• hoshikarakitaridia@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    294
    arrow-down
    3
    ·
    10 months ago

    Literally illegal. Discussing crimes doesn’t equal crime, so there’s no reason for them to requeust IPs. And at least in the EU you aren’t even allowed to disclose information related to your person.

    • SGG@lemmy.world
      link
      fedilink
      English
      arrow-up
      127
      arrow-down
      1
      ·
      10 months ago

      They don’t care. It’s the film industry equivalent to the Microsoft support scammers. Get a bunch of targets, spam out hundreds of thousands of threatening emails, profit off the small percent of people who fall for it.

      • vrek@programming.dev
        link
        fedilink
        English
        arrow-up
        64
        arrow-down
        5
        ·
        10 months ago

        I had a Microsoft support scammer once… I let him in to my system too…well not really.

        I quickly spin up a quick fresh install of slack ware Linux in a virtual machine that didn’t even have x11 never mind wine installed. When it was up I told him a friend uses something called tellynet (aka telnet but I was playing dumb) to help me on the computer.

        He telnetted in and could not understand why any of his malware wasn’t working…

        • FutileRecipe@lemmy.world
          link
          fedilink
          English
          arrow-up
          27
          arrow-down
          1
          ·
          10 months ago

          uses something called tellynet (aka telnet but I was playing dumb)

          I wonder if he got the joke, or was a scriptkiddie who just relies on existing tools without understanding them, and thought you meant television or similar.

          • nilloc@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            21
            ·
            10 months ago

            They’re basically telemarketing workers with hacking tools provided by an employer. They follow scripts and click the buttons they’ve been trained to use.

            I’m surprised they got in with telnet and not their usual RDP. However I’m not sure they would have gotten anywhere on a Linux box with commands that are so different, unless they were a little familiar with at least MacOS (bash or zsh based now a days).

          • vrek@programming.dev
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            I don’t know, this was back around 2007 so I don’t remember his specific reaction

      • hoshikarakitaridia@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        8
        ·
        10 months ago

        they don’t care

        Yes they do. They are boxed in neatly in the current laws and unless you are discussing specifics about doing a crime in the past or future, they will not get that subpoena and thus they are in a catch 22.

        Now if you are actively torrenting, chances are you could run into one of those fake peers that will grab your IP and they can start suing you. But other than that they would need real good evidence to subpoena.

        • bamboo@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          Subpoenas are tools the government uses to compel a private entity to provide information. This isn’t that though, this is one private entity asking another private entity to just give them data. It’s not a legal case, and because of our non-existant privacy regulations in the US, Reddit is free to just hand over this information, or not if they want. No crime has to even be alleged, Reddit can just hand that information out.

          • hoshikarakitaridia@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            10 months ago

            Ok yes sorry I should have specified, what you’re saying might apply to the US.

            What I said applies to the EU.

            Thing is, companies need to know beforehand if they are dealing with a user from US or EU because they don’t wanna break laws when they have to deal with the court system anyway on stuff like this. So technically they could transmit information about US citizens, but in practice this is super tricky and risky.

            Let’s say you got an IP. Alright you can pinpoint The location. Problem: you don’t know whether you just grabbed the target IP or an IP from a VPN or a proxy. There’s ways to obscure this so you might not even be able to find out. Now if you turn this over, there’s a small risk you just did a crime because they are spoofing their location. And if you just captured a VPN or proxy, you are now pursuing the wrong person and in EU law this won’t go over well.

            So in practice there’s basically no way to do this and be sure you didn’t make a mistake, and mistakes in law are risky and costly. No company would ever take such a risk.

            Now I could go into detail about all the technical details on why things work like that but it would make this twice as long.

            TL;DR in theory you are right for US users, in practice there’s no way to tell and it gets risky pretty fast.

            Also obligatory IANAL and always check in with a lawyer if you need specific legal advice.

            • bamboo@lemm.ee
              link
              fedilink
              English
              arrow-up
              1
              ·
              10 months ago

              That’s a really interesting point, has it been tested in court? The article is about US companies and US websites so I figured EU law was irrelevant, but I am curious to see if the EU can claim jurisdiction for actions foreign companies take outside the EU, regardless of if they have any official EU presence.

              • hoshikarakitaridia@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                10 months ago

                Well I can not give you a specific case for that, but it widely accepted that online actions against users from the EU that violate laws in the EU can get persued.

                Do you remember seeing some US websites saying “we don’t service EU users at the moment”? That’s because they didn’t want to get a lawyer so they can comply with the EU GDPR back then. I assume this is because they knew there was some precedent.

                If you are keen on it I can go digging for case law though.

