The takedown removed a small portion of the total videos I’d uploaded to a video sharing site (like DailyMotion/Vimeo/YouTube), from which I was embedding them onto my own site. The visuals were all mine, but the audio was not. It was just some short video content I made in school that happened to contain copyrighted music. I’ve never dealt with this type of thing before. There is a big difference.Ĭan anyone recommend a good offshore web host? I have a small personal site where recently some important video content was removed due to a Hollywood DMCA takedown.
Will Microsoft send an email to each customer whose privacy is being invaded by the Windows telemetry patches?īlackBerry plays a similar game with governments around the world (being the Royal Canadian Mounted Police just an example), but they missed the key point that they must convince their customers both are on the same side:Ī bit late now to convince customers they are playing on the same side.Īn old history, at most confirming a few known details about how BBM security is broken.Īpple, BlackBerry and Microsoft sell security. The sell their customers security and privacy to governments around the world for nothing while making their customers base believe their rights are safe: Now, to comply with the court order, they must spend approximately $10 million dollars to brute force the remaining bits of the key.ġ3) Offer to have talks about settling the lawsuit, but only if the company is also involved in those talks.ġ4) Hint that this could all go away for a much smaller amount, like only $100,000 especially if the target company were willing to pay.ġ5) Once they pay up, drop the lawsuit thus vacating the court order. So in this case, 128-86 yields 42, so we put the first 42 bits of the key in the file.ĩ) On the storage provided by your target company, store the encrypted data and the unencrypted second file.ġ0) Ensure that all other copies of the data and the key have been completely and utterly destroyed, but keep references to its existence.ġ1) Proceed with the lawsuit and have your co-conspirator find out about the file in discovery.ġ2) Have them obtain a court order requiring the target company render technical assistance. So let’s go with 128-bit AES for this example.ħ) Encrypt the key piece of information with it.Ĩ) Make a second file which contains notes about what algorithm is used and contains all but your target number of bits of the key. Assuming their figures were correct, then 86 bits would be the correct answer for $10 million.Ħ) Choose an encryption function which uses more bits than that. I was lazy and used a Google Doc’s spreadsheet someone else had created but they seem to have taken it down (although I’m not sure their numbers were correct because I’m not sure they account for the efficiency of doing this with GPUs instead of CPUs). We’re going to get a court order which would force them to spend this much money, so it should be large enough that they’ll want to avoid spending that much, but no so large that they can argue that it’s impossible.ĥ) Do some calculations to figure out how many bits of encryption you would need to encrypt something with for it to cost the target amount of money to break the encryption via brute force. There are likely some other companies that would work, but those are the first which come to mind.Ģ) Find a co-conspirator who is willing to sue you.ģ) Create some key piece of information which is relevant to the potential court case.Ĥ) Choose an amount of money which is quite large, but is within the potential budget of the company. For Apple or Google, you can just use OpenSSL’s command line to do the encrypting. For Microsoft you can use their BitLocker product to encrypt things. Good choices might be Apple, Google, or Microsoft.
Here’s what it looks like:ġ) Choose a company which provides any existing encryption products which don’t have backdoor and will host data for you in some form.
I was looking through it and it occurred to me that it not only requires that future encryption software be backdoored, it effectively requires that past encryption software already have been backdoored.Īs a result, if this bill were to pass, it would open up a new extortion attack against any companies which have previously offered non-backdoored encryption.
One news story is that the Burr-Feinstein Bill’s text was official released this week.