 2011). "Tech groups say online piracy bill would create 'nightmare' for Web and social media firms". The Hill. Retrieved December 19, 2011.
  13. ^ a b c Press Resources; Commitee on the Judiciary; October 26, 2011
  14. ^ "Rights and Wronged". The Economist. November 26, 2011. Retrieved December 19, 2011.
  15. ^ a b Greg Sandoval (November 16, 2011). Hollywood's SOPA testimony links job loss to piracy. CNET. Retrieved December 19, 2011.
  16. ^ Testimony of John P. Clark; House Judiciary Committee Hearing; November 16, 2011; Pg. 3
  17. ^ "RxRights statement in response to House Judiciary Committee hearing on Stop Online Piracy Act (SOPA)". RxRights.org. November 16, 2011. Retrieved December 19, 2011.
  18. ^ "Stop Online Piracy Act (SOPA) Fails to Distinguish "Rogue" from "Real" International Online Pharmacies". Yahoo Finance. November 2, 2011.
  19. ^ Cade Metz (August 24, 2011). "Google settles illegal drug ad probe for $500 million". Retrieved December 19, 2011.
  20. ^ Jerry Brito (November 7, 2011). "Congress's Piracy Blacklist Plan: A Cure Worse than the Disease?". Time. Retrieved December 28, 2011.
  21. ^ Cynthia Wong (November 18, 2011). "US Piracy Law Could Threaten Human Rights". Center for Democracy and Technology. Retrieved December 19, 2011.
  22. ^ a b Carr, David (January 1, 2012). "The Danger of an Attack on Piracy Online". New York Times. Retrieved January 10, 2012.
  23. ^ Statement of Paul E. Almeida, President, DEPARTMENT FOR PROFESSIONAL EMPLOYEES, AFL-CIO; Before the Committee on the Judiciary, November 16, 2011
  24. ^ a b Peter Eckersley (November 11, 2011). "Hollywood's New War on Software Freedom and Internet Innovation". Deep Links. Electronic Frontier Foundation. Retrieved December 19, 2011.
  25. ^ a b "John Palfrey » Blog Archive » SOPA and our 2010 Circumvention Study". Blogs.law.harvard.edu. Retrieved 2012-01-17.
  26. ^ Ammori, Marvin (2011-12-14). "First Amendment & Stop Online Piracy Act’s Manager’s Amendment: Some Thoughts « Marvin Ammori". Ammori.org. Retrieved 2012-01-17.
  27. ^ Rebecca MacKinnon (November 15, 2011). "Stop the Great Firewall of America". New York Times. Retrieved November 18, 2011.
  28. ^ a b Parker Higgins (November 15, 2011). "What's On the Blacklist? Three Sites That SOPA Could Put at Risk". Deeplinks blog. Electronic Frontier Foundation. Retrieved December 19, 2011.
  29. ^ a b James Losey & Sascha Meinrath (December 8, 2011). "The Internet’s Intolerable Acts". Slate Magazine. Retrieved December 11, 2011.
  30. ^ Corynne McSherry (October 26, 2011). "Disastrous IP Legislation Is Back – And It's Worse than Ever". Electronic Frontier Foundation. Retrieved December 19, 2011.
  31. ^ Markham C. Erickson (November 1, 2011). "H.R. 3261, "Stop Online Piracy Act" ("SOPA"): Explanation of Bill and Summary of Concerns". NetCoalition. Retrieved December 19, 2011.
  32. ^ a b Grant Gross (November 15, 2011). Lawmakers seek alternative to Stop Online Piracy Act: Opponents of the legislation also complain that sponsors are railroading it through Congress. Network World. Retrieved December 19, 2011.
  33. ^ Trevor Timm 'How PIPA & SOPA Violate White House Provisions Supporting Free Speech and Innovation' Electronic Frontier Foundation. January 16, 2012 https://www.eff.org/deeplinks/2012/01/how-pipa-and-sopa-violate-white-house-principles-supporting-free-speech accessed January 15, 2012
  34. ^ a b Mike Palmetto (November 18, 2011). "Notes from the House Judiciary Committee Hearing on the Stop Online Piracy Act". Retrieved December 19, 2011.
  35. ^ Ted Johnson (December 8, 2011). "Dodd slams Google over legislation". Variety Magazine. Retrieved December 11, 2011.
  36. ^ Zack Whittacker (November 4, 2011). British ISP told to block Pirate Bay torrent site, or face court. ZDNet. Retrieved December 19, 2011.