                EDIT: Nevermind I literally only had to do one Google search and here’s an official link: https://gdpr.eu/compliance-checklist-us-companies/

                Note that one of the headings literally says “Why US companies must comply with the GDPR” and the answer is “because it is extra-territorial in scope”.

                • bamboo@lemm.ee
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  10 months ago

                  On that page you linked, they say “So far, the EU’s reach has not been tested, but no doubt data protection authorities are exploring their options on a case-by-case basis.” So it hasn’t really been tested yet it seems. It’s true that there are extradition treaties and interpol that aid in cross-border prosecution, but that tends to be used primarily when the alleged crime happened in the prosecuting country’s jurisdiction, or the alleged crime is handled similarly in both countries. A GDPR violation by a US company wouldn’t be considered a crime at all in the US, so it’s entirely possible that they might decline to assist in prosecution.

      • hoshikarakitaridia@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        16
        arrow-down
        1
        ·
        10 months ago

        I could give you a full breakdown of how it works in EU, but basically there needs to be indisputable evidence that a crime occured for any party to subpoena any ISP or service provider company. Otherwise those companies will be in huge trouble. The one doing the subpoena because they wouldn’t have an order for that and if they fuck around right before suing, courts will not take kindly to that. And the other receiving the subpoena for disclosing personal information (although they’d maybe win a defense to that, because if they did their due diligence they are not supposed to tank the damages).

        What I’m saying is, considering currently laws in the EU, I think we’re good. Of course IANAL so ask one if you need specific advice.

        • Rodeo@lemmy.ca
          link
          fedilink
          English
          arrow-up
          9
          ·
          10 months ago

          Did they actually issue a subpoena though, or did they just send some emails saying “give pls”.

          A subpoena is a legal document and thus there are rules that go along with it. But an email asking to be given something is not a subpoena.

    • 800XL@lemmy.world
      link
      fedilink
      English
      arrow-up
      32
      ·
      10 months ago

      If discussing crimes equals crime then police, CEOs, and politicians should all be in jail.

        • 800XL@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          10 months ago

          “Man, you know how easy it would be to get away with insider trading/misreporting earnings/reselling seized fentanyl/asking for a key piece of evidence to go missing? I have a friend/family member/employee/business contact/perp I let go that owes me a favor.”

      • explodicle@local106.com
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        10 months ago

        If they were held accountable for their crimes then police, CEOs, and politicians would already all be in jail.

    • BolexForSoup@kbin.social
      link
      fedilink
      arrow-up
      23
      arrow-down
      4
      ·
      edit-2
      10 months ago

      You should read the article. I don’t agree with them, but it’s more nuanced than that/isn’t about discussing piracy.

      They are basically trying to get the IP‘s so that they can claim frontier is at fault and not being proactive. It is not actually targeting the users in a way that is designed to go after them individually. It’s trying to prove users are using frontier to pirate with impunity.

      • conciselyverbose@kbin.social
        link
        fedilink
        arrow-up
        46
        arrow-down
        2
        ·
        10 months ago

        That’s not really extra nuance, and is about discussing piracy.

        The premise that an ISP has an obligation to proactively monitor traffic when they shouldn’t even legally be permitted to do so is disgusting.

        • BolexForSoup@kbin.social
          link
          fedilink
          arrow-up
          10
          arrow-down
          5
          ·
          edit-2
          10 months ago

          I literally said I don’t agree with them lol but the point is they aren’t trying to figure out who is discussing piracy on Reddit. They are trying to implicate frontier. Again, I don’t agree. I am against this.

          • conciselyverbose@kbin.social
            link
            fedilink
            arrow-up
            20
            arrow-down
            5
            ·
            10 months ago

            That’s not a meaningful distinction.

            They’re still trying to take action against discussion of piracy. The target does not matter and is not meaningful to the discussion.

            • BolexForSoup@kbin.social
              link
              fedilink
              arrow-up
              19
              arrow-down
              5
              ·
              edit-2
              10 months ago

              What? That is incredibly meaningful. The legal implications are are very distinct, and also open some pretty frightening doors.

              If we can’t even distinguish the legal channels they are trying to screw us with, how can we possibly protect Internet privacy?

              I get you want to win an Internet argument or whatever but let’s keep our eye on the ball here, dude

              • conciselyverbose@kbin.social
                link
                fedilink
                arrow-up
                12
                arrow-down
                2
                ·
                edit-2
                10 months ago

                The important legal concept is that it’s literally impossible for discussion of piracy to entitle them to any information in any possible context.

                The target of their harassment does not matter. Giving them a single bit of data is every bit as unconditionally unacceptable in either case, and you don’t get to any ruling on anything else unless you bypass that.

