Blog Ipsa Loquitur

Today in silly headlines, “Millions of printers open to devastating hack attack, researchers say.” Or, “guys who make money by writing about crazy stuff write crazy stuff; say it could totally happen bro.” Via MSNBC:

Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?

It’s not only possible, but likely, say researchers at Columbia University, who claim they’ve discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.

On the one hand, that’s stupid. On the other hand, that’s stupid like a fox; no one ever suspects the printer of being malicious, just poorly designed. When your printer breaks down or the print wizard locks your computer, is it really an accident, or is it sending all your secrets to China?

Seriously, though, we all laughed when Calvin Trillin predicted the underwear bomber in 2006. That was a punchline. Then some dude actually tried to stuff a bomb in his pants, and now the TSA takes a photo of my penis every time I fly home to see my grandparents. Some jackass is actually going to try to set fire to his school computer lab with one of these firmware hacks, and then we’ll all have to use stone tablets at the library. Mark my words.

The usually awesome Lifehacker (seriously, best site ever) has an interesting article up today, titled How to Completely Anonymize Your BitTorrent Traffic with BTGuard:

If you’re using BitTorrent without taking special measures to hide your activity, it’s just a matter of time before your ISP throttles your connection, sends you an ominous letter, or worst case, your ISP gets a subpoena from a lawyer asking for your identity for a file-sharing law suit. Here’s how to set up a simple proxy to keep your torrenting safe and anonymous.

BTGuard is, essentially, a proxy service for your BitTorrent downloads. You pay them $7 per month, and you get to route all your illegal downloads through the service. Lifehacker says now you’re completely safe from all lawsuits forever! You can’t possibly be sued for downloading… err… Linux every week, right after Game Of Thrones airs. Right? How cool is that?

Just sign up for an account with your email address. No sweat, right? You’ve got a fake email address. And the mail provider definitely doesn’t keep logs, right? Of course.

Then just pay with your credit card for the low low price of $7 a month. You’ve got a credit card that doesn’t have your real name or billing address associated with it, right? Of course.

Then, log into the site to conduct your illegal activities. The terms of service of the site say that they don’t keep records! It’s right there in black and white! Right next to the part where they get to revoke your license to use BTGuard anonymously if you break the terms of the license, like for illegal activities. Also, right above the part where they get to change the terms of service without notice to you any time they like (probably right about the time they get sued for copyright infringement). I wonder if those changes will include selling you out?

They’re far from a shadowy company operating on the fringes of society. If you want that, you wanted HavenCo.

These guys are Canadian. They’re on Front Street in Toronto. Right here. Also, their phone number is listed on a site called Ripoff Report: it’s 415-762-3688.

151 Front Street is a huge hosting company. I assume that some IT guy has a few extra servers that aren’t doing anything, and since he has access to free CPU cycles and nearly unlimited bandwidth, he runs a VPN and pockets some extra money on the side. Except he apparently doesn’t always encrypt your traffic. So, aside from the part where he has personal information about you, and can sell you out any time he gets in hot water, and takes literally ten seconds to find on the internet, I don’t see why you wouldn’t give this guy money.

Fresh after CBS missing the point about women on boards of directors making corporations kinder and gentler, ABC has a report on women making better investors. In my own snarking of the CBS news story, I pointed out the more concrete benefits: avoiding groupthink, defusing the testosterone-laden risk taking that gets banks bankrupted, etc.

ABC reported on new research that women are more in touch with their feelings, which makes them better investors. Like all things sexist, Jezebel is there with the funny:

The belief that women or men are naturally wired to think a certain way is up for debate; a depressing number of people still think that women are “naturally” all sorts of dumb stuff because of the direct telephone line between a woman’s ovaries and her smaller, pinker brain.

But whatever the cause of women’s tendency to take fewer risks and work with rather than against their emotions, Peterson thinks that women would be better off holding more of the purse strings in the future. If only they could be trusted to not spend it all on shoes.