  37. ^ Matthew Lasar (June 23, 2010). "Google triumphant, beats back billion dollar Viacom lawsuit". Ars Technica. Retrieved November 7, 2011.
  38. ^ a b Markham C. Erickson (November 1, 2011). "H.R. 3261, "Stop Online Piracy Act" ("SOPA") Explanation of Bill and Summary of Concerns". Center for Democracy and Technology. Retrieved December 19, 2011.
  39. ^ "Tech Industry Open Letter". Retrieved November 17, 2011.
  40. ^ James Temple (November 2, 2011). "Stop Online Piracy Act would stop online innovation". San Francisco Chronicle. Retrieved November 7, 2011.
  41. ^ David Sohn (October 27, 2011). "House Copyright Bill Casts Dangerously Broad Net". Center for Democracy and Technology. Retrieved December 19, 2011.
  42. ^ a b Jason Mazzone (November 12, 2011). "The Privatization of Copyright Lawmaking". Retrieved December 19, 2011.
  43. ^ Nagesh Gautham (October 31, 2011). "Tech groups say online piracy bill would create 'nightmare' for Web and social media firms". The Hill. Retrieved December 19, 2011.
  44. ^ Larry Downes (November 1, 2011). "SOPA: Hollywood's latest effort to turn back time". CNET News. Retrieved November 9, 2011.
  45. ^ Wayne Rash (November 16, 2011). "House SOPA Hearings Reveal Anti-internet Bias on Committee, Witness List". Cloud Computing News. eWeek. Retrieved December 19, 2011.
  46. ^ Dominic Rushe (November 16, 2011). "Sopa condemned by web giants as 'internet blacklist bill': Google, Twitter and eBay say controversial Stop Online Piracy Act would give US authorities too much power over websites". The Guardian (UK). Retrieved December 19, 2011.
  47. ^ Corynne McSherry (October 28, 2011). "SOPA: Hollywood Finally Gets A Chance to Break the Internet". Retrieved December 19, 2011.
  48. ^ a b Nate Anderson (November 16, 2011). At Web censorship hearing, Congress guns for "pro-pirate" Google. Ars Technica. Retrieved December 19, 2011.
  49. ^ Tim Donnelly (November 17, 2011). "Why Start-ups Are Scared of SOPA". Inc.. Retrieved November 18, 2011.
  50. ^ "Angel Investors and Venture Capitalists Say They Will Stop Funding Some Internet Start-Up Business Models if Tough New Rules Are Enacted, Finds Booz & Company Study". November 16, 2011. Retrieved December 19, 2011.
  51. ^ AOL, eBay, FaceBook, Google, LinkedIn, Mozilla, Twitter, Yahoo, Zynga (November 16, 2011). "We stand together to protect innovation". NYTimes and BoingBoing. Retrieved January 10, 2012.
  52. ^ Smith, Lamar (January 9, 2012). "Fighting Online Piracy (Letter)". New York Times. Retrieved January 10, 2012.
  53. ^ a b Jack Minor (November 18, 2011). "Internet giants oppose bill that could make posting online videos a crime". Greely Gazette.
  54. ^ Irony Alert: Congressman Who Wrote SOPA Violated Copyright Law; Time; January 13, 2012
  55. ^ The Author of SOPA Is Also a Copyright Violator (Sort of); The Atlantic Wire; January 12, 2012
  56. ^ A. M. Reilly (November 16, 2011). "The Stop Online Piracy Act: What Industry Leaders Can Do About It". Industry Leaders Magazine. Retrieved December 19, 2011.
  57. ^ Cary Sherman (November 8, 2011). "RIAA chief: Copyright bills won't kill the Internet". Retrieved November 18, 2011.
  58. ^ Brian Proffitt (November 14, 2011). "Piracy bill could waylay FLOSS projects: If enacted, the SOPA bill in the U.S. House would target software vendors". IT World. Retrieved December 19, 2011.
  59. ^ Gavin Clarke (November 16, 2011). "Mozilla stirs netizens against US anti-piracy law: Dancing cats take-down threat". The Register. Retrieved December 19, 2011.
  60. ^ David Kravaets (May 5, 2011). "Feds Demand Firefox Remove Add-On That Redirects Seized Domains". Wired. Retrieved December 19, 2011.
  61. ^ "Questions to Department of Homeland Security April 19, 2011". Retrieved December 19, 2011.
  62. ^ Edward J. Black (December 13, 2011). "Internet Users, Free Speech Experts, Petition Against SOPA". Huffington Post. Retrieved December 19, 2011.