                • BolexForSoup@kbin.social
                  link
                  fedilink
                  arrow-up
                  6
                  arrow-down
                  4
                  ·
                  edit-2
                  10 months ago

                  Again, this isn’t about the discussions. They are taking IP’s discussing it and tracing them to frontier. They’re “moving upstream” instead of targeting users, which means they need less info,the discussion themselves are immaterial because they aren’t targeting individuals - which means it’s more likely. This is a different tactic.

                • Rivalarrival@lemmy.today
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  10 months ago

                  “I saw a guy get shot last night. He was close enough I was able to record the whole thing in my phone. The police say that the victim was wearing a blue shirt, but didn’t mention they were also wearing a yellow hat. I’ve saved the footage, but I won’t be posting it anywhere, so don’t even ask.”

                  I make that statement on Reddit. Investigators see that my statement matches their crime scene.

                  They can subpoena Reddit for my reddit account information, including the IP address from which I posted that comment. They can subpoena the ISP who controlled that IP address and get subscriber information. They can then go to that subscriber and request and require their assistance in identifying the specific person who made that comment. They can then question that commenter as a witness, and subpoena their video.

                  That’s basically what the rightsholders are trying to do here: subpoena “witnesses” to Frontier violating its duties under Safe Harbor provisions.

                  I agree that they should be told to go fuck themselves with rusty Buicks, but they do have a (tenuous) legal claim for the information they seek.

        • Rivalarrival@lemmy.today
          link
          fedilink
          English
          arrow-up
          1
          ·
          10 months ago

          Nobody is claiming that Frontier should be monitoring traffic.

          Safe harbor provisions require them to forward DMCA letters to subscribers when rightsholders send them, and suspend service to repeat violators.

          A subscriber who has received 44 DMCA letters without Frontier suspending their service is evidence that Frontier is not abiding by their safe harbor obligations.

          The rightsholders want the identity of a person willing to make such a claim, so that person can be compelled to testify that they weren’t lying their ass off when they made that claim.

      • Chewy@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        5
        ·
        10 months ago

        Great explanation, it’s what I was hoping to write until my lemmy client crashed with the unfinished comment.

        I’m curious what would happen if some copyright holder tried to get information about a user on lemmy. Iirc only the users instance could log their IP, but almost all instances are run by volunteers, so risking a lawsuit might no be viable. Just look at what Tachiyomi devs have to go through, even though all they’re doing was and is legal.

        • BolexForSoup@kbin.social
          link
          fedilink
          arrow-up
          8
          ·
          10 months ago

          I am very much against this and totally agree. I think this could open some really dangerous doors re: internet privacy.

          Wear a VPN, folks.

    • spiderman@ani.social
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      2
      ·
      10 months ago

      even if they have our ip addresses, they can’t take any legal actions for discussing about piracy right?

      • hoshikarakitaridia@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        9
        arrow-down
        1
        ·
        edit-2
        10 months ago

        Not unless you talk about how you will commit or have committed a specific instance of piracy. E.g. “I downloaded back to the future last night from (insert website)”. Then they have reasonable suspicion and can start to subpoena.

        Obligatory IANAL. Always do research and ask in lawyer if you wanna talk specifics.

    • shalafi@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      2
      ·
      10 months ago

      I’ve always read it that action must be taken, above and beyond speech.

      Legally, a Conspiracy exists when 2 or more persons join together and form an agreement to violate the law, and then act on that agreement.

      I could argue that these users collaborated to break the law and did so, but I don’t see that being argued. Fuck I know, INAL.

      • hoshikarakitaridia@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        10 months ago

        Well in theory you are right. And if you have evidence like in the case of the 2pac murder (he literally wrote about handing the gun over so they could kill him with it), then sure. But to get a subpoena, and let’s use me as an example, you would need to prove that I talked about specifics on how I would or will pirate a stream, and then you would need to find writing of me saying something to the effect of “I did this yesterday” or “I will do this next week” or something very specific like that.

        And this is only to get the information. Then they still need to tie you to it and get enough evidence to start suing, otherwise they might not be able to prove their prima facia case.

        I know it’s scary, but the truth is we have laws to protect us from government overreach and at the same time those keep companies in check as well. Let’s not make it more dramatic than it is.

        Let’s also acknowledge that conspiracy is easy to say in theory and hard to prove in practice, specifically because you need to make sure you can inextricably link 2 defendant together and they are linked in the context of the same instance of a crime. And at that point no one would waste the resources for such a charge. They would rather chase the piracy websites to shut down a whole network for a bit, that’s more efficient. It’s easier to just serve the server providers a cease and desist and have be over with.