The article is titled “Mysterious Phenomena Called ‘Feelings’ Make Ladies Better At Investing,” which I love almost as much as the article itself.

Now all that’s left to do is to wonder if women are magically more in touch with their feelings, or if the alpha male frat boys that end up on Wall Street are representative of men at large.

Grooveshark’s being sued for $17 billion dollars by Vivendi/Universal/Sheinhardt Wig company for copyright infringement:

In a copyright lawsuit filed today, Universal Music Group says it has obtained e-mails and other records that show Grooveshark’s leaders led an effort to post more than 100,000 pirated songs onto the music service.

“[The business records of Escape Media Group, Grooveshark’s parent company,] establish unequivocally,” Universal’s lawyers wrote in the complaint filed in U.S. District Court in Manhattan, “that the sound recordings illegally copied by Escape’s executives and employees, include thousands of well known sound recordings owned by UMG.”

This is far from a Napster moment for streaming music services of the 21st century. If the allegations about the executives uploading songs to Grooveshark are true, the company is in a lot of trouble, but this doesn’t spell disaster for Spotify and Pandora.

Meet Grooveshark

Briefly, Grooveshark is a digital radio service. You go to Grooveshark.com, type the name of a song or musician you want to listen to, and start listening for free right away. They boast a music library of millions of songs, much larger than many competing services, and with a notably deep selection of notorious digital holdouts. For instance, you can listen to lots of Led Zeppelin and Metallica on Grooveshark, but you won’t find either on sites like Spotify or Rdio.

It’s not that the Grooveshark executives are really good at bargaining with the ghost of Jimmy Page; Zeptallica didn’t ever sign a contract to end up on Grooveshark. Rather, Grooveshark built its library by allowing users to upload songs themselves. No muss, no fuss, no expensive licensing contracts with record labels, and no lawyers (at first).

Thus, no matter what happens with this litigation, other streaming music sites like Spotify and Pandora are going to be fine. Grooveshark is a different beast because it doesn’t generally license its music: users upload music on their own, and Grooveshark lets you listen to everyone else’s music.

Copyright 101

That’s not, strictly speaking, legal.

But let’s start from the top. Making a copy of an MP3 to put on your phone or ipod would be copyright infringement, but federal copyright law protects Fair Uses, such as educational uses or personal uses. Teachers can show movies in class, professors can hand out copies of articles to their students, and you can make an MP3 out of your new CD. You can also make a copy of that MP3 to back up your music, whether you want to back it up to another hard drive or back it up to the internet.

Putting your music on the internet in these “music locker” services, where a user uploads MP3s and streams them later (say, from work or from your mobile phone), have been around for a while. In fact, in MP3Tunes vs EMI earlier this year, a federal judge ruled in favor of one service’s right to let users stream songs from its servers, regardless of whether the copyright holder approved.

There’ll be appeals for years, but for now, it looks like letting users upload and listen to music legal as long as there’s no “master copy” of any given song. In his decision, Judge Pauley ruled (PDF) that if ten users want to listen to a song, all ten of them must have uploaded their own copy of the song. That’s important.

Enter the DMCA

The Digital Millennium Copyright Act (DMCA) is a modification of federal copyright law that was passed at the turn of the century. The DMCA deserves the criticism it gets for failing to protect Fair Use rights in a digital age where any idiot can implement an “encryption scheme” and keep people from making Fair Use of his work. I’m not the only one who sees unintended consequences with that system.

But one thing the DMCA got right was the Safe Harbor provision. This section protects web sites whose users upload copyrighted content; while the users can be prosecuted, the web site itself is immune to copyright liability. This is the only reason YouTube hasn’t been wiped off the face of the planet so far. No matter what copyrighted content my users post on Barely Legally, I’m safe as long as I have a way for content owners to send me DMCA takedown notices. (Which of course I don’t; but I also don’t offer the ability to upload videos, so I feel it’s moot.)