  63. ^ "Mercury News editorial: Congress should kill online piracy bill". San Jose Mercury-News. November 19, 2011. Retrieved December 19, 2011.
  64. ^ Declan McCullagh (November 18, 2011). "SOPA's latest threat: IP blocking, privacy-busting packet inspection". Privacy Inc. CNET. Retrieved November 18, 2011.
  65. ^ David Sohn and Andrew McDiarmid (November 17, 2011). "Dangerous Bill Would Threaten Legitimate Websites". The Atlantic. Retrieved November 18, 2011.
  66. ^ a b c d "SOPA-rope-a-dopa". Stewart Baker. December 14, 2011. Retrieved January 14, 2012.
  67. ^ "ESET Open Letter". Retrieved November 17, 2011.
  68. ^ Declan McCullagh (November 17, 2011). "OpenDNS: SOPA will be 'extremely disruptive' to the Internet". Privacy Inc.. CNET. Retrieved December 19, 2011.
  69. ^ Sean Gallagher (November 17, 2011). "Anonymous "dimnet" tries to create hedge against DNS censorship". Ars Technica. Retrieved December 19, 2011.
  70. ^ Gruenwald, Juliana (January 12, 2012). "Leahy Offers Major Concession On Online Piracy Bill". National Journal. Retrieved January 13, 2012.
  71. ^ Comment Of Senator Patrick Leahy On Internet Service Providers And The PROTECT IP Act; Press Release – Leahy; January 12, 2012
  72. ^ Kravets, David (January 12, 2012). "Rep. Smith Waters Down SOPA, DNS RedirectsOut". Wired (magazine). Retrieved January 12, 2012.
  73. ^ Timothy B. Lee, (January 13, 2012) "Under voter pressure, members of Congress backpedal (hard) on SOPA" Ars Technica
  74. ^ a b Smith, Lamar (January 13, 2012). "Smith To Remove DNS Blocking from SOPA". Congressman Lamar Smith.
  75. ^ Steve Crocker; Danny McPherson; Dan Kaminsky; David Dagon; Paul Vixie (May 2011). Security and Other Technical Concerns Raised by the DNS Filtering Requirements in the PROTECT IP Bill. CircleID. Retrieved December 19, 2011.
  76. ^ Allan A. Friedman (November 15, 2011). Cybersecurity in the Balance:Weighing the Risks of the PROTECT IP Act and the Stop Online Piracy Act. Brookings Institution. Retrieved December 28, 2011.
  77. ^ "Lofgren Releases Sandia Labs Letter on SOPA" (Press release). US House of Representatives. November 17, 2011. Retrieved December 28, 2011.
  78. ^ Leonard M. Napolitano, Jr., Sandia Nat'l Labs Letter, November 16, 2011
  79. ^ a b Tony Romm (November 18, 2011). "Lungren Wants Hearing On SOPA'S Cyber Impact". Politico.
  80. ^ Bill H.R.3261; GovTrack.us; November 4, 2011
  81. ^ a b Chamber Presses Gas Pedal on IP Push (registration required); Politico – Morning Tech; September 22, 2011
  82. ^ a b Letter to Congress in Support of Legislation; Chamber of Commerce Global IP Center; September 22, 2011
  83. ^ Mike McCurry, "Congress must combat online theft", Politico opinion piece, June 14, 2011. Retrieved November 30, 2011.
  84. ^ Howard Gantman, "Mike McCurry, in Politico, on Need for Congressional Action Against Online Theft", blog.mpaa.org, June 15, 2011. Retrieved November 30, 2011.
  85. ^ "Arts+Labs Presents: CREATE – Protecting Creativity from the Ground Up" "Arts+Labs blog". June 1, 2011. Retrieved November 30, 2011.
  86. ^ "Global Intellectual Property Center".
  87. ^ "Voices of support". fightonlinetheft.com. Retrieved December 28, 2011.
  88. ^ Scott Cleland (December 14, 2011). "SOPA Fixes Isolate Opponents, especially Google". Forbes. Retrieved December 28, 2011.
  89. ^ Hayley Tsukayama (November 22, 2011). "Tech coalition backs off SOPA support". Washington Post. Retrieved December 19, 2011.
  90. ^ SOPA Needs Work to Address Innovation Considerations; Business Software Alliance; November 21, 2011
  91. ^ "Go Daddy’s Position on SOPA". December 22, 2011.
  92. ^ "Go Daddy No Longer Supports SOPA". December 23, 2011.
  93. ^ Video game industry still supports anti-piracy bill – Raw Story, December 31, 2012