        Obligatory IANAL.

  • Sanctus@lemmy.world
    link
    fedilink
    English
    arrow-up
    204
    arrow-down
    2
    ·
    10 months ago

    More corporations with zero responsibility and way too much fucking power. We need regulators with teeth and we need to remove the legal hand of business from the pockets of our legislatures. I can’t believe someone actually burned down Studio Ghibli HQ before Citizen’s United was. Wtf.

    • TherouxSonfeir@lemm.ee
      link
      fedilink
      English
      arrow-up
      38
      ·
      10 months ago

      The people who are smart enough to understand that corporations need restraint are also smart enough to know that burning a single building down will do nothing but give that company an insurance check. It needs to be the people who are in the c-suite, on the board, the consulting firms, etc. it has to happen overnight and with all of them.

      • Sanctus@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        These people deal solely in the material. As soon as you start diminishing any material they own they will begin to lose their minds. They’re deathly afraid of anyone knowing their names. Its why they hide behind multiple layers of shell companies and redacted identities when they do shitty stuff like buying a lot poor families live on and gentrifying it under a surname. If direct actions against their possessions did not work they would not wear so many masks. Its only the most brazen who do not hide like Musk.

      • explodicle@local106.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        10 months ago

        The building helps a teensy bit because their premiums will go up, and so will the premiums of anyone expecting similar risks. It’s averaging out the financial risk, not eliminating it.

    • emergencyfood@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      10 months ago

      I can’t believe someone actually burned down Studio Ghibli HQ before Citizen’s United was.

      Do you mean Kyoto Animation?

      • Sanctus@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        10 months ago

        It was a few years ago I only saw one headline and it said Studio Ghibli was a victim of arson but I guess it was their animation studio.

        • emergencyfood@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          2
          ·
          10 months ago

          It was Kyoto Animation that was attacked. They have quite a few similarities in artstyle and themes to Ghibli, and you could maybe call them a spiritual successor. But neither is owned by, or a part of, the other.

          Ghibli recently released How Do You Live, probably their last film. With the last surviving founders retiring, Nippon TV will manage the studio and the museum.

  • Imgonnatrythis@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    157
    arrow-down
    1
    ·
    10 months ago

    I for one want to be in compliance. Here is my IP, I checked it in Microsoft windows so it is correct. 192.168.0.1

    Text me at that IP if I need to pay a fine or if I need to go to my local jail. Thanks guys, I’m sorry I pirated and I will re upload all the movie films that I downloaded to try to make this right.

  • Danny M@lemmy.escapebigtech.info
    link
    fedilink
    English
    arrow-up
    77
    arrow-down
    1
    ·
    edit-2
    10 months ago

    I believe that the following IP ranges

    • 103.231.144.0/24
    • 192.31.196.0/24
    • 216.176.216.0/21
    • 199.248.239.0/24
    • 192.198.30.0/24
    • 69.12.98.42

    are engaged in highly suspicious activities

    furthermore I can definitely say that I found some dirty pirates hiding at the following ip ranges:

    • 175.45.176.0/24
    • 175.45.177.0/24
    • 175.45.178.0/24
    • 175.45.179.0/24

    my research clearly shows proof that those people are not just pirates but also engaged in highly illegal activities such as stealing BILLIONS of dollars and hacking who knows how many servers, and that’s only the crimes one can talk about online.


    if you don't get the joke

    no, I didn’t share IPs that anyone here would ever have, I guarantee it, if you don’t get the joke look up “bogon routes” and then look up which ASN owns the other set.

    It looks more legit than people who use 192.168.0.0/16, 8.8.8.8, 127.0.0.1, or any other things like that because most people don’t know about those.

    Also bonus info:

    here’s a tip for you, if you’re a sysadmin just go ahead and ban those IP ranges on your machines, if you ever get packets from them it’s an attack 99.999999% of the time (I guess unless you have customers in north korea? in which case only block the first ones and all other bogon routes)

  • Teknikal@lemm.ee
    link
    fedilink
    English
    arrow-up
    63
    ·
    10 months ago

    I’ve noticed reddit has recently started shadowbanning my posts when I have a vpn active so I’d say at this point it’s probably completely unsafe to discuss anything on.

    • 13617@lemmy.world
      link
      fedilink
      English
      arrow-up
      24
      ·
      10 months ago

      Absolutely. That and the recent vpn blocking changes has made using reddit absolutely unbearable.

  • katy ✨@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    62
    arrow-down
    2
    ·
    edit-2
    10 months ago

    just remember to be honest with the police and give your real name, Robert’); DROP TABLE Prisoners;–

  • Vaggumon@lemm.ee
    link
    fedilink
    English
    arrow-up
    60
    arrow-down
    2
    ·
    10 months ago

    It’s reddit, so I’d be surprised if they don’t cave.