Grooveshark does a better job than I do: it has a DMCA Takedown section of its site, where aggrieved copyright owners like Led Zepptallica can easily have their songs removed from Grooveshark’s servers. Some folks might decry how easily The Man can have your YouTube video taken down, but that’s a pretty small price to pay for YouTube’s safe harbor. Without that immunity, YouTube would be less a Profitable Thing and more an Experiment In Death By Copyright Litigation.

Two Problems

I’ve talked a little about why music locker services are legal, and how the DMCA protects web sites when their users upload copyrighted materials. It could seem at first that Grooveshark is perfectly safe, because they’re a big music locker, and they have a safe harbor from their users’ uploading of copyrighted content.

However:

1. Grooveshark allows millions of people to listen to a song that I uploaded. This is less “music locker” than “web site with pirated music.”
2. If Grooveshark’s employees uploaded music themselves, Grooveshark can’t claim safe harbor protection for those songs.

Not a Music Locker

The legality of music lockers is a logical extension of the fair use doctrine: it’s a personal use of something I have a right to listen to.

No one thinks you should have to buy two of the same CD, one for work and one for home. So, why should you buy two MP3s, one for work and one for home? You shouldn’t, because that’s stupid. Just make a copy for your work computer, or put a copy on a web server and stream it to yourself. And like web hosting or email hosting, if you don’t want to set up your own web server, just pay someone else to host it for you. Amazon does this at a reasonable price.

So Grooveshark, like Spotify, Rdio, and MOG, encourages users to share playlists and discover new music. Grooveshark, unlike those other guys, had its users upload the millions of songs on the site. These songs get passed around, with goodness-knows how many folks listening to any single file.

Unfortunately, Judge Pauley was pretty specific about the number of users that can listen to a given song file on a music locker site: one. Exactly one. Grooveshark can’t let its users listen to songs other folks uploaded and win like MP3Tunes did.

Not a Safe Harbor

Universal claims they have email records demonstrating that Grooveshark employees personally uploaded hundreds of thousands of songs to the site. The DMCA safe harbor provision only applies when the users of a site are the ones posting copyrighted content. It’s meant to shield sites like YouTube from shutting down because some jerk uploaded a full episode of Law and Order.

However, that protection doesn’t apply if YouTube uploads the episodes itself. And really, why should it? The DMCA wasn’t designed to free web sites from worrying about copyrighted material. It was designed (in part) to make sure that folks can set up a site without having to spend huge amounts of resources policing uploaded content.

While Viacom might feel like this places an undue burden on them to police other peoples’ sites, Congress made that decision. They didn’t want to stifle sites like YouTube by placing that burden on them. I’d suggest Viacom lobby their local congressman, but they do tons of that already. This is the law that they got after spending millions of dollars trying to buy as draconian a regime as possible.

If those allegations about the Grooveshark employees uploading files themselves are true (and if they’re users of the site, they would have had to upload their own files), the DMCA safe harbor provision wouldn’t apply. That wouldn’t end the case right there, though; Universal would still have to actually demonstrate copyright infringement in court.

The Consequences

If the allegations are true and Grooveshark really did have its employees upload hundreds of thousands of songs, that’s catastrophic. The penalty for willful copyright infringement on that scale is staggering – $17 billion, apparently. They’ve got about a tenth of a percent of that in angel investments so far; so if they liquidated all their assets and most of their internal organs, they might be able to pay the fine.

Do recall that when EMI sued Grooveshark a couple years back, Grooveshark didn’t go out of business. The two sides struck a deal, and Grooveshark agreed to start paying EMI for its music. No one’s really sure how much Grooveshark paid, or whether they can afford to do it again, or whether EMI just took like a 40% share of the company. But Grooveshark has stared down Death By Copyright before.