  94. ^ Curtis, Tom (January 13, 2012). "Game industry unrest swells as SOPA hearing approaches". Gamasutra. Retrieved January 14, 2012.
  95. ^ Timothy B. Lee (November 17, 2011). "Strange bedfellows: Nancy Pelosi, Ron Paul join SOPA opposition". Ars Technica. Retrieved December 19, 2011.
  96. ^ Gautham Nagesh (November 18, 2011). "GOP's Issa: Effort to 'grease the skids' for online piracy bill has failed". The Hill. Retrieved December 19, 2011.
  97. ^ Martinez, Jennifer (January 10, 2012). "SOPA becoming election liability for backers". Politico Pro. Retrieved January 13, 2012.
  98. ^ a b Masnick, Mike (January 11, 2012). "As SOPA/PIPA Becomes Toxic, Frantic Congress Test Runs Dropping DNS Blocking Provisions". TechDirt. Retrieved January 13, 2012.
  99. ^ Cheredar, Tom (December 29, 2011). "Not even a shift to full SOPA opposition can stop Go Daddy from hemorrhaging customers". Venturebeat. Retrieved January 13, 2012.
  100. ^ Espinel, Victoria; Chopra, Aneesh; Schmidt, Howard (January 14, 2012). Combating Online Piracy While Protecting an Open and Innovative Internet (Report). White House.
  101. ^ Phillips, Mark (January 14, 2012). "Obama Administration Responds to We the People Petitions on SOPA and Online Piracy". White House Blog. Retrieved January 14, 2012.
  102. ^ Wyatt, Edward (January 14, 2012). "White House Says It Opposes Parts of Two Antipiracy Bills". NYTimes. Retrieved January 15, 2012.
  103. ^ Thomas, Ken (January 14, 2012). "White House concerned over online piracy bills". Associated Press. Retrieved January 14, 2012.
  104. ^ "American Censorship Day – Stand up for ████ ███████ : announcements". Reddit.com. November 16, 2011. Retrieved January 15, 2012.
  105. ^ Geoff Brigham (December 13, 2011). "How SOPA will hurt the free web and Wikipedia". Wikimedia Foundation Blog. Retrieved December 16, 2011.
  106. ^ "Domestic Reality Does Not Match Bold Words on Internet Freedom of Expression". November 2, 2011. Retrieved December 19, 2011.
  107. ^ Declan McCullagh (November 15, 2011). "SOPA: Opponents". Retrieved December 19, 2011.
  108. ^ Elinor Mills (December 5, 2011). "Kaspersky dumps trade group over SOPA". CNET. Retrieved January 17, 2012.
  109. ^ "Julian Sanchez | Cato Institute: Policy Scholars". Cato.org. Retrieved 2012-01-17.
  110. ^ Brandon Butler (November 8, 2011). "Re: Stop Online Piracy Act, H.R. 3261" (PDF). Library Copyright Alliance. Retrieved November 10, 2011.
  111. ^ Mike Masnick (November 22, 2011). "The Definitive Post On Why SOPA And Protect IP Are Bad, Bad Ideas". Techdirt. Retrieved December 28, 2011.
  112. ^ Sarah Jacobsson (December 16, 2011). "Controversial anti-piracy bill nears House approval: Why you should care". Infoworld. Retrieved December 19, 2011.
  113. ^ "Paul Graham: SOPA supporters are no longer welcome at Y Combinator events". December 22, 2011.
  114. ^ "Avaaz.org petition against SOPA". 17th February, 2012.
  115. ^ "List of Those Expressing Concern With SOPA and PIPA". Center for Democracy and Technology. Retrieved December 19, 2011.
  116. ^ McCullagh, Declan (November 15, 2011). "Google, Facebook, Zynga oppose new SOPA copyright bill". CNet News. Retrieved January 14, 2012. (direct link to letter)
  117. ^ "Founder of Internet Fears 'Unprecedented' Web Censorship From SOPA". Fox News. December 16, 2011. Retrieved December 19, 2011.
  118. ^ Declan McCullagh (December 15, 2011). "Vint Cerf: SOPA means 'unprecedented censorship' of the Web". CNet. Retrieved December 19, 2011. (includes original text of letter by Vint Cerf)
  119. ^ "European Parliament resolution on the EU-US Summit of November 28, 2011". European Parliament. November 15, 2011. Retrieved December 19, 2011.
  120. ^ Jennifer Baker (November 18, 2011). "European Parliament Joins Criticism of SOPA". PC World. Retrieved December 19, 2011.
  121. ^ "Groups Still Oppose SOPA After Proposed Amendment". PCWorld. December 13, 2011.