    • henfredemars@infosec.pub
      link
      fedilink
      English
      arrow-up
      55
      ·
      10 months ago

      Man that place. I know it’s cliche to talk about it like talking about your ex on a date, but I posted there for good reason.

      I found the solution to a rare bug that was bothering a group of people. I posted the solution, and my account was immediately banned sitewide for violating the terms of service, whatever that means.

      I thought to myself: yeah… it was a mistake coming here. Leave it to the bots to have conversations with themselves.

        • henfredemars@infosec.pub
          link
          fedilink
          English
          arrow-up
          47
          arrow-down
          1
          ·
          edit-2
          10 months ago

          It was a solution to a Lutris bug. Basically, flatpak containers can use these things called portals to gain access to specific files and directories via a file chooser rather than broad access or manually assigned access.

          In this case, my wine installation was crashing because some part of it was trying to obtain a lock on a directory object, which is an unsupported feature when accessing a directory through a portal. The error message is something completely unrelated like can’t draw window with a string of hex values. It took me a few hours to track down the real root cause.

          Oh well. Works on my machine. Also, there’s a fix on the development branch now. I made a write-up, posted it, and it’s all gone. I should have known better honestly. It works great for some people but anybody can arbitrarily receive unfair treatment with no recourse at any time. I’m satisfied knowing that eventually the fix will get out to everybody eventually. It’s just a shame I couldn’t leave a signpost behind.

  • imkali@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    43
    ·
    10 months ago

    “Why should I care about their privacy policy?” If Reddit doesn’t store this info then they can’t give it to the film studios.

  • EmperorHenry@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    40
    arrow-down
    3
    ·
    10 months ago

    You ain’t gonna get mine, you fuckers.

    Proton VPN with port forwarding turned off…Or Mullvad with quantum secure encryption…whichever you want.

    • squirrel@lemmy.blahaj.zoneOP
      link
      fedilink
      English
      arrow-up
      19
      ·
      10 months ago

      As far as I understand it, the studios are trying a different angle: They are not suing Reddit this time, but an ISP and want Reddit to provide the data of costumers of that ISP.

      • test113@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        10 months ago

        Stupid question: What’s the point behind this? Is this actually financially viable for a company in the long run? Was this an attempt to get Reddit to crack down on those subs?

        Isn’t this always a fight against windmills? i.e., you can’t fight a symptom without addressing the market as a whole?

      • Uriel238 [all pronouns]@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        10 months ago

        I think this was related to their plan before, in the case that got decided (specifically that Reddit didn’t have to reveal the IP addies of its clients), but that’s always been a problem especially if an ip address leads to a router or is dynamic at the ISP, then there’s no certainty it can be identified with a single person.

        This is how the whole twelve-strikes program was formed where big name ISPs would (hypothetically) give demerits and eventually throttle or disconnect ISP addies that were identified as engaging in infringing activity. The problem is, clients stopped wanting to pay their bills when quality deteriorated, so it’s not consistently enforced. In fact, companies that are not Comcast or Xfinity are motivated not to do anything beyond threats.

        ETA: Similarly, it’s actually to the benefit of social media websites to preserve the privacy of their clients, since incidents in which they cooperate with law enforcement reduces engagement. Google used to have a robust legal resistance to giving away personal data. It was deteriorated through enshittification, but now Google has lost enough reputation that it’s looking for ways to preserve privacy, like the new effort to constrain personal map data to devices, so Google is unable to respond to location dragnet warrants. They’re still in trouble for search-term warrants.

        (Note the map thing is not yet rolled out, so don’t use Google maps when burying your bodies.)

  • FlavoredButtHair@lemmy.world
    link
    fedilink
    English
    arrow-up
    35
    ·
    10 months ago

    Then provide better streaming options including price and service. Piracy will always win whether they like it or not.

    I’m surprised Netflix is still around at their price rate and the way they keep canceling shows. I jumped on the BF deal for Peacock, because I wasn’t gonna pay the full price.

    I only have Peacock for WWE, so everything is a bonus. But not everybody is gonna pay for 7 services monthly or yearly. Either put it all under one service or understand some of us are gonna pirate.

    Amazon prime is gonna start having ads this month, so people are gonna have to pay more for ad free on top of prime membership or pirate to avoid ads. Before we know, they’ll start putting ads in games while they load.

    • Skeezix@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      10 months ago

      WWE? Bubba, it may be cheaper to simply attend some local monster truck rallies or rodeos.