This is different from the EMI case, though; there’s that whole “no safe harbor” thing that the emails allegedly prove. Also, because of the emails, the Grooveshark executives have also been named as defendants. If Universal wins, the Grooveshark guys will be personally liable along with their company. This kind of backs the Grooveshark guys into a corner with their negotiations.

What’s Next

Who knows? Maybe Universal will force Grooveshark to take down all the Universal songs from the site, or just filter users’ search results for Universal stuff. If you recall, Napster took those kinds of steps to try to stay afloat during the RIAA’s successful campaign to kill it. Unfortunately, the settlement ultimately involved shutting the network down.

But I’m getting kind of ahead of the game here. The lawsuit just started. The defense hasn’t even filed an answer yet. I don’t really know if Grooveshark’s employees uploaded songs illegally, but I’m inclined to believe they did, since uploading your music library is kind of how the site’s supposed to work.

We’ll see pretty soon if either side moves for summary judgment; while that’s usually the first step in hilariously giant lawsuits, I think these guys are going to have to fight it out over the emails and their admissibility first. Summary judgment is for when everyone agrees what the facts are, but disagrees on how the law comes out.

Either way, there are interesting times in store for Grooveshark.

From Boy Genius Report:

AT&T said Thursday that it has withdrawn its application from the Federal Communications Commission to acquire T-Mobile USA.

AT&T and Deutsche Telekom said they will instead focus on fighting an antitrust lawsuit brought against the proposed $39 billion merger by the Department of Justice. AT&T made the announcement Thursday following the FCC’s decision earlier this week to hold an administrative hearing regarding the purchase.

If you’ll recall, the Department of Justice gave a statement about the proposed merger back in August. As part of that statement, the Deputy Attorney General James Cole said:

The combination of AT&T; and T-Mobile would result in tens of millions of consumers all across the United States facing higher prices, fewer choices and lower quality products for mobile wireless services.

So, uh, I guess the feds use Verizon?

Seriously, though, more competition is better for us consumers. AT&T; doesn’t compete with Verizon; remember when they raised prices together and had to tell the Senate why they weren’t colluding? Remember when they both instituted data caps within months of each other? If those two aren’t going to compete with each other, that’s bad enough. Imagine if they were just allowed to buy out their competition.

AT&T’s still pushing forward with the merger, but they’re clearly convinced that the FCC’s approval under telecomm laws is less tricky than getting the DOJ to not sue them for anticompetitive practices. Like removing competitors from the market is really anticompetitive. (Hint: it is.) (Hint #2: this deal is never happening.)

Hey, remember the largest foreclosure law firm in New York State? The one with the Halloween party where all the lawyers dressed up like people who lost their homes in foreclosure proceedings? Well, the firm has stopped receiving work from virtually all the major mortgage lenders, and has just gone out of business:

The announcement caps a remarkable fall for the state’s dominant foreclosure law firm, which until recently handled 40 percent of all foreclosures statewide. That’s also made it a lightning rod for criticism and anger during the mortgage crisis, particularly downstate in New York City and Long Island, where foreclosures have been much more severe than in upstate and Western New York.

The firm had already been denounced by consumers and consumer advocates for its work on behalf of lenders even before the “robo-signing” controversy thrust it into the middle of a nationwide crisis over the legitimacy of the legal process underpinning many foreclosures.

Since then, the firm has been criticized for participating in “robo-signing” and allegedly improper foreclosures, with critics saying it helped speed up foreclosures to benefit its lender clients by allegedly authorizing the “assignment” or transfer of mortgages from one lender to another when critics say it lacked authority to do so.

And it’s been vilified by advocates, other attorneys, politicians and even judges for submitting sloppy and allegedly fraudulent paperwork that is riddled with legal errors, including faulty affidavits and notarizations.

This is the same firm that filed a defamation suit against an attorney who filed a class-action lawsuit against them, so I’m not saying a thing. Other than “boy, I bet they really wish those photos hadn’t leaked.” Also, possibly not doing the allegedly fraudulent stuff.