  122. ^ Armitage, Hugh (December 31, 2011). "Steve Niles speaks out against Stop Online Piracy Act". Digital Spy.
  123. ^ Gold, Mike (January 4, 2012). "MIKE GOLD: Steve Niles’ Courageous Act". ComicMix.
  124. ^ David, Peter (January 17, 2012). "Where I stand on SOPA". peterdavid.net.
  125. ^ "'American Censorship Day' Makes an Online Statement: The Ticker". 'American Censorship Day' Makes an Online Statement: The Ticker. Bloomberg. Retrieved November 17, 2011.
  126. ^ Charlie Osborne, "Would a Wikipedia blackout be such a bad thing?", iGeneration on ZDNet, December 13, 2011, 11:04 am PST. Retrieved January 5, 2012.
  127. ^ Christopher Williams (December 13, 2011). "Wikipedia co-founder threatens blackout over anti-piracy law". The Telegraph. Retrieved December 28, 2011.
  128. ^ Brett Winterford (December 13, 2011). "Wikipedia mulls blackout to protest SOPA". itnews. Retrieved December 13, 2011. "Wikipedia founder Jimmy Wales has threatened a knowledge “blackout” of the online encyclopedia to protest a US anti-piracy bill that could have serious ramifications for online service providers."
  129. ^ "Wikipedia to go dark in piracy protest". Australian Broadcasting Corporation. January 17, 2012. Retrieved January 17, 2012.
  130. ^ Alec, Liu, "Will Google, Amazon, and Facebook Black Out the Net?", FoxNews.com, December 30, 2011. Retrieved January 5, 2012.
  131. ^ McMillan, Graeme (January 5, 2012). "SOPA: What if Google, Facebook and Twitter Went Offline in Protest?". Time. Retrieved January 5, 2012.
  132. ^ Tassi, Paul (January 11, 2012). "Reddit's SOPA Blackout Admirable, But Google and Facebook Must Follow". Forbes. Retrieved January 11, 2012.
  133. ^ https://twitter.com/#%21/benhuh/status/157538541155516416
  134. ^ Notch Joins January 18 Anti-SOPA Protest, Gameranx.com, retrieved January 14, 2012
  135. ^ John Gaudiosi (January 13, 2012). "Major League Gaming Joins SOPA Blackout, Pulls 100 GoDaddy.com Domain Names". Forbes. Retrieved January 14, 2012.
  136. ^ Doctorow, Cory (September 30, 2010). "Boing Boing will go dark on Jan 18 to fight SOPA". Boing Boing. Retrieved January 15, 2012.
  137. ^ a b Rachel Bennett and J. Sebe Dale IV (January 9, 2012). "Internet giants consider blackout to protest SOPA". WTOL.com. Retrieved January 13, 2012.
  138. ^ Burgess, Rick (January 11, 2012). "Reddit prepares for anti-SOPA blackout, others may follow". TechSpot. Retrieved January 13, 2012.
  139. ^ Hornshaw, Phil (January 13, 2012). "Gaming community joins SOPA protests with Jan. 18 blackouts". GameFront.com. Retrieved January 13, 2012.
  140. ^ E. Kain (January 11, 2012). "WordPress Comes Out Against SOPA". Forbes. Retrieved January 13, 2012.
  141. ^ Adam Thierer (November 16, 2011). "SOPA & Selective Memory about a Technologically Incompetent Congress". Technology Liberation Front.
  142. ^ Katy Bachman (November 16, 2011). House Holds One-Sided Hearing on Piracy Bill. Adweek. Retrieved December 19, 2011.
  143. ^ Declan McCullagh (November 16, 2011). "Lungren Wants Hearing On SOPA'S Cyber Impact". CNET.
  144. ^ Why the House is stacking the deck on Internet piracy. CNN. November 17, 2011. Retrieved December 19, 2011.
  145. ^ "SOPA Markup Scheduled for Dec. 15 As Opposition to the Bill Grows". Mike Palmedo. November 28, 2011. Retrieved December 19, 2011.
  146. ^ Grant Gross (December 16, 2011). "House Committee Appears Headed Toward Approving SOPA". PCWorld. Retrieved December 19, 2011.
  147. ^ Corbett B. Daly. "SOPA, bill to stop online piracy, hits minor snag in House". CBS. Retrieved December 17, 2011.
  148. ^ Wortham, Jenna; Sengupta, Somini (January 15, 2012). "Bills to Stop Web Piracy Invite a Protracted Battle". NYTimes. Retrieved January 16, 2012.
  149. ^ Greg Sandoval (January 14, 2012), Momentum shift: SOPA, PIPA opponents now in driver's seat CNET News

External links

Sunday
Jan012012

The Happiest Passwords on Earth

So there was a dump a few days ago that had several companies including Yahoo, Google, Core Security, and Disney.

The Disney data interested me. Disney is awesome. I love going there even as an adult. There is something about that Disney brand of magic. It maybe expensive, but you get a premium experience with Disney.

I wanted to see what type of password logic was in place at that company. It takes a special right brained creative person to make Disney magic. What type of creative passwords did they have? Not very! All passwords were 8 characters or less! @purehate_ pointed out that DES hashes only allow 8 char max. Set Hashcat accordingly!

Below is a redacted output report from Pipal, an awesome tool for password analysis created by @digininja! Head over to digininja.org to download Pipal or fire up BT5 and apt-get it!

 


Total entries = 426
Total unique entries = 419

Password length (length ordered)
1 = 4 (0.94%)
3 = 2 (0.47%)
4 = 6 (1.41%)
5 = 9 (2.11%)
6 = 203 (47.65%)
7 = 97 (22.77%)
8 = 112 (26.29%)

Password length (count ordered)
6 = 203 (47.65%)
8 = 112 (26.29%)
7 = 97 (22.77%)
5 = 9 (2.11%)
4 = 6 (1.41%)
1 = 4 (0.94%)
3 = 2 (0.47%)

|
|
|
|
|
|
|
| |
|||
|||
|||
|||
|||
|||
|||
|||||||||
012345678

One to six characters = 219 (51.41%)
One to eight characters = 426 (100.0%)
More than eight characters = 0 (0.0%)

Only lowercase alpha = 186 (43.66%)
Only uppercase alpha = 1 (0.23%)
Only alpha = 187 (43.9%)
Only numeric = 13 (3.05%)

First capital last symbol = 1 (0.23%)
First capital last number = 12 (2.82%)

Single digit on the end = 83 (19.48%)
Two digits on the end = 43 (10.09%)
Three digits on the end = 14 (3.29%)

Last number
0 = 12 (2.82%)
1 = 54 (12.68%)
2 = 23 (5.4%)
3 = 10 (2.35%)
4 = 11 (2.58%)
5 = 12 (2.82%)
6 = 6 (1.41%)
7 = 10 (2.35%)
8 = 12 (2.82%)
9 = 8 (1.88%)

|
|
|
|
|
|
|
|
|
||
||
||
||| || |
|||||| |||
||||||||||
||||||||||
0123456789

Last digit


Character sets
loweralpha: 186 (43.66%)
loweralphanum: 170 (39.91%)
loweralphaspecial: 25 (5.87%)
numeric: 13 (3.05%)
mixedalphanum: 9 (2.11%)
mixedalpha: 7 (1.64%)
loweralphaspecialnum: 6 (1.41%)
upperalphanum: 2 (0.47%)
mixedalphaspecialnum: 2 (0.47%)
special: 2 (0.47%)
mixedalphaspecial: 2 (0.47%)
upperalpha: 1 (0.23%)

Character set ordering
allstring: 194 (45.54%)
stringdigit: 134 (31.46%)
stringspecial: 21 (4.93%)
stringdigitstring: 21 (4.93%)
othermask: 16 (3.76%)
digitstring: 15 (3.52%)
alldigit: 13 (3.05%)
stringspecialdigit: 4 (0.94%)
stringspecialstring: 3 (0.7%)
specialstring: 3 (0.7%)
allspecial: 2 (0.47%)

Hashcat masks (Top 10)
?l?l?l?l?l?l: 104 (24.41%)
?l?l?l?l?l?l?l?l: 40 (9.39%)
?l?l?l?l?l?l?l: 34 (7.98%)
?l?l?l?l?l?l?d: 26 (6.1%)
?l?l?l?l?l?d: 23 (5.4%)
?l?l?l?l?l?l?l?d: 18 (4.23%)
?l?l?l?l?d?d: 18 (4.23%)
?l?l?l?l?l?l?d?d: 11 (2.58%)
?d?d?d?d?d?d: 10 (2.35%)
?d?l?l?l?l?l?l?l: 10 (2.35%)


 

As of 1/1/2012, Disney did have 3 jobs related to Information Security open.


http://jobs.disney.corp.go.com/los-angeles/facilities-and-security/jobid1985370-manager-information-safeguarding-jobs

http://jobs.disney.corp.go.com/new-york/facilities-and-security/jobid1879313-security-operations-support-specialist-jobs

http://jobs.disney.corp.go.com/los-angeles/accounting-and-finance/jobid1922771-senior-financial-analyst-corporate-compliance-and-controls-jobs

Monday
Dec192011

Kommand && KonTroll

The first time our team SuperFlyAPTDongNinjas encountered the Kommand && KonTroll CTF, we got blueshelled

Our team had skills, tools, even an 0 day or 2.  We still lost.  It stung and in our alcohol fueled debriefing, we knew we didn't just want to win, we wanted to take down every target including the Zeus C&C.  In looking back at the previous challenge, we realized the critical missing piece was  Communication!

@kingtuna came through in a huge way with his communication server, theTaint.  We set up secure communication and file sharing.  The chat room allowed us to share passwords, links, and c99 shells dropped on the boxes we owned.

The other tool that helped was Metasploit Pro.  Metasploit Pro's ability to share shells allowed one team member to pop the box and pass the shell to someone else to look for data.  Pro also saved the knowledge and download files and loot so that everyone on the team could review what was gained from the target.  Lastly, tagging allowed us to mark off which box we owned and what we still needed to compromise.  I also recommend setting Metasploit Pro to automatically set persistence in your shells.  We found a BeEF server with a hooked browser that lead to us taking down the C&C.  We set up Metasploit Pro to run a macro that made the session persistent knowing that if we lost the shell, we lost our chance to take down the target.

The secrets of our win: Communication and Teamwork.  

After we won, we celebrated with a night of victory karaoke (I don't give a F#@K) followed by a breakfast of lobster!

Big thanks to the team SuperFlyAPTDongNinjas, without every single person, we would have failed!  Also a big thanks to Rod and the %27 MiamiP0wnMachine team for setting up and running the CTF.  

 

@rodsoto was watching from the console when he saw us pop a Windows XP Machine and look for the Zeus. 

 

 

Final Scoreboard out of 10,000 points

 

 Flag from the C&C!

 

5lb Lobster